Notices

Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

vulnerability in D-link 604 ??

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 10-18-04, 03:05 PM Thread Starter   #1
julian
Registered



Join Date: Dec 2003
Location: madrid

 
vulnerability in D-link 604 ??


Hello,

I am running this router in connection to my broadband ISP. However I run sygate in my main computer as a soft firewall. From time to time I get the following warning as detailed below where an external computer manages to connect to my computer via the DI-604

I have NAT, no DMZ, not virtual servers etc etc.... no ping from WAN... that is, pretty tight. Only my IDENT and WEB ports seems to be exposed (visible ) from the exterior. I have tested with various network security web portals...



Thanks.

JCG



DI-604 Firmware Version: V3.04, Wed, Jan 14 2004

File Version : 5.00.2195.6902
File Description : NT Kernel & System (ntoskrnl.exe)
File Path : E:\WINNT\system32\ntoskrnl.exe
Process ID : 0x8 (Heximal) 8 (Decimal)
Connection origin : remote initiated
Protocol : TCP
Local Address : 192.168.0.167
Local Port : 2608 (WAG-SERVICE - Wag Service)
Remote Name :
Remote Address : 82.121.127.64
Remote Port : 1871
Ethernet packet details:
Ethernet II (Packet Length: 1474)
Destination: 00-0c-76-ad-2b-ac
Source: 00-0d-88-e8-68-59
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 112
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x276f (Correct)
Source: 82.121.127.64
Destination: 192.168.0.167
Transmission Control Protocol (TCP)
Source port: 1871
Destination port: 2608
Sequence number: 3305783695
Acknowledgment number: 456799219
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0x6102 (Correct)
Data (1420 Bytes)
Binary dump of the packet:
0000: 00 0C 76 AD 2B AC 00 0D : 88 E8 68 59 08 00 45 60 | ..v.+.....hY..E`
0010: 05 B4 02 B4 40 00 70 06 : 6F 27 52 79 7F 40 C0 A8 | ....@.p.o'Ry.@..
0020: 00 A7 07 4F 0A 30 C5 0A : 41 8F 1B 3A 33 F3 50 10 | ...O.0..A..:3.P.
0030: FE 6E 02 61 00 00 13 97 : 6B E2 42 70 F4 94 C2 84 | .n.a....k.Bp....
0040: 09 AC 01 8E 00 5E 60 BA : 84 D3 F9 E0 00 13 05 33 | .....^`........3
0050: F9 89 71 18 F8 60 27 1E : 13 B1 99 55 C5 4A B5 94 | ..q..`'....U.J..
0060: AC 60 1A 58 E2 FA 00 14 : 71 14 D9 0A 01 5B 4E 1E | .`.X....q....[N.
0070: 82 4B F9 85 0B A7 14 00 : 98 F1 71 2A 95 99 96 15 | .K........q*....
