Unable to stealth port 1720

I was wondering if someone could help. I seem to be unable stealth port 1720. I’ve tried to use the custom global rules but I must be doing something wrong when I create the rule. It even shows up open when i choose to use stealth ports wizard to make all ports stealth by default. it still remains open. would someone be able to tell me what settings to have it on and how to create the rule? thank u

Do you have a router, if so, the test is checking the ports on the router, not the firewall.

No, im just using a wi fi USB modem. no router

May be it is on the ISP’s side. Can you see what IP address your computer gets? I am interested to know if it in a private range (10.0.0.0 -10.255.255.255 or 192.168.0.0 - 192.168.255.255 or 172.16.0.0 - 172.31.255.255) or not.

When it is not in one of the above ranges you are getting a public IP address. If the IP address is in a private range the non stealth port is on the ISP’s router.

Oh, okay, cheers. I used this program that gives info about your network. the i.p changes everytime i log off the net and reconnect. so this is what it read:

Network
You are connected to the internet
Connected through HUAWEI Mobile Connect - 3G Network Card
IP Address 118.148.167.64
External IP Address 118.148.167.64
Adapter Type Unknown
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet

Can you show us what the ipconfig command tells?

One thought, TCP over port 1720 is one of the ports used to support h 323 (Voice over IP amongst other things). As your ISP is also a mobile phone supplier, it may provide some insight…

Learned something new today. :slight_smile:

Oh okay, so maybe you think its has to be open? Or maybe it just apears open to me but the I.S.P is blocking it anyway?

[attachment deleted by admin]

Difficult to know for sure unless you make a call to your ISP and ask. I can’t seem to find out much about your 3G card, it seems HUAWEI sell these to third-parties, such as ISPs and they’re free to put what ever software they want in SIM.

Right now, unless you are running some software that makes use of this port, such as Netmeeting or something similar, I’d create a global rule to block inbound TCP on port 1720. This won’t make the port stealth, but it will close it, at least on your end. Alternatively, create the global rules you need for inbound connections and create a final rule that blocks IP in from anywhere.

Yeah, the problem is for me that even when i create custom rule to block that port it still shows up as open so im thinking i must be doing something wrong in creating the rule maybe, im not sure.

May I ask how you’re evaluating the state of the port, I assume you’re using some online test, such as shields-up? Also, would you mind attaching a screen shot of the rules you’ve created to deal with this.

In addition, would you post the results of a netstat -anob (run this from the command prompt)

Yeah, I’m using the shields up website. I’m just keeping the firewall settings on safe mode for the time being because it doesn’t seem to make much difference as I can’t get that global rule for port 1720 to work using the custom settings but it looks like this when i did try use it i wasn’t to sure about the netstat thing but I think i got the right screen shots.

[attachment deleted by admin]

The rule you’ve created is correct and should block inbound connections to that port for TCP. However, looking at the results of the netstat, it would appear that your PC is not listening on that port, which suggests it is indeed an open port on a router belonging to your ISP. If this is indeed the situation, no amount of configuration in the firewall will show the post as closed.

Here are a few things to check:

  1. When you run a test at shields-up, is the ip address reported the same as your current ip address?
  2. Open a command prompt and type tracert www.google. com. the first few entries in the list will belong to your ISP, one or more of them will be router addresses. If you can find the ip address of the last entry for your ISP, you may be able to test for open ports. (it will probably still have a 118.148.. address)
  3. Go to Open Port Check Tool - Test Port Forwarding on Your Router and enter the ip address found above and the port number.

This test is not perfect and may not be conclusive, for that you’d need to ask your ISP.

Okay, thanks for the help. Yeah the I.P. is the same when I check it and then check it on Shields up. I did what you said and it does appear to be closed when I check it on that site. I think I did it properly I used the last .co.nz I.P. So i guess it’s possible my ISP is blocking it but it shows up open on shields up? I guess it would be wise to ask them then. Are there any other ports I should block in global rules or are all of them usually blocked when the stealth ports wizzard is set on the 3rd option? Thanks.

[attachment deleted by admin]

If you’ve used the stealth ports wizard, with the third option, ‘Block all incoming connections and make my ports stealth for everyone’ you don’t need to add individual block rules, as there is a single ‘Block IP IN’ as the last rule. Basically, all traffic is allowed out and with the exception of two important ICMP types, all inbound traffic is blocked.