Have always had a 100% stealth rating from "Shields Up" while using Norton and then F-Secure.
Since changing to PC Tools Firewall Plus I now have nine ports recognizable as existing to anything incoming, although they are "closed to connections".
I`m figuring that "closed to connections" is probably as safe as full stealth, although the fail 100% Stealth message was a bit of a surprise.
Ports now visible are:
113-Ident: 139-Net Bios: 1024-Dcom: 1025 to 1030-Host: 1720-H.323: 5000-UPnP:
Am I OK like this? Not really bothered about 100% stealth as long as nothing can get in.
Try WWDC to lock down some pesky ports. I know in my situation I no longer have 100% stealth on http://grc.com after getting DSL however I'm not worried and there's also a quick test by McAfee Hackerwatch located here.
I used to have 113 returned as "closed" since I use IRC a lot (about the only thing that uses 113 anymore), and I closed it by forwarding that port to a non-existent IP using my router. After that, I was 100% stealthed. You can try that with your closed ports, but I can't guarantee everything on your computer will work with all those ports stealthed as certain apps may be using them.
I never did disable my router and play with pc tools firewall's settings yet. I told someone I would too, but I forgot.
I'll do that later tonight and see if I can get it to pass with true stealth.(if your behind a router, you can't tell if the firewall is passing or if the router firewall is passing. )
Try WWDC to lock down some pesky ports. I know in my situation I no longer have 100% stealth on http://grc.com after getting DSL however I'm not worried and there's also a quick test by McAfee Hackerwatch located here.
Thanks for the links, which Ive followed up.
The WWDC program covers some of my visible ports, but not 1026 & 1027, which are high in the red on the "recent port activity" graphic on Hackerwatch.org.
Out of curiosity, I disabled PC Tools firewall and activated my XP SP2 firewall and went back to "Shields Up" and "Hackerwatch".
Obtained 100% Stealth again, but of course this is only for stuff coming in. Outbound, it`s non existent, as all you guys know.
I think I`ll try some other possibilities, in an attempt to have outbound security, and retain 100% stealth. I said above that I wasn`t bothered, but I think I was kidding myself. It definitely feels more comfortable.
To tell the truth, this is a bit confusing.
The "Host" ports in my first post, i.e. 1025 through 1030 that are visible but closed; is there a way of knowing whether or not I have any applications that would use these ports, and subsequently make them vulnerable to something nasty?
Ive no idea whether I`m being cautious, or paranoid.
But I`m sure someone will tell me.
Edit: Thanks rridgely, I didn`t see your reply before I posted.
Still got this sitting on the shelf, sealed in the box.
Since I changed to Avast Antivirus, and a not yet decided firewall, my 3.06Ghz processor actually performs the way it should. You would think a fire had been lit under my computers a**e.
But each to their own Mike, whatever works for you.
Still got this sitting on the shelf, sealed in the box.
Since I changed to Avast Antivirus, and a not yet decided firewall, my 3.06Ghz processor actually performs the way it should. You would think a fire had been lit under my computers a**e.
But each to their own Mike, whatever works for you.
I have used NIS both corporate and home for years, without problem. However, NIS 2007 is a new approach and very light on resource. But as you say each to their own.
ICMP Echo "Ping" is what hasn't been "TruStealth" on my system since getting DSL, however I suspect it has something to do with Qwest's QuickCare which I don't even have resident.
Edit: And trying third party firewalls doesn't allow for "TruStealth" either, even if blocking the ports in question with a ruleset.
Alright the 2 rules that you have to edit are #2 and #4. You can just uncheck 2 but with 4 you have to edit the rules. I can edit it to still allow internet access, but with the settings I have now the GRC test wont even run. But obviously I can still get to websites because I'm typing here.
I don't mind rules based firewalls, but this one is a little different than the others I've used.(kerio 2, and jetico)
Alright the 2 rules that you have to edit are #2 and #4. You can just uncheck 2 but with 4 you have to edit the rules. I can edit it to still allow internet access, but with the settings I have now the GRC test wont even run. But obviously I can still get to websites because I'm typing here.
I don't mind rules based firewalls, but this one is a little different than the others I've used.(kerio 2, and jetico)
You can edit it, but into the 2nd screen of item 4..... . What do you edit?