0080: CB F4 00 0B 28 03 85 75 : 20 B2 91 12 96 9A B5 F2 | ....(..u .......
0090: 72 D3 0D 84 91 B4 90 17 : D0 AC 3A 26 25 AB E8 EF | r.........:&%...
00A0: 25 58 09 80 E0 81 9F 86 : 05 81 00 1A 7F FF FF F1 | %X..............
00B0: 74 7C 4E 16 1D 11 6B E7 : 29 04 AA 1C EE CD F8 0E | t|N...k.).......
00C0: 58 BA B8 41 58 40 46 90 : 92 84 3B 05 0B 19 62 F1 | X..AX@F...;...b.
00D0: 3C 3A 4F BA EA 46 90 01 : 4C 2D 30 BE 93 D6 3D 8C | <:O..F..L-0...=.
00E0: 28 1A 03 0F 4B F1 56 E7 : D0 32 B7 56 3D 8D E1 66 | (...K.V..2.V=..f
00F0: 40 A2 C7 B5 D4 51 EC 41 : 37 C9 3F 0B CA 19 28 A7 | @....Q.A7.?...(.
0100: FF FE 8D 8E 3C 81 60 75 : 20 95 70 AD E1 C9 63 2A | ....<.`u .p...c*
0110: 22 B1 FA 10 B5 22 71 11 : AF 73 99 42 FE 14 4A A5 | "...."q..s.B..J.
0120: 5C 5C 01 BD 2C E3 E5 84 : 61 6C C4 B9 61 43 BF F0 | \\..,...al..aC..
0130: 57 50 2A 12 82 C4 91 26 : 25 56 DF 20 5D 12 D8 02 | WP*....&%V. ]...
0140: 7F 4E 95 51 76 05 7D A8 : CA C3 D7 2C 7B A8 DA 84 | .N.Qv.}....,{...
0150: 03 55 D4 23 40 AA 2E 53 : 8F 3F 5E 65 A0 BC 55 62 | .U.#@..S.?^e..Ub
0160: D0 58 C1 11 28 18 4A C4 : C7 F4 BC 8C 64 A0 3D 00 | .X..(.J.....d.=.
0170: 35 64 20 03 41 B8 6F DB : D7 FE 22 02 2B F1 42 63 | 5d .A.o...".+.Bc
0180: 81 30 62 02 22 38 03 27 : 14 9B 48 69 2A 3A 65 47 | .0b."8.'..Hi*:eG
0190: 5C 5F A1 0E 68 CB 7E 81 : 2C 44 42 49 2C A1 CD 48 | \_..h.~.,DBI,..H
01A0: 5B 03 B1 15 C5 DC 49 DC : 6A 41 09 AE 41 81 13 42 | [.....I.jA..A..B
01B0: 13 6A 84 40 60 E0 1E AA : CC 00 5D 2C 8D DC 1B B9 | .j.@`.....],....
01C0: 12 7E 40 3D 2F A3 71 38 : 20 7C EB 16 12 40 20 2F | .~@=/.q8 |...@ /
01D0: 1C 1D FF FF D4 AB 34 7B : 13 D3 27 99 D2 9C E3 E2 | ......4{..'.....
01E0: 29 90 20 00 05 5E FF C9 : 7E 86 43 0E CE 20 63 02 | ). ..^..~.C.. c.
01F0: 6A E5 CB 60 A5 20 48 7A : 86 61 40 0F B7 93 47 4E | j..`. Hz.a@...GN
0200: 99 2B 62 3C 94 D5 35 D5 : B0 52 B8 08 A0 E2 83 9C | .+b<..5..R......
0210: 52 9B 34 65 18 C2 28 D9 : D0 62 86 C7 78 B0 3A C7 | R.4e..(..b..x.:.
0220: 5C 4C 83 F8 6A 72 F1 47 : 86 41 65 71 C4 87 FA C7 | \L..jr.G.Aeq....
0230: F1 07 27 F8 48 F3 0C 45 : BF FF FF F8 CB D1 0C D6 | ..'.H..E........
0240: 49 7A 22 9B 76 89 75 CB : FF E6 31 1C 4B F8 28 01 | Iz".v.u...1.K.(.
0250: 14 51 CB A4 00 09 59 F3 : 57 3E 8C 00 E2 61 50 51 | .Q....Y.W>...aPQ
0260: 01 70 4C A1 42 72 82 97 : 7F AE 70 00 85 15 90 29 | .pL.Br....p....)
