[Judas]

I think someone should put up a guide on getting the most reliable speed out of there connection.... and getting the best possible security at it..

i'm not going to be able to.. i'm don't know much of the technicals behind it...

I'm also cheating on the security part.... hardware firewall..

However... i must add... when most of all sites don't or can't even see your IP adress..... it's good stuff..

Port 113 is one port that ALL routers USUALLY don't stealth.... but still keep it closed.... due to it being an age old port that some remote servers still request... and if it's stealthed.... you won't go anywere.... But it's so uncommon now.. that it can be stealthed without worry.... at all.....

I've stealthed mine... real easy.... with a hardware firewall (mine built into my router... good ol- D-Link... 704P with the latest firmware (which i might is so extremely simple to do..... it's kinda scary) )

most of all routers with firewall, that are programable.... you can set to redirect or pass on or however your router may say it..... If a request for port 113 comes in.... default for the router is closed.... but your stealth skin has been shed... now the hacker KNOWS that there is something there.... thus it can start trying to play with the "stealthed" ports that could be tricked into becomeing unstealthed....

Simply punch in the port that you want to completely sheild.....(113) and then punch in a non excistant intranet ip..... (seeing as i have 4 machines on this.... and non take up 192.168.0.254.... that's what i punched in..... now the router will see a a request for port 113..... and simply through it at an ip/computer the doesn't excist... and doesn't even care about a responce back..... thus nothing is sent back saying it's closed.. open... or whatever.... AKA.. STEALTH...

To test your connection... your computer.... for basic securty.. and all the info you might need....



Shields UP!

BTW.. this is what your looking for in security....

[krazy1]

Quote:

Originally posted by Judas


I'm also cheating on the security part.... hardware firewall..

First off HARDWARE firewalls are NOT cheating... infact Hardware is the only way to go if you want true and great protection!!! If they were cheating then no Corporate network would use them I myself preach to people about getting rid of software firewalls and getting hardware. Even if you get a simple linksys or Netgear firewall, it is still better then a software firewall. No need to go a crazy as I have with running a Corp lvl firewall at home but then again Networking and Network security is what I have my degree in and I kind of take it to the extreeme. Hell how many home networks do you know that run an Intrusion Detection System??

As for the results of your test, EXCELLENT!! That is what mine almost looks like. I have port 80 open for my webserver but other then that I am stealth. Infact I am stealth all the way up to port 65535!! Stealth is better then closed..... that way they aren't sure you are there... kind of puts a question in their mind...heheheh

You have any questions on this stuff, just give me a yell.. More then happy to help with network security...

[Judas]

...i'm stealthed all the way... if port i redirect to some computers.... are seen as stealth enless your using the appropeite program to connect through.... Such as my ut 2k3 server.... shows as stealth.... quake..halo.. you name it.. full stealth....

[Judas]

BTW ...by cheating.. i ment.... a guide for setting up security..... and using a router... would be a bit of a cheat as those that either A: don't have one.... B: can't afford one..... or A+B...... it sorta leaves them wide open as they are the ones that REALLY need it....... Also... my router appears to have a auto shutdown sort of thing when something get through..... kills the connection.... also outbound firewall.... if it detects any connection that i didn't contact first (i think that's how it works) and my or other machines are sending data to it....kills it to

[eyeguy616]

So you're saying that in order to stealth those ports just have the router route them to a non-existant intranet ip? Sounds pretty smart to me! One question though: What ports should not be routed out? I was used to having McAfee's firewall protect me, giving all stealth blocks in grc's port tests, but the router really does intercept those requests and sends them back as closed. I know how to get the router (cheap Uniden Wireless router: WNR2004, link to the deal <~sweet deal) to route ports since i had to route a few for Bittorrent to work properly. I also play a few online games (mostly MOHAA and UT2003), so would they get hammered by the port rerouting?
Also, how'd you get the IP to come up as "unknown" on grc? Did you edit it to purposefully cover up your IP or did it actually come up as that?
Geez, I'm full of questions today.... wonder what else I'm full of... :D

~eyeguy616

-oh yeah, almost forgot; totally off topic but I'd like to point out a thread I made about my problems thus far with the router located here and the bottom of here. The network just refuses to let my two comps communicate with each other...

[craig5320]

Quote:

Your Internet port 139 does not appear to exist!

One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

This site loves me, and I love it

All i got is a wireless-G router,

[zerodamage]

With a good hardware firewall, you do not need to forward the port to a non existant LAN ip address. BUT some firewall routers by default leave open ports 135 and 139 and others. In this case the forwarding to a non existent ip address will stealth the port.

As for software firewalls. They are still very useful. Let's say you have a trojan or some other program on your computer and it connects to the internet without you knowing about it. Well with a good software firewall (I use Kerio personal firewall 2.1.5) you will be asked to let this program connect. This will prevent a rogue program or a trojan from connecting without you knowing about it. (Unless you just hit permit without looking)

Also, there is this misconception that dial up users do not need a firewall. WRONG. MSN dial up users get 100's of port 135 attempts per hour. (Port 135 is the windows messenging service where you will get pop ups that are NOT Internet Explorer related or spyware related. This is also the port BLASTER worm and the variants penetrate your system) So dial up users should also be running a small firewall. Kerio's firewall is the smallest and runs between 3-5 MB. Zonealarm and others use over 10MB, sometimes 20 to do the job of this simple firewall.

