After replacing my last router with the WRVS4400NV2, I have been very impressed with the device.
But, after a few weeks of using it, I noticed via the IPS reports that my system was suddenly getting a lot more DOS/FLOOD attention from "foreign" IP's than I had ever seen in the past. Kind of alarmed, I checked my configuration and it was as hardened as the device will allow. So I ran GRC's shields up test.
Port 473 was 'stuck' open every time.
I am not used to seeing a non-stealthed port but had read that earlier Linksys firmware on the V1 device had failed to stealth the port. I had quickvpn disabled, remote management disabled and no SSL connections currently going so I systematically shut down my network looking for the issue by eliminating my firewalls and software as the possible culprits.
Guess what is un-stealthing Port 473 in the WRVS4400N V2?
I had one disabled VPN Client created in the VPN Clients Account section. I deleted the disabled account and Port 473 went stealth on the Shields Up! test.
Apparently, if you create a VPN Client Account, and even if it is disabled, it will permanently open your port 473 to the WAN. I am not an expert in networking by any means, and that may be a requirement of the Quickvpn solution, but that seems a little bit dangerous. I believe the port responding to requests from foreign IP bots is what brought the attention to my network.
Worse yet for me, a "foreign" IP attempted to exploit the open 473 port and if IPS was turned off (as many of us do for performance reasons) would have succeeded! That log file made my anxiety go up a few levels for sure.
Love the device, not too thrilled with that implementation of quickvpn port opening.
Best Regards, and thanks to any experts who chime in.