0270: 56 A8 9C 2A 0B FC 2B D7 : 59 61 4A 6C 95 88 4F 63 | V..*..+.YaJl..Oc
0280: 3A DC 0C 6A C2 B5 55 85 : 74 6C CB 29 5C 70 C3 B1 | :..j..U.tl.)\p..
0290: 13 00 95 22 9C 0D 44 09 : C4 20 0A 0A 73 14 0B 00 | ..."..D.. ..s...
02A0: 02 0B F5 33 06 71 02 B2 : 14 BF FF FF FF DE 9B E8 | ...3.q..........
02B0: C2 60 87 17 AC 3B 0F E0 : A4 40 16 F4 54 00 7D 58 | .`...;...@..T.}X
02C0: 56 48 62 25 52 E3 7C 50 : 02 28 2C C9 C6 F2 EB 08 | VHb%R.|P.(,.....
02D0: 00 C2 27 1A 41 1D C4 0F : 45 48 92 8C 46 CB F1 BF | ..'.A...EH..F...
02E0: 42 1F D0 14 8D 71 77 74 : 55 0B 18 2C 69 87 57 52 | B....qwtU..,i.WR
02F0: 2E 66 16 04 01 F3 E4 C2 : F9 AB F2 40 31 97 E9 2D | .f.........@1..-
0300: E0 08 04 C5 A8 B1 24 37 : 57 29 A2 81 50 88 11 3D | ......$7W)..P..=
0310: 89 2A C7 2E 40 49 48 11 : C8 47 D7 0F 1C FF EF A0 | .*..@IH..G......
0320: 7F FF F8 B3 82 29 99 2F : 45 0B AA 63 A1 4F 88 7A | .....)./E..c.O.z
0330: 3E A4 E7 2C 94 10 77 56 : 70 00 02 AA 2E E3 A1 40 | >..,..wVp......@
0340: 0F 94 3F 98 17 13 40 89 : 42 92 8A 4D FD A8 5D 4C | ..?...@.B..M..]L
0350: 20 25 E8 9F 97 13 97 E4 : 85 A1 60 F3 D2 43 FC D0 | %........`..C..
0360: 88 81 D2 78 30 48 1A E7 : 84 04 F3 04 68 76 16 B4 | ...x0H......hv..
0370: AA 33 06 DE F5 A8 FF A0 : 08 80 ED AF FF FF 80 30 | .3.............0
0380: 31 77 62 72 02 00 00 FF : FB B0 64 18 88 05 17 68 | 1wbr......d....h
0390: D5 D3 06 4B 72 63 E7 DA : 6C 61 22 6C 13 8D A1 59 | ...Krc..la"l...Y
03A0: 47 B1 24 C9 EC B4 6B 34 : F2 A6 B8 07 40 C2 AE 5A | G.$...k4....@..Z
03B0: 19 BA E5 02 5E B6 9C B7 : 67 2E 28 D8 93 6D ED C1 | ....^...g.(..m..
03C0: 6C A5 A1 BA B3 D2 BF B9 : B9 0C 94 A7 E0 BA 23 AC | l.............#.
03D0: C4 91 3B 84 2B 52 9C E4 : 56 E1 2C C8 A0 AA 6B 56 | ..;.+R..V.,...kV
03E0: C4 F5 47 E2 ED 69 7A 79 : 22 F2 BD BA 4E BC 94 43 | ..G..izy"...N..C
03F0: 32 07 23 E9 10 32 B7 0D : 28 80 90 81 34 E2 9C 42 | 2.#..2..(...4..B
0400: 62 80 A0 94 1A 30 5D 9A : 1A 46 4F 01 59 B0 21 22 | b....0]..FO.Y.!"
0410: 16 88 E4 A4 27 34 02 C2 : B9 08 BF 43 74 01 03 00 | ....'4.....Ct...
0420: 41 5C 00 05 F2 AE 80 8E : 45 36 E8 AA 0F EB 9F 81 | A\......E6......
0430: 20 D3 65 0B D9 73 FD 0E : A8 20 40 B0 31 32 A0 9A | .e..s... @.12..
0440: 28 44 0D A2 18 E4 90 93 : 92 5C C1 8F B2 60 84 B9 | (D.......\...`..
0450: D4 C0 89 19 22 58 63 9C : 34 C8 59 0E 8E B7 F2 2B | ...."Xc.4.Y....+
0460: 91 54 CD 5A 97 77 F6 FF : B7 F5 53 11 E6 64 A6 E1 | .T.Z.w....S..d..
