 |
|
You are not logged in! F.A.Q Log in Register |
 |
|
 |
 Now online (4)big Hyperflake dariusgriffin DADONCK ...and 354 guests Last 5 registered Oplandisks nothingstar N_loop yipe foxtrotromeo Browse members... |
 |
Members 8025Messages 2614170 Today 15 Topics 127545 |
|
|||||||||
| |||||||||
|
|
just got a new firewall & i'm a bit unsure of it. i know about some on-line scans, any recommendations grateful. cheers. |
||||||||
|
|
|||||||||
| |||||||||
|
|
there are several port scans on there. |
||||||||
|
|
|||||||||
| |||||||||
|
|
|
||||||||
|
|
|||||||||
| |||||||||
|
|
I didn´t know about this! everything seem to be ok thanks |
||||||||
|
|
|||||||||
| |||||||||
|
|
EVERYTHING SEEMS TO BE OK ...that's what they want you to think |
||||||||
|
|
|||||||||
| |||||||||
|
|
that's why i'm asking for online firewall tests. there's no point in relying on the scan which is provided by the same copmany as your firewall. |
||||||||
|
|
|||||||||
| |||||||||
|
|
looks like a good one, cheers for that |
||||||||
|
|
|||||||||
| |||||||||
|
|
Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet. Hmm. Should i belive this? |
||||||||
|
|
|||||||||
| |||||||||
|
|
grc is ace...I have used it for years, loads of good stuff on the site. |
||||||||
|
|
|||||||||
| |||||||||
|
|
Yes, that message has been there for years, before people really starting using firewalls as commonplace. It as something stupid like 90% of the PC's connected to this internet prior to deployment of service pack 2 were running without a firewall. Netbios was also generally enabled by default. That particular well done message has less relavence these days. |
||||||||
|
|
|||||||||
| |||||||||
|
|
do you know what port 1025 is used for? and why it should be open? and why it keeps getting scanned by my isp? |
||||||||
|
|
|||||||||
| |||||||||
|
|
1025 is the RPC call. It was used by viruses such as MSBlast I think...The ISP is probably just checking to make sure people don't have it open. They routinely check a number of ports such as those used for mail relay, open proxies etc...then they get in touch with you if you are at risk/breaking rules. |
||||||||
|
|
|||||||||
| |||||||||
|
|
It shouldn't be open though? What firewall are you using? |
||||||||
|
|
|||||||||
| |||||||||
|
|
sygate. i am running emule though but i don't think it's using that port. |
||||||||
|
|
|||||||||
| |||||||||
|
|
Are you behind a router as well? |
||||||||
|
|
|||||||||
| |||||||||
|
|
i got the same stuff... are you on some university-net too? |
||||||||
|
|
|||||||||
| |||||||||
|
|
There's also an online . Be sure to click 'ignore pingability'. This isn't quite as userfriendly as shields up! but can possibly give more info. |
||||||||
|
|
|||||||||
| |||||||||
|
|
port 1026 is open now but 1025 isn't. unless i made a mistake before. but i don't think i did. |
||||||||
|
|
|||||||||
| |||||||||
|
|
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation. IS THIS BAD? |
||||||||
|
|
|||||||||
| |||||||||
|
|
sorted it. it's my stupid printer agent. i'll get rid of it. |
||||||||
|
|
|||||||||
| |||||||||
|
|
Blocking ping is relying on security through obscurity. There's no harm in blocking ping, but blocking it doesn't really increase your computer's security. |
||||||||
|
|
|||||||||
| |||||||||
|
|
But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) That made me giggle. |
||||||||
|
|
|||||||||
| |||||||||
|
|
that's cool. |
||||||||
|
|
|||||||||
| |||||||||
|
|
I'll try and work out what all that means :P |
||||||||
|
|
|||||||||
| |||||||||
|
|
NO ! that's very cool! |
||||||||
|
|
|||||||||
| |||||||||
|
|
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice. |
||||||||
|
|
|||||||||
| |||||||||
|
|
ok its me again is there any reason any windows system files need to be filtered in a firewall? for example, com services, kernel etc |
||||||||
|
|
|||||||||
| |||||||||
|
|
Yes, there are a lot of loopback services which access the maching through the local network (your box) These will still be filtered by the firewall (I take it you mean stuff like COM Surrogate stuff etc.?) General rule of thumb is deny everything unless you start noticing it affecting the performance of the PC in some way. |
||||||||
|
|
|||||||||
| |||||||||
|
|
eg kernel32.dll |
||||||||
|
|
|||||||||
| |||||||||
|
|
Yeah its normal...it all depends on what programs and services you are running. Just deny everything access as I say, it doesn't normally make any difference to the PC. |
||||||||
|
|
|||||||||
| |||||||||
|
|
that could be windows update... i believe. |
||||||||
|
|
|||||||||
| |||||||||
|
|
i run a tight ship! cluttered systray = bollocks. what about port scans? i'm getting a lot of them of which the IP is very similar (but not identical) to mine. do you think this is just the ISP software checking the connection every now and again? |
||||||||
|
|
|||||||||
| |||||||||
|
|
i have NO updates that run without me first asking them to. |
||||||||
|
|
|||||||||
| |||||||||
|
|
block it then. winders has all types of processes that run in the background. some of them try to use the internet. if keeping them from sending secret info about you back to microsoft doesn't break anything, then it probably didn't really need to be sent. lee is the man. |
||||||||
|
|
|||||||||
| |||||||||
|
|
yes, but i'd like to know why certain system files need internet access, if at all. |
||||||||
|
|
|||||||||
| |||||||||
|
|
i suppose you've run virus/spyware scans and the like? i think (although i'm somwhat talking out of my ass) that kernel32.dll is the main windows process that controls the execution of all other applications. even though you've told windows not to check for updates, that process may still be trying to get and/or send information to and from microsoft... for what reason? who knows. microsoft doesn't have to say... read the EULA to the opperating system. when you install it you give them the right to collect certain info. |
||||||||
|
|
|||||||||
|
Messageboard index
|
|||||||||
