Asmodeus

Not sure if this is in the right place or not but anyway.

I have got a router on my PC and went to Sheilds-UP to test it out.
Every port came back as stealth if this place can be trusted for testing.

If these tests are correct is a firewall still needed?

Here is the test results:

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2005-01-21 at 04:33:58

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2005-01-21 at 04:39:30

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

Judas

looks like your routers doing a pretty good job, Every machine that has some form of firewall i ALWAYS run the sheilds up test.

Although, to full test your router, i'd suggest disabling windows XP's own Firewall. (be warned, disabling it may allow hackers in IF your routers not up to the task for sure)

__________________

TwistedMetal

You should be ok with the router, but you can use both if you want. I just use a router myself.

__________________
[color=red][/color]

Asmodeus

Windows firewall was disabled during the test.

i ran another test over at audit my pc and it found one open port TCP 2420 DSL Remote management. I tested every single port there and that was the only one it could detect as open.

**EDIT** Sheilds UP also found this port open when I force scanned that port since it wasnt in the normal scan of first 1056 ports.

Asmodeus

Just tried running the test again with Look N Stop firewall which is suppose to be #1 and that port (2420) was still open.

Same when using just windows firewall.

Is this a port that needs to be open or something?

Judas

i'm not sure, might try doing a Google on that port....

__________________

Vampyromaniac

Look through your router's settings, there might be an option to turn that off, if you wish.
My guess is it's a port for accessing the router's settings from a remote location.

Keep in mind when you run those scan tests, you're testing your router, and not your computer.
I've never found a need for a software firewall, when behind a router already, but that's just me.
You can use a software firewall if you're worried about possibly evil things installed on your computer communicating over the Internet without your knowledge.

__________________

Asmodeus

So basically you think I am fine without the firewall even though that port is open? It is the only one. i tested them all and thats the only open port.

I cant figure out a way to disable it either. I am trying some googling to try and figure out how to deny that port but so far not looking good.

Vampyromaniac

Look through your router's manual.
You're probably fine, as long as you have a password set on the router's settings (not the default password.)
As for a firewall, like I said, "You can use a software firewall if you're worried about possibly evil things installed on your computer communicating over the Internet without your knowledge."
That's up to you to decide.

__________________

Asmodeus

That the problem I dont have a manual or anything for it.

it came with my new ISP and there isnt nothing they provide you for it they just hand it to you. Its a Westel Versalink Gateway and I went to there website and they say the manual is on the disk they provide with the router.

What I dont understand is why does it still show up even with a firewall installed?

Here is a link to a page where they discuss it in better terms than I can understand if you care to take a look at it. I couldnt make heads or tails what they were saying.

http://www.dslreports.com/forum/rema...7755~mode=flat

Vampyromaniac

From that link, it looks like it's nothing to worry about.

Like I said before. When you run a scan test like Shields-Up, it is scanning your router, not your computer. Nothing running on your computer would be touched or have any effect on the test results, unless you are specifically forwarding ports from your router to the PC.

__________________

pr0digal jenius

I don't have a single port open all the way through 2500, nor are any "game" ports open (20000-22500)

Asmodeus

So I guess I am safe to go without the firewall then?

I hate them things with a passion they seem to cause more headaches than one needs but also dont want the risk of someone getting in.

Asmodeus

I only have one and its 2420 and its really getting on my nerves.

pr0digal jenius

if you have DSL, my guess is that that port is used for PPPoE and you shouldn't bother with it

Asmodeus

Yeah I am on Verizon DSL.

From the way that person said on that forum link I provided as long as remote access isnt enable then there is nothing to worry about.

I hope he is talking about the remote access feature on Windows because I have that turned off and I dont have anyclue if verizon has there own feature and how it works but I done some poking around the PC and couldnt come up with anything. First thing I did when I got this provided was uninstall there online help deal so maybe that could be it too.

Vampyromaniac

Well, he had some guy try to connect to it from a remote location, and he couldn't. That's why I said it's probably nothing to worry about.

__________________

Asmodeus

Would you trust it without a firewall?

Ubergrendle

Based on where the IT industry has gone, firewalls are pretty much exclusively considered network devices -- they run better on independent hardware, are more secure, and help keep your network topology 'clean'. This is on the enterprise scale.

I take this thinking to my desktop. A cable/DSL router w/ NAT translation is a much better firewall than any piece of software you can run on your PC. So #1 its more secure. (note: remember to patch your router BIOS regularly)

#2, if you run software AND hardware based firewall, when you have connectivity problems you'll have to investigate two tiers, not just one. God forbid your problem is a result of an interaction between the two. So running a software firewall ontop of hardware is redundant and confusing. The chances of your software firewall blocking a malicious attack that circumvents your physical router is a very remote possibility.

#3 Every WinXP sp2 system now has windows firewall. if a hacker had to pick a firewall he wanted to circumvent, he'd pick this product since it will be the most widely distributed and most poorly administered. "Security through obscurity" is not a comprehensive strategy, but it has its benefits from time to time.

3 reasons not to run Windows firewall.

__________________
Veteran of the PC Microchannel / EISA wars of the late 1980s.

BWX

Ditto ^^^

If you have a router you are set. The only reason t run a software firewall now is for outgoing connection monitoring. I actually don't even run a software firewall for that. I use a program called Currports. It shows all connections. If I think something weird is going on I just look and see.

http://www.nirsoft.net/


http://www.nirsoft.net/utils/index.html
Network Monitoring Tools on that page.

No need to thank for the link.

__________________

Asmodeus

Well I will do it anyway...

Thanks for the link

BWX

hehe, nice tools huh?

__________________

Asmodeus

Seems very nice.

I am still trying to convince myself I am safe without the firewall though.

BWX

It takes a couple weeks to have the same sense of security, but it will happen.

Also, you do have a firewall- a MUCH better hardware firewall.


I have this cheap router and love it.. http://www.netgear.com/products/details/RP614.php?view=

__________________

Asmodeus

do you run anything like spyware guard or the like?

BWX

-Lavasoft Adaware SE personal build 1.05-
-Spybot S&D-
-Spyware blaster-
-Symantec Antivirus corporate- (only run full system scans, individual file scans, and email protection. I don't use auto protect and or any of that crap that is "always on")

Works great.

__________________

Asmodeus

I am currently using

NOD32
Lavasoft Adaware SE
Spybot S&D
Spyware Guard

oh and look n' stop firewall...........lol

pr0digal jenius

adaware se, spyware blaster, and a netgear router