PPTP port and Emule.

Hello, first let me thank you for this amazing software, i just love it!

First my setup, XP sp2 - PPTP tunnel to the DSL modem (10.0.0.138), from there as far as i get it its PPPOA to the ISP.

I followed the guide in the FAQ for creating the Emule rules, since i use random ports i allowed ll ports, it all works fine. testing via security-space no risk audit, it found my PPTP port (1723) is leaking info:

pptp (1723/tcp) A PPTP server is running on this port Firmware Revision:2600 Host name: Vendor string:Microsoft Windows NT

I modified my rule to exclude port 1723. now it reads as follows:

Allow TCP/UDP in Any IP to any IP Any source port - Destination is NOT port 1723.

This seems to solve the port being exposed. is this rule correct? should i create a separate rule for blocking the PPTP port? do i need to integrate the modem IP?

Welcome to the forum.
Hmmm… don’t know if I’m tired, but it sounds like you’re allowing everything in… that’s not good…
By default everything is blocked IN…
You have to open up ports to use P2P/Torrent, a server or similar.
Are you sure that it was your IP that got scanned?
Go to start/run and type cmd, click ok, type ipconfig /all and see what IP you get.
Go to the site and see if it shows that IP when you scan.

Hi drob,

AOwl is right, with that rule you are basically allowing everything in except on port 1723. Delete that rule ASAP because if you don’t you only have half a firewall running - i’m sure nobody needs to lecture you on why thats a bad thing ;D So, if you want to block inbound on that port then this is the rule you need:

Action: Block*
Protocol: TCP/UDP
Direction: In
Source IP: Any
Destination IP: IP Range 10.0.0.1 - 10.0.0.255 (if this is your network range)
Source Port: Any
Destination Port: 1723

*Optionally you can select Block & Log so you can see when inbound attempts are being made towards port 1723 and from where.

Then you will need to explicitly allow inbound port connections so emule can work. I don’t know what ports emule uses, so i can give you the gist of the rule without the exact ports:

Action: Allow
Protocol: TCP/UDP
Direction: IN
Source IP: Any
Destination IP: YOUR IP / NETWORK IP RANGE (Your choice)
Source Port: Any
Destination Port: ENTER THE EMULE PORT HERE

Using random ports is impossible, it’s a CPF design limitation. Use fixed ones.

Thanks for your replies;
I thought the same thing, hey i am allowing everything in, but every test i did show me stealthed, so i am guessing that traffic is first processed by the network rules, then the apps rules, hence if something is allowed in it then get screened only to emule. And yes it is my IP. So am i still at risk, should i limit it to two specific ports only?