[OT] router ports & DMZ

thufir hawat.thufir at gmail.com
Tue Feb 17 04:56:13 UTC 2015

I have a netgear N-150 router and have tried to open ports on it.  
However, it keeps showing as closed:

thufir at doge:~$ 
thufir at doge:~$ nmap -p 5060

Starting Nmap 6.46 ( http://nmap.org ) at 2015-02-16 20:46 PST
Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 1 undergoing Ping Scan
Ping Scan Timing: About 100.00% done; ETC: 20:46 (0:00:00 remaining)
Nmap scan report for
Host is up (0.00044s latency).
5060/tcp closed sip

Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds
thufir at doge:~$ 

With consumer grade routers, in general, and this router, specifically, 
how do you go about opening ports?  Do they even have that capability?  I 
tried disabling the SPI firewall, also.

I'm waiting to hear back from Netgear, but, since I've had the router for 
a while, I don't expect them to reply usefully.  I have the manual, and 
it says:

Warning: DMZ servers pose a security risk. A computer designated as the 
default DMZ server loses much of the protection of the firewall, and is 
exposed to exploits from the Internet. 

If compromised, the DMZ server computer can be used to attack other 
computers on your network. Incoming traffic from the Internet is usually 
discarded by the router unless the traffic is a response to one of your 
local computers or a service that you have configured in the Port 
Forwarding/Port Triggering screen. Instead of discarding this traffic, 
you can have it forwarded to one computer on your network. This computer 
is called the default DMZ server.

p. 64

I want *all* devices on the network to be DMZ servers -- just disable all 
security!  Because I'm in a double-NAT situation, with this router 
connecting to another router via wifi there's still the firewall/etc for 
the first, outer, router.

But how do I do that?



More information about the ubuntu-users mailing list