HardwareBanter - View Single Post - Mysterious internet/ethernet issue (kinda need testing/connection/communicationservice to diagnose it ???)

**Char Jackson** · October 12th 18, 06:25 PM posted to alt.comp.hardware.pc-homebuilt

On Fri, 12 Oct 2018 05:52:41 -0700 (PDT), wrote:

Well, to get this lucrative project under way, I
need to know the *model number* of the modem. Just
in case it's a modem/router... Is it an Alcatel or
a Fritz, or something else ?

Cable modem: Ubee evm320b

I already tried searching the internet for a manual. I only found a manual for a slightly different version, one that also has a wireless chip inside of it if I recall.

This exact model's manual seems to be missing.

But it's basically a standard cable modem/docsis modem probably 2.0 or so.

I tried shields up, but had windows firewall running, and everything shows green.

Already tried this tool in the past, could close down the firewall... it's a nice tool.

I guess it's somewhat usefull at finding open ports when firewall is down... proving that that computer can reach my computer...

And equally useful at finding open ports when the Windows firewall is
up. The typical Windows firewall has tons of holes poked in it and
Shields Up will show those. Now if you did the scan and it shows
everything Closed or Stealth, then my guess is that you have a "stateful
firewall" in your modem, which in turn means your modem is NOT a plain
modem. It's a modem-router combo. Modems don't have firewalls, but
consumer routers almost always do, especially NAT routers.

By the way, you didn't mention the results of the test to check for NAT.
I'm guessing you'll find that NAT is indeed involved.

But since my computer contacted that website... it's pretty useless since this is how NAT is circumvented.

That's incorrect. You contacted grc.com and launched the Shields Up
tool, right? As a result, a server at grc.com attempted to open *NEW*
connections to what it thinks is your IP address. Those new connections
are not the same as, and have nothing to do with, your connection to
grc.com. They are entirely different connections, and your stateful
firewall will treat them as separate connections. Just because you
opened an outbound connection to grc.com doesn't mean that all inbound
connections from grc.com are suddenly allowed. It doesn't work that way.

When you open an outbound connection, a "tuple" is created at each end
of the connection that consists of 4 parts: your local IP address (the
source IP), your local TCP port (the source port, randomly selected from
the range of 1024 to 65535), the destination IP address, and the
destination port. With NAT, the tuple at your end and the tuple at the
remote end are going to be different, but the NAT device transparently
handles the translation so that's not an issue. So when the Shields Up
program tries to open a connection to you, the tuple for that connection
doesn't match the tuple for your outbound connection and thus it's
treated as an entirely new connection.

My computer makes outbound connection to web and thus web is allowed to connect to my computer.

No, that's incorrect.

I hope now that you understand that I don't think this tool is very usefull... though I may be wrong, since the scan can be started later.

You're right when you say that you're wrong on that part.

But websites can use tricks to keep connections open perhaps that is what shields up is doing.

For my test, you would try to connect to my computer without my computer making an outbound connection to your computer.

At least that is kinda the idea.

Yep, that's exactly what Shields Up does. It tries to make unsolicited
connections to your computer, then it uses the existing connection to
show you the results.