Linksys router?

i bought a linksys router and all ports are stealthed except


port 113 on a test , is this a security risk, also i do have windows firewall on, and wouldnt the nat router drop any


incoming connections on port 113? thanks.|||No, it is not a security risk. I do not know of any exploits or hacks that penetrate port 113. It is backed by a specific process and if a connection attempt that is not IDENT related will not work. I would not worry about it...





The problem with completely stealthing port 113:





Despite the fact that IDENT was never very useful, even today some crusty old UNIX servers 鈥?most commonly IRC Chat, but some eMail servers as well 鈥?still have this IDENT protocol built into them. Any time someone attempts to establish a connection with them, that connection attempt is completely put on hold while the remote server attempts to use IDENT to connect back to the user's port 113 for identification.





If the user had no NAT router or personal firewall 鈥?and no IDENT server running in their machine to accept the remote server's connection request on port 113 鈥?the user's computer would receive the port 113 connection request and immediately, actively reject the connection. The remote server would quickly know that IDENT was not running on the remote user's machine, it probably wouldn't care, and it would proceed to grant the user's suspended connection request.





However, if either a NAT router or a personal firewall ARE blocking and dropping incoming IDENT requests 鈥?if IDENT is fully stealthed 鈥?the remote server's attempts to connect would go unanswered. After waiting a while to hear back from its first connection request packet, it would send a second request packet. Then, after waiting much longer, it would send a third, and a fourth after waiting even longer still. With port 113 stealthed by the user, each incoming request would simply be dropped and ignored by the user's local security defenses. But in the meantime the remote server 鈥?and the user's original connection request 鈥?are "hung" waiting for some reply.





Since stealthed TCP connection attempts usually take 45 seconds or more to be abandoned, the effect is that stealthing of port 113 can cause some connections to some remote servers to hang for nearly a minute. (And SOME remote servers will even go so far as to finally refuse the original connection request if nothing is ever heard back from the client's port 113.)|||In principle, you can forward port 113 to somewhere in your own network that you don't use, effectively masking its presence just it does for all the other ports.





However, if you check the fine print on the test you've done, you probably will see that port 113 is an identification port, and although the Linksys router responded to a probe on port 113, it also indicated that this port is closed.





So, in effect, your router (unlike the NAT protection in effect for all other ports) acknowledged its existence in response to a port 113 probe -- and at the same time said no entrance, the door is closed and locked. This is a very small security risk.