Menu
What's new
By:
Filters Better Search

(solved) Block port 389 in ACL

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

GikaH

GikaH

New Around Here
Hi!

I've been attacked (DDOS etc) I'm looking for possibility to block port 389 (used by LDAP). After researching this a little in web I found that there is only a guide for Cisco routers etc.

So I checked whole RT-AC87U GUI but found nothing.
After that I just added a firewall rule to filter 389 port there, but when I checking this port on my IP i can see:
Host is up.
PORT STATE SERVICE
389/tcp filtered ldap

So it's not closed just filtered.

Is there an option to close (not just filter) this particular port on Asus router? Can be SSH/Telnet/Web.

Thanks for reply!
 
You don't need to do anything. All incoming ports are blocked by default.

The nmap result of "filtered" is what you want. It means that there was no response from that port so nmap can't determine whether there's anything there or not. A response of "closed" would mean that your router had actually replied to the probe with "I'm closed at the moment", which is not what you want.
 
This reputable site can scan your ports to see how they respond:
https://www.grc.com/x/ne.dll?bh0bkyd2

Here is the text summary from scanning my port 389:

GRC Port Authority Report created on UTC: 2018-08-21 at 16:21:00

Results from probe of port: 389

0 Ports Open
0 Ports Closed
1 Ports Stealth
---------------------
1 Ports Tested

THE PORT tested was found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

OE
 
Thank you ColinTaylor and OzarkEdge for answers.
I asked for these, because after DoS attack some guy in ISP support center told me that 389 port should be "closed" in my environment.

I checked my IP on page provided by OzarkEdge and whole ports are in "Stealth" mode so I'm very glad :)

Thank you again - it's solved.
 
You must log in or register to reply here.

Similar threads

R
Asus WifiPro ET12 & AsusWRT advice sought
Replies
4
Views
2K
rappel
R
RMerlin
  • Locked
Beta Asuswrt-Merlin 388.1 Beta is available for select models
44 45 46
Replies
900
Views
207K
RMerlin
RMerlin
S
[Solved] Transmission port 50143 closed, download speed is slow
Replies
2
Views
4K
Salles
S
S
I’m terrified and am so hoping someone can help me
2
Replies
30
Views
6K
Sky
Sky
RMerlin
  • Locked
  • Sticky
[FAQ] READ ME FIRST before posting a question
Replies
2
Views
91K
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
V How to block YouTube - Router Asus GT-BE98 - Firmware version 3.0.0.6.102_34372 ASUSWRT - Official 9
J VPN conFusion - Internet block ASUSWRT - Official 3
G How to block certain DNS sites specifically Samsung to avoid update pushes ASUSWRT - Official 15
D AImesh anyway to block client from node? ASUSWRT - Official 29
G [RT-N66U] - Repeater Mode - LAN-Port: no Internet Access ASUSWRT - Official 4
P Port Forwarding stops working after adding addional AiMesh node ASUSWRT - Official 1
Q VPN Fusion and firewall/port forwarding ASUSWRT - Official 0

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 727 (members: 31, guests: 696)
Top