Are Your Router Shields Up?

Part of my house move has involved putting my office back together. For some reason, my Belkin Wireless Pre-N Router has gone south. It’s been a great router for the year or so I’ve had it, blasting wireless through the cob walls of our old house. Cob is like a British version of adobe – chalk, mud, manure, horsehair. Don’t worry. It looks normal once you have a good coat of lime render over it and stands up well. Our old house was nearly 200 years old, and this is despite the English rain.

Back to my router, I purchased a new one just to get things up and running. Belkin’s got a lifetime guarantee on these things, so I’ll see about getting the old one fixed and maybe use it for an additional access point, to help ensure I’m getting wireless out everywhere in our new house. No cob walls this time, but they’re still plenty thick.

Back to the point of my post, how’s the router doing to keep me secure? I quickly made a few changes based on how I remembering configuring the old router, but I wanted to make sure it was all going well. So off I went to Shields Up.

Part of my house move has involved putting my office back together. For some reason, my Belkin Wireless Pre-N Router has gone south. It’s been a great router for the year or so I’ve had it, blasting wireless through the cob walls of our old house. Cob is like a British version of adobe – chalk, mud, manure,

I came across Shields Up about three years ago, when I used to get broadband through a completely wireless connection that a small firm set up for local villages in our area, back before BT finally upgraded our exchanges. The company used Shields Up to ensure I was secure. From Gibson Research, it lets you easily run a number of tests to see how safe you are, all for free.

I’m doing pretty well. My BT Voyager 205 DSL router has some firewall stuff switched on (or so I thought; see more below), then it goes into the wireless router with its own firewall, then I have my software firewall ZoneAlarm going. I suppose I might have some conflicts or slowness happening with all these firewalls. If so, I don’t notice. What I love is seeing Shields Up tell me things like this:

Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

But I’m not completely secure. Despite enabling the Block ICMP Ping option on the Belkin router, Shields Up said it got some replies:

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.

Hmm. What was going on? I did some poking around. My DSL router had security off. I must have shut that down at some point since I figured my Belkin router was already doing that job. So Shields Up was seeing that the Voyager router was responding to some pings, but there’s a pretty good chance that none of these were getting past the Belkin router further down the line.

I switched the DSL router’s security to high, which got me this pleasing message:

Your system has achieved a perfect “TruStealth” rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to “counter-probe the prober”, thus revealing themselves. But your system wisely remained silent in every way. Very nice.

One last, nice thing about Shields Up. By default, your browser is likely passing along “referer” information, telling sites that you visit where you came from. If you click on a link from some backroom discussion area, intranet or whatever, the location of the page you clicked off of is being sent unless you block referer data from being passed on. ZoneAlarm does this for me.

Are you leaking? If so, use the Browser Headers check at Shields Up. If you see this line:

Referer: http://www.grc……

you’re leaking referer information. If you aren’t, then you’ll see this:

XXXXXXXXXXXXXXX: XXXXXXXXXXXX

Be sure to check both ways, with an http:// address and the secure https:// option. I found that I do leak if it’s a https:// configuration, despite using ZoneAlarms “remove private header information” option.

Don’t have ZoneAlarm? Some options on blocking referer sending is covered here, though I don’t think the IE6 info is correct. I don’t think you can block referer info within IE6, but I’ve never tested this, since I long ago switched to Firefox.