I am super interested in Internet Security. I was chosen to do tech support for Sonic Wall (the contract fell through) and been interested in it for a long time. I've read many many books on this. I can tell you from professional experience also as a tech that a firewall should be on your system at all times if you are on the net, whether it be software or hardware. Having both is the absolute best solution.

[krazy1]

I see your point Zerodamage with the use of a software firewall but if you set up your hardware firewall in such a way, it to can stop out going "trojans" and the such. With the firewall I currently use I have done it 2 different ways. The first way is using the proxy server built into the firewall. By setting up the proxy I can tell it exactly what I want to let out. If I only want to let out traffic through port 80 and through 110 & 25 then it blocks everything else. Plus with the extensive logging I can tell what exactly is going out those ports and to where. The second way is the long way and that is setting up rules to only allow traffic out specific ports. The firewall I use is locked down tighter then all hell when you first get it up and running. No traffic in or out. You have to build the rules to let things in and out. I personally preferr hardware over software for a few reasons. 1) I beleive that if you want true solid protection, your firewall should be just that, a firewall and that is it. Let if fully put it's processing into protecting your network. 2) When you shut down your PC your firewall is no longer up and running. As slim is the chance may be, a good hacker can worm their way into stuff even with things shut down. Especially if you have a NIC with WOL (Wake On LAN). I have seen it done a few times in testing and that right there sold me on hardware. 3) This is a minor reason but system resources. By running a hardware firewall you are not taking up any of your systems resources. Granted most software firewalls don't use much, but they still use some and those resources could be used better in other places. I could keep going on and drive people nuts reading this but I will just leave it with those points.

As for having a firewall with dial-up.......... I agree with you 100%. No matter how you connect to the internet you need some sort of firewall. And Dial-up is my one exception to the rule of software firewalls. Mainly because dial-up hardware firewalls are far and few between.

I guess the debate between software & hardware firewalls is a matter of personal opinion. The above is my opinions and I don't expect anyone to follow exactly what I say but take in consideration what I said and make your own choices.

If you are interested in what I use for a firewall go Here

[zerodamage]

That is a nice firewall solution but in reality, 99% of the people can not afford such a solution or spend all that time on it. Your solution is the best of course.

But to keep things simple, all that is needed is a small software firewall like the Kerio Firewall 2.1.5 version (freeware) which uses little resources. And use a hardware for the incoming. It may not be as powerful as krazy1's solution but will do the job just fine.

As for a WOL (wake on lan) solution, just hit the switch on the back of your powersuplly or unplug it till you use it again.

[Judas]

or disable it in the bios...

[GutterPunk]

i get murdered on my IP thats it complete stealth on ports,,, suggestions?

[eyeguy616]

Sorry to be a tick but is there anything y'all can enlighten me on my questions from my previous post?

disastropy, I would suggest either getting the newest version of ZoneAlarm (free version) or buying McAfee's Personal Firewall Plus 2004. McAfee's is a heck of a lot more user friendly since it actually suggests things to do if you come under attack or when a program wants access to the internet. It's quite a nice firewall, giving all stealth blocks on grc's test the last time I checked. I'm sure ZoneAlarm does too, but I always had problems with it on my machine.... so no installing for me. Oh yeah, Kerio's new firewall (version 4?) is pretty sweet. It actually can stop programs from opening other programs/files! It is, however, not very user friendly and can be extremely anal if you let it, but I've used it briefly and it's pretty good. Keep in mind that if you have a router with a built in firewall your software firewall will not get much use since the hardware firewall will do all the talking....

~eyeguy616

[GutterPunk]

no hardware firewall in my router... can it be flash updated or anything? is macafee 2k4 pricey? wut about norton firewall from 2k3?

[mbeeston]

black ice btw.. the pics won't load.. wierd..

i'm sitting good.. the only ports open are my webserver and mail server...

[Roadee]

I use Norton Internet Security 2k3 and Norton System Works 2k3........never had a problem......and that site showed that everything was "stealth"........but the funny thing is......since I was doing a fresh format.....I tried all the test's BEFORE installing norton....and disabled the XP Pro firewall.......and had a few open ports.....I closed IE......restarted my computer......went back to the site.......and everything was either closed or stealth.......only thing showing was my IP address.....

Makes me kinda wonder on this one..........

[krazy1]

Quote:

Originally posted by zerodamage
That is a nice firewall solution but in reality, 99% of the people can not afford such a solution or spend all that time on it. Your solution is the best of course.

AHh if you are a home user it is completly FREE!!! You only have to buy Astaro if you are a business.... If you are a home user it costs $0. Only thing you need is an old PC to put it on.

Quote:

Your solution is the best of course

That I cannot say. It is a good one but never the best. To say what is the best is a matter of personal opinion. To me the best would be having a Cisco PIX firewall but since that isn't free I will have to use what I have.