Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Security & Ports.

Reply
Thread Tools

Security & Ports.

 
 
The One
Guest
Posts: n/a
 
      03-21-2007
Today I did an online security test on the Symantec website. The results
showed that most of my common ports were either open or closed.
I then did the same test on the Shields Up website and the results showed
all my ports to be stealth.
Yesterday while online NAV reported an intrusion attempt on port 1476 by
NMap Xmas Scan, the attempted intrusion was blocked.
I have 3 questions.
Firstly why does the symantec site report the ports status to be different
to the shields up site?
Secondly if my ports are stealth is it possible for a scanner to see my
machine on the internet?
Thirdly is it possible that my linksys router firewall ingnored the scanner
and it was in fact the symantec software that responed thus making me
visable on the internet.

Many thanks....


 
Reply With Quote
 
 
 
 
Rick Merrill
Guest
Posts: n/a
 
      03-21-2007
The One wrote:
> Today I did an online security test on the Symantec website. The results
> showed that most of my common ports were either open or closed.


Actually?-!

> I then did the same test on the Shields Up website and the results showed
> all my ports to be stealth.


That means they don't respond with a NAK.

> Yesterday while online NAV reported an intrusion attempt on port 1476 by
> NMap Xmas Scan, the attempted intrusion was blocked.
> I have 3 questions.
> Firstly why does the symantec site report the ports status to be different
> to the shields up site?




> Secondly if my ports are stealth is it possible for a scanner to see my
> machine on the internet?


Only if you have some ports open, i.e. you run a server.

> Thirdly is it possible that my linksys router firewall ingnored the scanner
> and it was in fact the symantec software that responed thus making me
> visable on the internet.


that's possible.
 
Reply With Quote
 
 
 
 
Todd H.
Guest
Posts: n/a
 
      03-21-2007
"The One" <(E-Mail Removed)> writes:

> Today I did an online security test on the Symantec website. The results
> showed that most of my common ports were either open or closed.
> I then did the same test on the Shields Up website and the results showed
> all my ports to be stealth.
> Yesterday while online NAV reported an intrusion attempt on port 1476 by
> NMap Xmas Scan, the attempted intrusion was blocked.
> I have 3 questions.
> Firstly why does the symantec site report the ports status to be different
> to the shields up site?


Good question.

> Secondly if my ports are stealth is it possible for a scanner to see my
> machine on the internet?


A scanner, no. It'll look like there's nothing on that IP address to
a scanner. Traces of you will be out there on the net in the logs of
the web servers you visit of course.

> Thirdly is it possible that my linksys router firewall ingnored the
> scanner and it was in fact the symantec software that responed thus
> making me visable on the internet.


Do a third test. broadbandreports.com has a port scanner in their
toolset. see what it says. It would be unusual for a hardware
appliance to blithely allow traffic in like that. I'm inclined to
toss the symantec scan out as erroneous.


--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
B. Nice
Guest
Posts: n/a
 
      03-21-2007
On Wed, 21 Mar 2007 16:07:57 GMT, "The One" <(E-Mail Removed)> wrote:

>Today I did an online security test on the Symantec website. The results
>showed that most of my common ports were either open or closed.


I just checked. It correctly reported all my ports as closed.

>I then did the same test on the Shields Up website and the results showed
>all my ports to be stealth.
>Yesterday while online NAV reported an intrusion attempt on port 1476 by
>NMap Xmas Scan, the attempted intrusion was blocked.
>I have 3 questions.
>Firstly why does the symantec site report the ports status to be different
>to the shields up site?


Good question.

>Secondly if my ports are stealth is it possible for a scanner to see my
>machine on the internet?


Please define "see" on the internet.

"Closed" means a rejection message is sent back letting the sender
know that there is no service to connect to. If you are "stealthed" no
response is sent back. Some people think the latter is more secure. I
don't think so. But "stealth" is a cool term for marketing people
wanting to promote something.

Actually the Symantec site is one of the few online scanners that
acknowledges "closed" as a safe state.

>Thirdly is it possible that my linksys router firewall ingnored the scanner
>and it was in fact the symantec software that responed thus making me
>visable on the internet.


What do you mean by that?
 
Reply With Quote
 
Bullseye
Guest
Posts: n/a
 
      04-02-2007
The One wrote:

> snip <


Secondly if my ports are stealth is it possible for
> a scanner to see my machine on the internet?

--
When you are in stealth mode, if a packet is is sent to a particular
port, the firewall drops any packet that is not allowed by the rules.
If this was an attempt by hacker to scan your ports, the very fact that
the packet was dropped tells the hacker there is something there.
Therefore, like another poster said, stealth is a marketing tool
employed by software companies attempting to sell software firewalls.
A closed port is just as secure as a stealthed port. The only concern
would be the open ports. However, if the Shields Up test showed your
ports closed, the problem was most likely with the Synmantec test
rather than your firewall. Also, there is no such thing as being
invisible on the Internet. It's just that there are so many easy
targets out there not running any kind of firewall or security
software, most hackers aren't going to waste their time trying to take
down your firewall and get into your system. You're simply one out of
millions out there.

--
Posted via a free Usenet account from http://www.teranews.com

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Accessing higher security level from higher security level nderose@gmail.com Cisco 0 07-11-2005 10:20 PM
Going from higher security level interface to lower security interface- HELP!!! - AM Cisco 4 12-28-2004 09:52 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM
How secure is the security from my security form? Aaron Java 1 08-04-2003 06:16 PM
MCSA: Security MCSE: Security question Rick Sears MCSE 0 07-29-2003 08:02 PM



Advertisments