port scan shows ports not stealthed

Discussion in 'Computer Security' started by RH, Jul 15, 2007.

  1. RH

    RH Guest

    grc.com shows I have a lot of ports showing to be closed, but not stealth.
    Using new Linksys router on Vista...

    Is it a threat, can the ports be stealthed?
    RH, Jul 15, 2007
    #1
    1. Advertising

  2. On Sat, 14 Jul 2007 21:17:07 -0500, "RH" <> wrote:

    >grc.com shows I have a lot of ports showing to be closed, but not stealth.
    >Using new Linksys router on Vista...
    >
    >Is it a threat,


    No.

    >can the ports be stealthed?


    Probably, but stealth is nonsense.

    There are other much more important things to consider, like changing
    the default password of the router,
    Straight Talk, Jul 15, 2007
    #2
    1. Advertising

  3. RH

    dc Guest

    You probably already know this, but here is the GRC Ultra Password site
    https://www.grc.com/passwords.htm

    dc


    "RH" <> wrote in message
    news:469983a1$0$4928$...
    > grc.com shows I have a lot of ports showing to be closed, but not stealth.
    > Using new Linksys router on Vista...
    >
    > Is it a threat, can the ports be stealthed?
    >
    dc, Jul 15, 2007
    #3
  4. RH

    jc Guest

    dc wrote:
    > You probably already know this, but here is the GRC Ultra Password site
    > https://www.grc.com/passwords.htm
    >
    > dc
    >

    Are they serious? A good password has to be something a user can
    remember. Even written on paper, nobody could type these without making
    errors.


    jc


    >
    > "RH" <> wrote in message
    > news:469983a1$0$4928$...
    >> grc.com shows I have a lot of ports showing to be closed, but not stealth.
    >> Using new Linksys router on Vista...
    >>
    >> Is it a threat, can the ports be stealthed?
    >>

    >
    >
    jc, Jul 15, 2007
    #4
  5. RH

    Sebastian G. Guest

    jc wrote:

    > dc wrote:
    >> You probably already know this, but here is the GRC Ultra Password site
    >> https://www.grc.com/passwords.htm
    >>
    >> dc
    >>

    > Are they serious?



    Obviously not. You look at the domain name.

    > A good password has to be something a user can remember.



    Wrong.

    > Even written on paper, nobody could type these without making


    > errors.



    Then store it on the computer. Heck, 100 impossible to remember different
    passwords for 100 different purposes in a database encrypted with one
    rememberable password is still better than not using different passwords
    and/or using weak ones.

    At any rate, the problem with this password generator is that unless you
    read the script code on the website, you can't even be sure that the owner
    of this website doesn't get known to your password as well, or if its
    generation method doesn't contain any backdoors (like
    password=encrypt(RSA-ECC,public_key,SHA1(count++))).
    Sebastian G., Jul 15, 2007
    #5
  6. RH

    RH Guest

    Thanks guys - that's a relief...

    Previous Linksys router I owned showed all ports as stealth, what gives with
    the change from stealth to closed? Was it the migration to Vista, the ISP,
    or the different Router?

    Just curious....
    rh



    "jc" <> wrote in message
    news:KNrmi.321968$...
    > dc wrote:
    >> You probably already know this, but here is the GRC Ultra Password site
    >> https://www.grc.com/passwords.htm
    >>
    >> dc
    >>

    > Are they serious? A good password has to be something a user can
    > remember. Even written on paper, nobody could type these without making
    > errors.
    >
    >
    > jc
    >
    >
    >>
    >> "RH" <> wrote in message
    >> news:469983a1$0$4928$...
    >>> grc.com shows I have a lot of ports showing to be closed, but not
    >>> stealth.
    >>> Using new Linksys router on Vista...
    >>>
    >>> Is it a threat, can the ports be stealthed?
    >>>

    >>
    >>
    RH, Jul 15, 2007
    #6
  7. RH

    jc Guest

    Sebastian G. wrote:
    > jc wrote:
    >
    >> dc wrote:
    >>> You probably already know this, but here is the GRC Ultra Password site
    >>> https://www.grc.com/passwords.htm
    >>>
    >>> dc
    >>>

    >> Are they serious?

