Page 1 of 1

Testing router security

Posted: Thu Nov 04, 2021 10:53 pm
by nightcustard
Hi

I'd like to test the 8900AX2400's WAN-side firewall without having
to use a friend's internet connection or a web-based service. The former is not something I can do very often without risking annoyance, whilst the latter generally only offer limited functionality (unless you pay!)
The idea is to run nmap on a computer attached to a second router connected to the internet-facing end of the 8900's internal router - is such access possible?
I suspect not but thought it worth asking 😁

Cheers Mike

Re: Testing router security

Posted: Fri Nov 05, 2021 9:23 am
by billion_fan
nightcustard wrote:
Thu Nov 04, 2021 10:53 pm
Hi

I'd like to test the 8900AX2400's WAN-side firewall without having
to use a friend's internet connection or a web-based service. The former is not something I can do very often without risking annoyance, whilst the latter generally only offer limited functionality (unless you pay!)
The idea is to run nmap on a computer attached to a second router connected to the internet-facing end of the 8900's internal router - is such access possible?
I suspect not but thought it worth asking 😁

Cheers Mike
I don't think that will work as you will be behind the same WAN IP

Re: Testing router security

Posted: Sun Nov 07, 2021 7:14 pm
by nightcustard
billion_fan wrote:
Fri Nov 05, 2021 9:23 am
nightcustard wrote:
Thu Nov 04, 2021 10:53 pm
Hi

I'd like to test the 8900AX2400's WAN-side firewall without having
to use a friend's internet connection or a web-based service. The former is not something I can do very often without risking annoyance, whilst the latter generally only offer limited functionality (unless you pay!)
The idea is to run nmap on a computer attached to a second router connected to the internet-facing end of the 8900's internal router - is such access possible?
I suspect not but thought it worth asking 😁

Cheers Mike
I don't think that will work as you will be behind the same WAN IP
Thanks BF. The idea came from a router security testing website - some ISPs block port scans and it was suggested as a way of avoiding that issue. It assumes the modem is a separate box, so you've got access to the input of the router - something the 8900 doesn't offer, I assume.
I've also found port scanning my external IP address using a tethered Android phone reports (falsely) all the 8900 ports are open (I think it's some sort of anti-scanning feature of the mobile internet). Ah well, back to relying on 'Shields Up'!
Cheers, Mike