Banda Ancha EU

Comunidad de usuarios
de fibra, móvil y ADSL

ADSL

¿como cerrar puertos en modo invisible ("stealth") en vez de "cerrado"?

BocaDePez
BocaDePez

¿Es posible cerrar puertos en modo invisible ("stealth") por defecto en vez de "cerrado"? He estado trasteando con la contraseña "admin" e incluso he descomprimido el firmware pero no he podido averiguar como hacerlo. ¿Alguien lo sabe?

BocaDePez
BocaDePez

Despues de mucho trastear logré entrar en busybox con telnet. ¿Alguien sabe modificar iptables?

telnet 192.168.0.1
Login:admin
Password:OHRG2OHR
sh

iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:ftp
DROP tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT udp -- anywhere anywhere udp dpts:50000:50020
ACCEPT udp -- anywhere anywhere udp dpt:6050
ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:30006
DROP tcp -- anywhere anywhere tcp spt:tproxy
INPUT_SECTELNET tcp -- anywhere anywhere tcp dpt:telnet
ACCEPT udp -- anywhere anywhere udp dpt:snmp
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:www
INPUT_SECTELNET tcp -- anywhere anywhere tcp dpt:telnet
ACCEPT udp -- anywhere anywhere udp dpt:snmp
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:www
INPUT_SECDOS all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc
ACCEPT udp -- anywhere anywhere udp dpt:500
ACCEPT esp -- anywhere anywhere
ACCEPT !esp -- anywhere anywhere MARK match 0x10000000/0x10000000
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc
ACCEPT udp -- anywhere anywhere udp dpt:500
ACCEPT esp -- anywhere anywhere
ACCEPT !esp -- anywhere anywhere MARK match 0x10000000/0x10000000
INPUT_SECTELNET tcp -- anywhere anywhere tcp spt:tproxy
DROP tcp -- anywhere anywhere tcp dpt:135
DROP tcp -- anywhere anywhere tcp dpt:netbios-ns
DROP tcp -- anywhere anywhere tcp dpt:netbios-dgm
DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:445
INPUT_SECTELNET tcp -- anywhere anywhere tcp spt:tproxy
DROP tcp -- anywhere anywhere tcp dpt:135
DROP tcp -- anywhere anywhere tcp dpt:netbios-ns
DROP tcp -- anywhere anywhere tcp dpt:netbios-dgm
DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:445

Chain FORWARD (policy ACCEPT)
target prot opt source destination
INPUT_SECDOS all -- anywhere anywhere
FORWARD_SECFW all -- anywhere anywhere
INPUT_SECURLBLK all -- anywhere anywhere
FORWARD_UTILITY all -- anywhere anywhere
FORWARD_IN all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD_IN (1 references)
target prot opt source destination
ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:30006
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT !esp -- anywhere anywhere MARK match 0x10000000/0x10000000
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT !esp -- anywhere anywhere MARK match 0x10000000/0x10000000

Chain FORWARD_SECFW (1 references)
target prot opt source destination

Chain FORWARD_UTILITY (1 references)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS set 1412
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS set 1412
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS set 1412
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS set 1412

Chain INPUT_SECDOS (2 references)
target prot opt source destination

Chain INPUT_SECTELNET (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere source IP range xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx
ACCEPT all -- anywhere anywhere source IP range xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
ACCEPT all -- anywhere anywhere source IP range xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
DROP all -- anywhere anywhere

Chain INPUT_SECURLBLK (1 references)
target prot opt source destination

Chain INPUT_SECURLBLK_ADVANCE (0 references)
target prot opt source destination