    >
    >
    > Obviously not. You look at the domain name.
    >
    >> A good password has to be something a user can remember.

    >
    >
    > Wrong.
    >
    >> Even written on paper, nobody could type these without making

    >
    >> errors.

    >
    >
    > Then store it on the computer. Heck, 100 impossible to remember
    > different passwords for 100 different purposes in a database encrypted
    > with one rememberable password is still better than not using different
    > passwords and/or using weak ones.
    >


    You're only as strong as your weakest link. What good would it be to
    have 64 char passwords if your db only required say, 16 chars?


    jc

    > At any rate, the problem with this password generator is that unless you
    > read the script code on the website, you can't even be sure that the
    > owner of this website doesn't get known to your password as well, or if
    > its generation method doesn't contain any backdoors (like
    > password=encrypt(RSA-ECC,public_key,SHA1(count++))).
    jc, Jul 15, 2007
    #7
  8. "Sebastian G." <> wrote:

    >> A good password has to be something a user can remember.

    >
    > Wrong.


    Uh... no. You want to read the above again?

    The user HAS to be able to remember the password, or he'll write it
    down, which would be BAD.

    Idealy, you find a way to make the user memorize something that looks
    entirely random but isn't.

    > Then store it on the computer. Heck, 100 impossible to remember
    > different passwords for 100 different purposes in a database encrypted
    > with one rememberable password is still better than not using
    > different passwords and/or using weak ones.


    OK, who are you, and what did you do to Sebastian?

    Writing down passwords, even encrypted in a file, isn't as secure as
    memorizing them.

    > At any rate, the problem with this password generator is that unless
    > you read the script code on the website, you can't even be sure that
    > the owner of this website doesn't get known to your password as well,
    > or if its generation method doesn't contain any backdoors (like
    > password=encrypt(RSA-ECC,public_key,SHA1(count++))).


    That's true, of course.

    If you want to generate a hard-to-get password, think of a sentence
    that you can remember, and then only use the first letter of every word
    (or the first of the first word, second of the second word...)
    Juergen Nieveler
    --
    "I was raised in the West. The west of Texas. It's pretty close to
    California. In more ways than Washington, D.C., is close to California."
    George W. Bush --Los Angeles Times, April 8, 2000
    Juergen Nieveler, Jul 15, 2007
    #8
  9. RH

    Robert Guest

    On Sun, 15 Jul 2007 14:52:29 -0500, RH wrote:

    > Thanks guys - that's a relief...
    >
    > Previous Linksys router I owned showed all ports as stealth, what gives with
    > the change from stealth to closed? Was it the migration to Vista, the ISP,
    > or the different Router?
    >
    > Just curious....
    > rh


    The difference between Stealth and Close is this;

    Closed: Device reports back that the port is closed.

    Stealth: Device reports back nothing.

    Without knowing your setup anyone would be hard pressed to tell you why
    this has changed. I don't believe the ISP is at fault here as they
    usually pass everything on unless they are some mom&pop shop that blocks
    things.

    So this leaves us with 2 things.... the router and Vista. If the router
    was configured to pass everything onto Vista (DMZ Setup) then it's Vista
    that is reporting back that the port is closed. If the DMZ is not setup
    then it is the router. I would start by looking at the router and ensure
    that it is setup the way you want.


    --

    Regards
    Robert

    Smile... it increases your face value!


    ----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
    http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
    ----= East and West-Coast Server Farms - Total Privacy via Encryption =----
    Robert, Jul 16, 2007
    #9
  10. RH

    Todd H. Guest

    "RH" <> writes:

    > Thanks guys - that's a relief...
    >
    > Previous Linksys router I owned showed all ports as stealth, what
    > gives with the change from stealth to closed? Was it the migration to
    > Vista, the ISP, or the different Router?


