<p dir="ltr">This looks like an FAQ item :-) I'll have a look at the wiki.</p>
<div class="gmail_quote">On Oct 10, 2012 7:22 PM, "Dave Taht" <<a href="mailto:dave.taht@gmail.com">dave.taht@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Several ports are open, but filtered, using various means. Does this<br>
tool not show filtered?<br>
<br>
For example, rsync and ssh are enabled but the default settings in<br>
/etc/xinetd.conf prohibit access via any but your internal private<br>
ips.<br>
<br>
Telnet and ftp ports (not services) are enabled, but are there to<br>
trigger sensors to disable other services in the advent of an attack<br>
from inside or outside of your firewall.<br>
<br>
You can close ports more fully to the outside world via the gui,<br>
editing /etc/config/firewall and/or do finer grained access control<br>
via /etc/xinetd.conf and /etc/xinetd.d/<br>
<br>
The web port (80) defaults open, the web configuration port (81) does<br>
not. The intent here is to enable you to put up your own local web<br>
pages.<br>
<br>
See the onboard and wiki documentation for more details.<br>
<br>
Thx for trying cerowrt!<br>
<br>
On Wed, Oct 10, 2012 at 8:44 AM, Shannon Kendrick<br>
<<a href="mailto:shannon@kendrickonline.org">shannon@kendrickonline.org</a>> wrote:<br>
> What's the best resource for learning how to configure the firewall to close the ports that are open by default? I installed 3.3.8-26 "sugarland" into a brand new WNDR3800 to be used as my home router, and I immediately ran ShieldsUp!! (<a href="http://grc.com" target="_blank">grc.com</a>) and noticed open ports. However, I'm at a loss as to how to close them.<br>
> Thanks,<br>
> Shannon Kendrick<br>
> _______________________________________________<br>
> Cerowrt-devel mailing list<br>
> <a href="mailto:Cerowrt-devel@lists.bufferbloat.net">Cerowrt-devel@lists.bufferbloat.net</a><br>
> <a href="https://lists.bufferbloat.net/listinfo/cerowrt-devel" target="_blank">https://lists.bufferbloat.net/listinfo/cerowrt-devel</a><br>
<br>
<br>
<br>
--<br>
Dave Täht<br>
<br>
Fixing bufferbloat with cerowrt: <a href="http://www.teklibre.com/cerowrt/subscribe.html" target="_blank">http://www.teklibre.com/cerowrt/subscribe.html</a><br>
_______________________________________________<br>
Cerowrt-devel mailing list<br>
<a href="mailto:Cerowrt-devel@lists.bufferbloat.net">Cerowrt-devel@lists.bufferbloat.net</a><br>
<a href="https://lists.bufferbloat.net/listinfo/cerowrt-devel" target="_blank">https://lists.bufferbloat.net/listinfo/cerowrt-devel</a><br>
</blockquote></div>