Blocking port 113 in shorewall – PCLinuxOS default firewall.

Hi all.

I was using GRC.com Shields Up – Internet Vulnerability Profiling tool to verify are all of my ports in stealth mode and I have failed with port 113. When setting up my firewall I chose all the ports to be closed and they were indeed however Shields Up was showing this port as closed and yet responding to the “knocking”. I blocked PING / ICMP requests and still – same story.

I found a solution.

Open console and log in as root using su command. Then using Your favorite file editor (vi, mcedit, joe etc…) edit the file /etc/shorewall/rules and add this line:

DROP net fw tcp 113

so it looks like this:

#
# Shorewall version 4 - Rules File
#
# For information on the settings in this file, type "man shorewall-rules"
#
# The manpage is also online at
# http://www.shorewall.net/manpages/shorewall-rules.html
#
####################################################################################################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
#SECTION ESTABLISHED
#SECTION RELATED
INCLUDE rules.drakx
DROP net fw tcp 113
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Save the file and run this command:

service shorewall restart

and re-test Your firewall with Shields Up again. If You are lucky You should see something like this:

Stealth mode.

Btw. Thanks to Mr. Steve Gibson for such a powerful tool!

Andy

Advertisements