0470: 54 20 E1 25 9F ED D9 FF : EB 7C 3F A1 1F FC D2 9E | T .%.....|?.....
0480: 4E 57 6E 28 D0 08 14 42 : A0 85 99 61 DC A0 0D C9 | NWn(...B...a....
0490: E5 70 38 47 8D 48 76 6C : 80 36 93 63 CD D6 EA 0A | .p8G.Hvl.6.c....
04A0: 12 02 04 44 99 35 DB 81 : 64 24 B8 CE 1F 25 DD 5E | ...D.5..d$...%.^
04B0: 48 B8 A5 01 42 C8 A3 9F : CF 65 26 C7 94 B3 26 54 | H...B....e&...&T
04C0: 72 89 B7 3D C2 33 27 13 : 41 0E B2 8D 1A 9F AC 32 | r..=.3'.A......2
04D0: 48 81 E9 C1 0E 43 15 26 : 4E DE 6A 1B 6B F8 CD A4 | H....C.&N.j.k...
04E0: F8 BB A3 9F EE DD D6 6B : B6 73 C4 F2 5D 9D BA 95 | .......k.s..]...
04F0: DC BC 5B 6B AF B0 95 52 : 2D D5 13 AB 74 E9 58 21 | ..[k...R-...t.X!
0500: 49 BE 4B 36 CC AE 46 C5 : 75 24 23 81 75 F5 95 E2 | I.K6..F.u$#.u...
0510: A4 59 72 26 CE 29 BF 2E : CA ED BE 41 CC 80 00 80 | .Yr&.).....A....
0520: 02 02 0B 60 36 A2 8C BD : 3F 4E 12 C6 C7 2C 93 03 | ...`6...?N...,..
0530: D9 39 1D 27 B7 F3 E3 51 : F7 99 5C E9 F5 12 36 B6 | .9.'...Q..\...6.
0540: D3 C8 50 42 8A 0A BA BB : 3D CE 56 A6 C8 51 37 79 | ..PB....=.V..Q7y
0550: 8C 92 B0 C2 20 B8 B3 B8 : D0 FB 33 B3 51 1D DD 08 | .... .....3.Q...
0560: 21 14 22 1C 9F FF FF FF : FF FF FF CB 58 A1 9A 40 | !.".........X..@
0570: E7 DA 26 8A C1 22 73 93 : 93 66 13 44 56 8F C2 E4 | ..&.."s..f.DV...
0580: E3 C6 90 0A 0F AF 19 D8 : 51 71 84 18 D1 4D 3B B7 | ........Qq...M;.
0590: A8 50 2E 8F 23 BF 12 A6 : D5 04 44 81 3B 08 40 09 | .P..#.....D.;.@.
05A0: 05 28 3E 94 A0 18 F1 08 : 3F 5E B8 AD 65 00 FB 0A | .(>.....?^..e...
05B0: 17 97 0A EA C9 59 E9 C4 : A1 27 8C FC 94 94 71 48 | .....Y...'....qH
05C0: 31 29 : | 1)
julian is offline   QUOTE Thanks
Old 10-18-04, 04:28 PM   #2
Tebore
Member

 
Tebore's Avatar 

Join Date: Aug 2001
Location: Toronto,Canada(I can see you....)

10 Year Badge
 
If you read a description about those ports at GRC you'll find that most routers don't stealth them. This is because most Email programs use them and the router doesn't want to **** off the customer. Smart firewalls and routers will adaptively stealth them, I know Linksys recently had a firmware update that did that.

__________________
UMPC:
Asus EEE 701(4G)
Laptops:
Lenovo T60p
Servers:
IBM XServ
Heatware
Tebore is offline   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 05:44 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?