Moderators DennisD Posted March 3, 2007 Moderators Share Posted March 3, 2007 Have always had a 100% stealth rating from "Shields Up" while using Norton and then F-Secure. Since changing to PC Tools Firewall Plus I now have nine ports recognizable as existing to anything incoming, although they are "closed to connections". I`m figuring that "closed to connections" is probably as safe as full stealth, although the fail 100% Stealth message was a bit of a surprise. Ports now visible are: 113-Ident: 139-Net Bios: 1024-Dcom: 1025 to 1030-Host: 1720-H.323: 5000-UPnP: Am I OK like this? Not really bothered about 100% stealth as long as nothing can get in. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted March 3, 2007 Moderators Share Posted March 3, 2007 Try WWDC to lock down some pesky ports. I know in my situation I no longer have 100% stealth on http://grc.com after getting DSL however I'm not worried and there's also a quick test by McAfee Hackerwatch located here. Link to comment Share on other sites More sharing options...
TeeJay3800 Posted March 3, 2007 Share Posted March 3, 2007 I used to have 113 returned as "closed" since I use IRC a lot (about the only thing that uses 113 anymore), and I closed it by forwarding that port to a non-existent IP using my router. After that, I was 100% stealthed. You can try that with your closed ports, but I can't guarantee everything on your computer will work with all those ports stealthed as certain apps may be using them. Dell Latitude D600 Windows 7 Ultimate 32-bit SP1 Link to comment Share on other sites More sharing options...
Moderators rridgely Posted March 3, 2007 Moderators Share Posted March 3, 2007 I never did disable my router and play with pc tools firewall's settings yet. I told someone I would too, but I forgot. I'll do that later tonight and see if I can get it to pass with true stealth.(if your behind a router, you can't tell if the firewall is passing or if the router firewall is passing. ) Link to comment Share on other sites More sharing options...
Moderators DennisD Posted March 3, 2007 Author Moderators Share Posted March 3, 2007 Try WWDC to lock down some pesky ports. I know in my situation I no longer have 100% stealth on http://grc.com after getting DSL however I'm not worried and there's also a quick test by McAfee Hackerwatch located here. Thanks for the links, which Ive followed up. The WWDC program covers some of my visible ports, but not 1026 & 1027, which are high in the red on the "recent port activity" graphic on Hackerwatch.org. Out of curiosity, I disabled PC Tools firewall and activated my XP SP2 firewall and went back to "Shields Up" and "Hackerwatch". Obtained 100% Stealth again, but of course this is only for stuff coming in. Outbound, it`s non existent, as all you guys know. I think I`ll try some other possibilities, in an attempt to have outbound security, and retain 100% stealth. I said above that I wasn`t bothered, but I think I was kidding myself. It definitely feels more comfortable. To tell the truth, this is a bit confusing. The "Host" ports in my first post, i.e. 1025 through 1030 that are visible but closed; is there a way of knowing whether or not I have any applications that would use these ports, and subsequently make them vulnerable to something nasty? Ive no idea whether I`m being cautious, or paranoid. But I`m sure someone will tell me. Edit: Thanks rridgely, I didn`t see your reply before I posted. Edit2: Thanks TeeJay also. Link to comment Share on other sites More sharing options...
MikeW Posted March 3, 2007 Share Posted March 3, 2007 NIS2007 gets a full stealth Results from scan of ports: 0-1055 0 Ports Open 0 Ports Closed 1056 Ports Stealth --------------------- 1056 Ports Tested ALL PORTS tested were found to be: STEALTH. TruStealth: PASSED - ALL tested ports were STEALTH, - NO unsolicited packets were received, - NO Ping reply (ICMP Echo) was received. Win 7 Home Premium 64 bit - IE11 - Nod32 - Mbam pro Link to comment Share on other sites More sharing options...
Moderators DennisD Posted March 3, 2007 Author Moderators Share Posted March 3, 2007 NIS2007 gets a full stealth Used Norton 2005 & then 2006 until very recently. Still got this sitting on the shelf, sealed in the box. Since I changed to Avast Antivirus, and a not yet decided firewall, my 3.06Ghz processor actually performs the way it should. You would think a fire had been lit under my computers a**e. But each to their own Mike, whatever works for you. Link to comment Share on other sites More sharing options...