    If the router changed, it's a fairly safe bet that it, as the internet
    facing device is the reason for the observed change in behavior.

    It's unlikely that the change to Vista on the LAN side of a home
    gateway is a factor at all.

    If you post the model and revision of your router, perhaps those with
    that router can confirm or deny your grc.com results.

    A router that quietly drops inbound probes is a nice-to-have, but how
    much additional security it affords vs a router reporting actively
    back with closed is a matter of debate.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/
    Todd H., Jul 16, 2007
    #10
  11. RH

    dc Guest

    Not my idea, but...
    I use it for my router and someother things
    I copy and paste it into the router after tweaking
    Paste it into Notetab
    print it
    and put it in my fire safe

    Doesn't really make any difference on like the router
    What I usually do about it later is simply reset it in the back
    and then usually unplug it to dump the cache

    good day,
    dc



    "jc" <> wrote in message
    news:KNrmi.321968$...
    > dc wrote:
    > > You probably already know this, but here is the GRC Ultra Password site
    > > https://www.grc.com/passwords.htm
    > >
    > > dc
    > >

    > Are they serious? A good password has to be something a user can
    > remember. Even written on paper, nobody could type these without making
    > errors.
    >
    >
    > jc
    >
    >
    > >
    > > "RH" <> wrote in message
    > > news:469983a1$0$4928$...
    > >> grc.com shows I have a lot of ports showing to be closed, but not

    stealth.
    > >> Using new Linksys router on Vista...
    > >>
    > >> Is it a threat, can the ports be stealthed?
    > >>

    > >
    > >
    dc, Jul 16, 2007
    #11
  12. RH

    Sebastian G. Guest

    jc wrote:


    > You're only as strong as your weakest link. What good would it be to
    > have 64 char passwords if your db only required say, 16 chars?



    Change the database.
    Sebastian G., Jul 16, 2007
    #12
  13. RH

    Sebastian G. Guest

    Juergen Nieveler wrote:


    > The user HAS to be able to remember the password, or he'll write it
    > down, which would be BAD.



    Writing down passwords is not bad. The purpose of passwords is to be
    infeasible to guess by the attacker, which includes making it infeasible to
    get hold of where the password is written down.

    > Writing down passwords, even encrypted in a file, isn't as secure as
    > memorizing them.



    But writing down a strong password is way more secure than memorizing a weak
    on. Since memorizing a strong password typically is no serious option...

    > If you want to generate a hard-to-get password, think of a sentence
    > that you can remember, and then only use the first letter of every word
    > (or the first of the first word, second of the second word...)


    Or simply take the whole sentence, which is no less secure but easier to
    remember and type.
    Sebastian G., Jul 16, 2007
    #13
  14. "Sebastian G." <> wrote:

    >> If you want to generate a hard-to-get password, think of a sentence
    >> that you can remember, and then only use the first letter of every word
    >> (or the first of the first word, second of the second word...)

    >
    > Or simply take the whole sentence, which is no less secure but easier
    > to remember and type.


    Except when the application or OS only accepts 8-letter-passwords and
    simply discards the rest. Without telling you, of course... as was
    recently the case with AOL.

    Juergen Nieveler
    --
    Aural sex produces eargasms
    Juergen Nieveler, Jul 16, 2007
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jack lift
    Replies:
    7
    Views:
    1,836
    Waterperson77
    Dec 9, 2003
  2. Alix

    Firewall shows ports being used in sqeuence

    Alix, Dec 5, 2005, in forum: Computer Security
    Replies:
    12
    Views:
    1,649
    Wolfgang Kueter
    Dec 8, 2005
  3. NewScanner
    Replies:
    9
    Views:
    934
    NewScanner
    Jan 16, 2007
  4. Replies:
    3
    Views:
    827
    Richard Karash
    Aug 9, 2008
  5. Kicker24
    Replies:
    0
    Views:
    531
    Kicker24
    Jun 21, 2009
Loading...

Share This Page