Hello all...first post here so go easy on me. 
Background: I guess you could call me a noob at network security although I've learned a lot in the last year. I'm one of those people who got thrown into a Network Admin position for a small office just because I can use Google well and have common sense.
Well, I recently installed a Hotbrick VPN 600/2 Firewall so I can take advantage of the redundancy and performance of two connections (Dual WAN Ports w/ "load balancing").
I have several complaints about this thing, but I will try to stay on topic. The device is our gateway router and firewall. I've yet to set up VPN because I don't know how much I trust this thing.
Well since its up and running and I've got it configured the way I want, I started running some port scans from the outside. They all came back good until I ran Sygate's UDP port scan from here.
Right off the bat, it said it detected no firewall and almost all of the UDP ports returned a "Closed" result. One UDP port (DHCP Server) came back with "Open"! The TCP scan and the "Trojan Scan" all came back perfect with all ports "stealthed".
I called Hotbrick and they said this was by design. He said the DHCP Server port was open for situations where the hotbrick was to be a DHCP client, and it's non-configurable. After much prying, he finally admitted the UDP ports are not stealthed because "that would have cost more money to develop"! Can you believe this?
He tried to satiate me by telling me that the hotbrick had never been hacked because the policies are still enforced.
A couple questions:
1: Am I vulnerable since my firewall is responding to all UDP port scans and the DHCP Server port is wide open?
2: Is it possible that the stateful packet inspection is protecting my network despite the UDP issue?
3: Would you trust this device as a firewall/VPN device in light of what I've told you?
4: Am I just a worry wart?
Their website is www.hotbrick.com, but you won't find anything of value there...or at least I couldn't.
Thank you for any insight you might have. If this is the wrong forum/site, please make a suggestion.
Background: I guess you could call me a noob at network security although I've learned a lot in the last year. I'm one of those people who got thrown into a Network Admin position for a small office just because I can use Google well and have common sense.
Well, I recently installed a Hotbrick VPN 600/2 Firewall so I can take advantage of the redundancy and performance of two connections (Dual WAN Ports w/ "load balancing").
I have several complaints about this thing, but I will try to stay on topic. The device is our gateway router and firewall. I've yet to set up VPN because I don't know how much I trust this thing.
Well since its up and running and I've got it configured the way I want, I started running some port scans from the outside. They all came back good until I ran Sygate's UDP port scan from here.
Right off the bat, it said it detected no firewall and almost all of the UDP ports returned a "Closed" result. One UDP port (DHCP Server) came back with "Open"! The TCP scan and the "Trojan Scan" all came back perfect with all ports "stealthed".
I called Hotbrick and they said this was by design. He said the DHCP Server port was open for situations where the hotbrick was to be a DHCP client, and it's non-configurable. After much prying, he finally admitted the UDP ports are not stealthed because "that would have cost more money to develop"! Can you believe this?
He tried to satiate me by telling me that the hotbrick had never been hacked because the policies are still enforced.
A couple questions:
1: Am I vulnerable since my firewall is responding to all UDP port scans and the DHCP Server port is wide open?
2: Is it possible that the stateful packet inspection is protecting my network despite the UDP issue?
3: Would you trust this device as a firewall/VPN device in light of what I've told you?
4: Am I just a worry wart?
Their website is www.hotbrick.com, but you won't find anything of value there...or at least I couldn't.
Thank you for any insight you might have. If this is the wrong forum/site, please make a suggestion.
Facebook
Twitter