This is driving me crazy - why is my router still STEALTHED?

I am trying to test some settings on my router that allow certain
ports (e.g. 139) to be open for inbound traffic - via port forwarding.

For that, I use a port scan service like ShieldsUp on www.grc.com or
auditmypc.com.

However, no matter what I do (I even did port forwarding on ALL ports
to my test PC (running XP with its firewall turned off), the test
results always show ALL ports as stealthed.

Internally (in my LAN) I used a Linux port scanner to verify that my
test PC indeed has at least ports 135, 139 and 445 open. They are
definitely open on the test PC.

I also temporarily configured my router to set the test PC as a DMZ
(on my NETGEAR router it is call "Default DMZ Server") - and indeed
the www.grc.com test showed those ports as open.

However, I don't understand what is the difference between this
"officially labeled" DMZ setting to port forwarding of ALL the ports.
Could someone please help me understand this?

For example, is it possible that a DMZ server is being skipped the NAT
done by the router? (despite it retaining the internal LAN address?)

Thanks,
Alex

Re: This is driving me crazy - why is my router still STEALTHED?

On Nov 27, 10:55 am, xp_new...@yahoo.com wrote:
> I am trying to test some settings on my router that allow certain
> ports (e.g. 139) to be open for inbound traffic - via port forwarding.
>
> For that, I use a port scan service like ShieldsUp onwww.grc.comor
> auditmypc.com.
>
> However, no matter what I do (I even did port forwarding on ALL ports
> to my test PC (running XP with its firewall turned off), the test
> results always show ALL ports as stealthed.
>
> Internally (in my LAN) I used a Linux port scanner to verify that my
> test PC indeed has at least ports 135, 139 and 445 open. They are
> definitely open on the test PC.
>
> I also temporarily configured my router to set the test PC as a DMZ
> (on my NETGEAR router it is call "Default DMZ Server") - and indeed
> thewww.grc.comtest showed those ports as open.
>
> However, I don't understand what is the difference between this
> "officially labeled" DMZ setting to port forwarding of ALL the ports.
> Could someone please help me understand this?
>
> For example, is it possible that a DMZ server is being skipped the NAT
> done by the router? (despite it retaining the internal LAN address?)
>

OK - things start making more sense right now: instead of forwarding
ALL ports (0..65535) to my test PC, I enabled only 135..445. That
effectively made my test PC apear as unstealthed (in ports 139 and
445) to the www.grc.com test.

This confirms my understanding that DMZ is nothing more than port
forwarding to all usable ports (except for port 0 or some other
strange ones like 8 (ICMP)).

Or did I get it completely wrong?

Thanks,
Alex

Re: This is driving me crazy - why is my router still STEALTHED?

xp_newbie@yahoo.com wrote:
> On Nov 27, 10:55 am, xp_new...@yahoo.com wrote:
>> I am trying to test some settings on my router that allow certain
>> ports (e.g. 139) to be open for inbound traffic - via port forwarding.
>>
>> For that, I use a port scan service like ShieldsUp onwww.grc.comor
>> auditmypc.com.
>>
>> However, no matter what I do (I even did port forwarding on ALL ports
>> to my test PC (running XP with its firewall turned off), the test
>> results always show ALL ports as stealthed.
>>
>> Internally (in my LAN) I used a Linux port scanner to verify that my
>> test PC indeed has at least ports 135, 139 and 445 open. They are
>> definitely open on the test PC.
>>
>> I also temporarily configured my router to set the test PC as a DMZ
>> (on my NETGEAR router it is call "Default DMZ Server") - and indeed
>> thewww.grc.comtest showed those ports as open.
>>
>> However, I don't understand what is the difference between this
>> "officially labeled" DMZ setting to port forwarding of ALL the ports.
>> Could someone please help me understand this?
>>
>> For example, is it possible that a DMZ server is being skipped the NAT
>> done by the router? (despite it retaining the internal LAN address?)
>>
>
> OK - things start making more sense right now: instead of forwarding
> ALL ports (0..65535) to my test PC, I enabled only 135..445. That
> effectively made my test PC apear as unstealthed (in ports 139 and
> 445) to the www.grc.com test.
>
> This confirms my understanding that DMZ is nothing more than port
> forwarding to all usable ports (except for port 0 or some other
> strange ones like 8 (ICMP)).
>
> Or did I get it completely wrong?
>
> Thanks,
> Alex
>

lol,

You got it partially correct, with the exception that "Port Forwarding"
and DMZ can be used together, with Port Forwarding taking precedence on
which ports are forwarded, and the rest going to the DMZ.

Re: This is driving me crazy - why is my router still STEALTHED?

Post removed (X-No-Archive: yes)