[ale] How to test your public internet connection for open ports

Ron Frazier atllinuxenthinfo at c3energy.com
Fri Feb 11 23:43:55 EST 2011


Pat,

See comments in line. I've snipped what I want. I'm letting the 
discussion on the merits of stealthing die down. Thanks for your 
comments though. Here are answers to your questions.

On 02/11/2011 04:42 AM, Pat Regan wrote:

> Why would you ever need to forward a port to an unused address on your
> local subnet?  Why wouldn't you just leave the port closed?
>
>    

Disregarding the merits, here is the motive. Some home routers refuse to 
close some ports no matter what you do, like IDENT 113. I had that 
happen once. Sometimes you can forward that port to a non existent IP. 
That has the same effect as stealthing it.

> Isn't there advertising on his podcasts like all the other twit
> podcasts?
>
>    

Yes. As far as I know, that goes to cover the costs of running the twit 
network, which is Leo Laporte's gig. I don't think Steve gets any money 
from it, although I could be wrong. Even if he gets money, I have no 
problem with it. He's providing useful information.

> The only major piece of work from Steve Gibson that I know anything
> about is Spinrite.  His idea of "exercising" the drive seems like a
> sound idea.  Unfortunately there is absolutely no proof anywhere that
> this actually makes any real world difference.  There is no study to
> back this up.  "Exercising" the drive is the only feature of spinrite
> that isn't implemented in open source software.
>
> The Spinrite website makes this claim:
>
> "Since NO OTHER UTILITY analyzes the surface of a drive WHILE IT
> CONTAINS DATA, NO OTHER UTILITY can warn its user of imminent drive
> failure."
>
> I can't believe they'd make such a horribly false statement.
>    

We had a big discussion on this list recently about SpinRite, which I 
brought up. The subject was something like what kind of big hard drives 
are you having the best luck with. I jumped in and brought up SpinRite 
as a maintenance tool. It evolved into quite a discussion and got rather 
technical. Rather than rehash it here, you might want to look at that 
thread, right around the 1st of the year 2011.

As far as proof, I KNOW by experience that SpinRite recovered a failing 
drive I had that wouldn't boot in Windows enough for me to boot it, 
recover the data, and decommission it since I still didn't trust it. 
Richard Faulkner (here on the list) has also said he's had positive 
results from it. Otherwise, Steve has testimonials from happy users on 
every podcast, which seem totally legitimate.

SpinRite is about 20 years old. So, that text on the website may be that 
old. It was probably true back then, even if it's not now. Also, I 
believe SpinRite still is the only utility that will read the data from 
the drive, sector by sector, then invert it, write it back, read it, 
invert it, write it back to refresh all the magnetic fields on the disk 
- all while not destroying the data. Almost all other analysis systems 
do only a read analyisis, which is not nearly as comprehensive, and 
doesn't refresh the magnetic fields.

> A few messages back you stated that you had a reason to require three
> layers of NAT on your home network but I didn't see why in the
> message.  I was hoping you could explain.
>    

My network setup is thus:

inner router --> middle router --> outer router --> cable modem
192.168.81.1 192.168.83.1 192.168.80.1

I log into the middle router with several PC's. My Son does also, and my 
BluRay DVD player. I have a shared printer on it. My wife logs into the 
inner router with her work computer and VPN's out to her work when she's 
at home. I put her on a different subnet and behind a different router 
because I wanted her behind another firewall in case a virus got loose 
on my middle network. Therefore, her computer would be less likely to be 
attacked by the virus. The middle router has an anomaly in that there is 
one port that it holds closed and not stealthed. My motive for using the 
outer router, is that I know it stealths all the ports, so it serves as 
the firewall at the outside edge of my network.

Sincerely,

Ron

> Pat
>    

-- 

(PS - If you email me and don't get a quick response, you might want to
call on the phone.  I get about 300 emails per day from alternate energy
mailing lists and such.  I don't always see new messages very quickly.)

Ron Frazier

770-205-9422 (O)   Leave a message.
linuxdude AT c3energy.com



More information about the Ale mailing list