Moderators rridgely Posted March 4, 2007 Moderators Share Posted March 4, 2007 I got it to pass. The only problem is I'm not sure yet if the restrictions are too strict. Its late, I'm going to bed, but I'll post about it again tomorrow. Link to comment Share on other sites More sharing options...
MikeW Posted March 4, 2007 Share Posted March 4, 2007 Used Norton 2005 & then 2006 until very recently. Still got this sitting on the shelf, sealed in the box. Since I changed to Avast Antivirus, and a not yet decided firewall, my 3.06Ghz processor actually performs the way it should. You would think a fire had been lit under my computers a**e. But each to their own Mike, whatever works for you. I have used NIS both corporate and home for years, without problem. However, NIS 2007 is a new approach and very light on resource. But as you say each to their own. Win 7 Home Premium 64 bit - IE11 - Nod32 - Mbam pro Link to comment Share on other sites More sharing options...
fireryone Posted March 4, 2007 Share Posted March 4, 2007 my test only failed with my pc answering a PING request. fireryone Link to comment Share on other sites More sharing options...
Moderators Andavari Posted March 4, 2007 Moderators Share Posted March 4, 2007 - NO Ping reply (ICMP Echo) was received. ICMP Echo "Ping" is what hasn't been "TruStealth" on my system since getting DSL, however I suspect it has something to do with Qwest's QuickCare which I don't even have resident. Edit: And trying third party firewalls doesn't allow for "TruStealth" either, even if blocking the ports in question with a ruleset. Link to comment Share on other sites More sharing options...
Moderators DennisD Posted March 4, 2007 Author Moderators Share Posted March 4, 2007 Out of curiosity again, ran Windows Firewall and PC Tools Firewall Plus at the same time. Results: Leak Test blocked. Firewall manually configured to allow. Computer is running as normal with both firewalls active. 100% Stealth, and outbound traffic being blocked/allowed. This seems OK, but I would bow to superior knowledge if there`s something I`m missing with these two firewalls running together. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted March 4, 2007 Moderators Share Posted March 4, 2007 It's probably just a particular port, or more. But you shouldn't have to software firewalls running at the same time. Link to comment Share on other sites More sharing options...
Moderators DennisD Posted March 4, 2007 Author Moderators Share Posted March 4, 2007 It's probably just a particular port, or more. But you shouldn't have to software firewalls running at the same time. I`ll obviously go along with that. Seems OK, but running two firewalls is never recommended. Thanks for reply, will stick with PC Tools and see if rridgely has the answer. Link to comment Share on other sites More sharing options...
Moderators rridgely Posted March 4, 2007 Moderators Share Posted March 4, 2007 Alright the 2 rules that you have to edit are #2 and #4. You can just uncheck 2 but with 4 you have to edit the rules. I can edit it to still allow internet access, but with the settings I have now the GRC test wont even run. But obviously I can still get to websites because I'm typing here. I don't mind rules based firewalls, but this one is a little different than the others I've used.(kerio 2, and jetico) Link to comment Share on other sites More sharing options...
Moderators rridgely Posted March 4, 2007 Moderators Share Posted March 4, 2007 I got it, I got it. I think I'm going blind. Here is what I did, It came up as true stealth, and all of my stuff is still working. If you try this and get errors(like stuff your using not working), I'll keep playing with it, but I believe this will work: Link to comment Share on other sites More sharing options...
Moderators DennisD Posted March 4, 2007 Author Moderators Share Posted March 4, 2007 Alright the 2 rules that you have to edit are #2 and #4. You can just uncheck 2 but with 4 you have to edit the rules. I can edit it to still allow internet access, but with the settings I have now the GRC test wont even run. But obviously I can still get to websites because I'm typing here. I don't mind rules based firewalls, but this one is a little different than the others I've used.(kerio 2, and jetico) You can edit it, but into the 2nd screen of item 4..... . What do you edit? Edit: You beat me again with your post... Link to comment Share on other sites More sharing options...
Moderators DennisD Posted March 4, 2007 Author Moderators Share Posted March 4, 2007 Almost there. Only failed with port 139-Net Bios. No hurry with this. Will play around with it for a while. Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now