Usually I try to give the answers but this time I have a question. ;D
I just recently received DSL service and after taking a test of my ports at “Shields UP,” I found that all the entries were listed in blue, “Closed,” which gave a “failed” rating. Yet, before, when I was using my old dial-up account, all the entries came up as green, “Stealth,” as it is supposed to be. I haven’t changed anything else. What is different here and what do I need to do to achieve a “passing grade.” ;D
I hope I can be of help. I am not too keen on firewalls but if I may share my personal experience. I too use the services offered by Shield Up and I can say that my Computer passed the tests with flying colors. THe reason for that is not necesserally Windows Firewall but the built in firewall of my modem/router that I eceived from my ISP. It might happen that your router also has a Firewall that is not activated. Can you check and see if that is the case?
Are you using the XP or Vista firewall? What kind of DSL modem? Most common cause of this is that the modem actually has some “single channel router” capabilities and is answering for you before you get to the Windows firewall. Closed is not a bad thing, BTW, just not popular these days.
Are you with QWest? A search at Broadband Reports seems to indicate that the modem is sometimes delivered with the stealth mode disabled-see http://www.dslreports.com/forum/r21566638-How-to-put-3347-into-stealth-mode .
GRC is pushing stealth as a good thing (they claim to have invented it) because you don’t respond at all to TCP requests. But the standard for TCP/IP is that you will respond that a port is closed if it is, so unless there is an “open” response, the port status is actually the same to someone running a port scan-implicit closed vs explicit closed. Unless they don’t know that anything is at that IP address. So may help if someone is scanning random IP addresses instead of pinging to find active ones.
As far as ping, you can’t ping a port, just an IP-a port is only applicable in TCP/IP to packets of type TCP and UDP. Another thing that GRC is pushing is to block ping. The ICMP standard for the internet routers is that if there is no one there at that IP, the terminal router sends a response “destination unreachable”. If there is no response, a prober knows that someone is at that IP address and not answering (usually several pings need to be sent at once in case some get lost).
But there are some counter arguments that doing these things can still make a hacker’s job harder by forcing more work and time delays into the scanning. And devices sometimes do violate the standards.
There is a pretty good Wilders thread at http://www.wilderssecurity.com/showthread.php?t=216892 with details on the subject.
In any case, closed ports and ping responses still give you good security.
Yes, I am. While I feel better about the closed ports, unfortunately, according to the test, I guess Shields UP was able to successfully ping my system. I’ve included a picture below that gives the results. In its current state and from the results, how vulnerable is my system?
EDIT: I don’t understand this! ??? I installed Comodo (just the firewall, no extras) and I get the same exact results, even after using the stealth settings! I called Qwest and apparantly, my partucular modem has absolutely no firewall capabilities, leaving only a software solution. Oh, well. Comodo is actually running pretty well on my system and it does provide two way protection. However, the fact that Shields UP claims it’s able to successfully ping my system does concern me.
Also, would adding Threatfire to my system (Vista x64) be worth it?
I got the same problem I tried many firewalls to get ’ stealth ’ result but everytime i tested it failed… But when i activated my router firewall it passed the test. But i have a question: let’s say i m in the airport or in a cafe with wireless connection and thats why i wouldn’t use my router firewall. So will my Windows built-in firewall hide my ports? I hope it will do its job
Still sounds like your modem is just following the rules and answering pings and TCP connection attempts, and is not configurable. Bottom line is really that you can’t be invisible on the internet, so your system needs to be set up to resist targeted attacks against you, primarily by closing your ports when possible and being careful how you answer incoming traffic (if it is allowed) and control outgoing traffic by making use of your software firewall rules. I tried Threatfire and thought it was a pretty interesting behavior blocker; am using Prevx Edge now for similar capabilities. I think PC Tools/Threatfire was bought by Symantec so future is ???
As far as airports, you are under the spell of their wireless router which may or not stealth incoming port scans and block pings, but NAT will keep out traffic not responding to you, and your software firewall will still block things from actually getting into your system. Just be sure you never trust the network.
GRC Port Authority Report created on UTC: 2009-02-24 at 15:34:46
Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000
0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Thank you so much for this information, this actually helps a lot!
I suppose I didn’t have to install Comodo but I will go ahead and keep it since I do like having control over which of my programs can access the internet as well as being able to see status logs and other information. Plus, Comodo’s staff was courteous and helpful in addressing one problem I had with it.
I consider this issue SOLVED, thank you to all who posted.
you mentioned that you installed Commodo on your vista 64. I am also interested in knowing if the process was ok and how did you find firewall to behave. I am curios if you can tell me what is the differentce between Vista’s firewall and Commodo, apart from the outbound connection option?
I tried many firewalls to get ’ stealth ’ result but everytime i tested it failed… But when i activated my router firewall it passed the test. But i have a question: let’s say i m in the airport or in a cafe with wireless connection and thats why i wouldn’t use my router firewall. So will my Windows built-in firewall hide my ports? I hope it will do its job