Scanned ports question

Discussion in 'Computer Security' started by keexer, Sep 28, 2004.

  1. keexer

    keexer Guest

    Was curious to know how my firewall is holding up since it's been a
    long time since I used one of those websites that scans/tests your
    vulnerable ports for you. So I recently visited these three sites and
    ran their ports scanner tests:
    http://vector.servehttp.com
    http://probe.hackerwatch.org
    http://www.pcflank.com

    Ever since then my firewall has shown a five-fold increase in the
    number of "alerts" that outside computers have been trying to get in.


    Is this coincedence or ....

    Also is there any software that tests if you have unwanted leakage
    *out* to the internet?
    Gina
    keexer, Sep 28, 2004
    #1
    1. Advertising

  2. keexer

    Quaoar Guest

    keexer wrote:
    > Was curious to know how my firewall is holding up since it's been a
    > long time since I used one of those websites that scans/tests your
    > vulnerable ports for you. So I recently visited these three sites and
    > ran their ports scanner tests:
    > http://vector.servehttp.com
    > http://probe.hackerwatch.org
    > http://www.pcflank.com
    >
    > Ever since then my firewall has shown a five-fold increase in the
    > number of "alerts" that outside computers have been trying to get in.
    >
    >
    > Is this coincedence or ....
    >
    > Also is there any software that tests if you have unwanted leakage
    > *out* to the internet?
    > Gina


    Are you using the Windows firewall? If so, and you are concerned with
    outbound, there are free personal firewalls available from Sygate,
    Kerio, ZoneAlarm that do monitor outbound. Frankly, the level of
    concern being voiced by "experts" about the *inbound* performance of the
    Windows firewall is cause enough for installing a third-party firewall.

    Q
    Quaoar, Sep 28, 2004
    #2
    1. Advertising

  3. keexer

    donnie Guest

    On Tue, 28 Sep 2004 12:11:55 GMT, (keexer) wrote:

    >Was curious to know how my firewall is holding up since it's been a
    >long time since I used one of those websites that scans/tests your
    >vulnerable ports for you. So I recently visited these three sites and
    >ran their ports scanner tests:
    >http://vector.servehttp.com
    >http://probe.hackerwatch.org
    >http://www.pcflank.com
    >
    >Ever since then my firewall has shown a five-fold increase in the
    >number of "alerts" that outside computers have been trying to get in.
    >
    >
    >Is this coincedence or ....
    >
    >Also is there any software that tests if you have unwanted leakage
    >*out* to the internet?
    >Gina

    #########################
    Next time port scan your own PC or have a friend do it. Keep an eye
    on the output from netstat -an Pay attention to connections in the
    foreign address column.
    donnie, Sep 28, 2004
    #3
  4. keexer

    David Norris Guest

    keexer wrote:

    > Was curious to know how my firewall is holding up since it's been a
    > long time since I used one of those websites that scans/tests your
    > vulnerable ports for you. So I recently visited these three sites and
    > ran their ports scanner tests:
    > http://vector.servehttp.com
    > http://probe.hackerwatch.org
    > http://www.pcflank.com
    >
    > Ever since then my firewall has shown a five-fold increase in the
    > number of "alerts" that outside computers have been trying to get in.
    >
    >
    > Is this coincedence or ....
    >
    > Also is there any software that tests if you have unwanted leakage
    > *out* to the internet?
    > Gina


    The easiest way is to run a portscan of a remote machine (with the owner's
    permission, of course!). Make sure that you get the IP address right. If
    that machine's not using a firewall of any kind (and is in the DMZ if
    behind a router or gateway) then a passive IDS such as Snort should record
    accurate results. DN
    David Norris, Sep 29, 2004
    #4
  5. keexer

    Jay Calvert Guest

    I wouldn't just let any service scan my system. You don't know what they are
    recording about you. Imagine if they found out you had port 137 or 139
    open, They could very easily gain access to your files. Knowing that you
    either won't do anything about it, or will take time before you get a proper
    firewall in place.

    The only trusted source for a portscan is GRC.com or even the Symantec site
    has a scanner.

    Jay
    http://habaneronetworks.com

    "keexer" <> wrote in message
    news:...
    > Was curious to know how my firewall is holding up since it's been a
    > long time since I used one of those websites that scans/tests your
    > vulnerable ports for you. So I recently visited these three sites and
    > ran their ports scanner tests:
    > http://vector.servehttp.com
    > http://probe.hackerwatch.org
    > http://www.pcflank.com
    >
    > Ever since then my firewall has shown a five-fold increase in the
    > number of "alerts" that outside computers have been trying to get in.
    >
    >
    > Is this coincedence or ....
    >
    > Also is there any software that tests if you have unwanted leakage
    > *out* to the internet?
    > Gina
    Jay Calvert, Oct 1, 2004
    #5
  6. keexer

    Mark Guest

    Jay Calvert wrote:
    > I wouldn't just let any service scan my system. You don't know what they are
    > recording about you. Imagine if they found out you had port 137 or 139
    > open, They could very easily gain access to your files. Knowing that you
    > either won't do anything about it, or will take time before you get a proper
    > firewall in place.
    >
    > The only trusted source for a portscan is GRC.com or even the Symantec site
    > has a scanner.
    >
    > Jay
    > http://habaneronetworks.com
    >
    > "keexer" <> wrote in message
    > news:...
    >
    >>Was curious to know how my firewall is holding up since it's been a
    >>long time since I used one of those websites that scans/tests your
    >>vulnerable ports for you. So I recently visited these three sites and
    >>ran their ports scanner tests:
    >>http://vector.servehttp.com
    >>http://probe.hackerwatch.org
    >>http://www.pcflank.com
    >>
    >>Ever since then my firewall has shown a five-fold increase in the
    >>number of "alerts" that outside computers have been trying to get in.
    >>
    >>
    >>Is this coincedence or ....
    >>
    >>Also is there any software that tests if you have unwanted leakage
    >>*out* to the internet?
    >>Gina

    >
    >
    >

    Personally, I wouldn't put stock in anything having to do with Mr.
    Gibson either. (grc.com)
    Mark, Oct 1, 2004
    #6
  7. keexer

    keexer Guest

    I'm going to try Symantec's.
    Those three sites I mentioned reported all my ports are secure. But
    they may be crooked as a dog's hind leg. I understand now.

    By the way as soon as I reported my experience to this and other
    newsgroups, the scans of my ports stopped.

    Coincidence or ........???
    Gina
    keexer, Oct 2, 2004
    #7
  8. keexer

    Kerry Liles Guest

    "Mark" <> wrote in message
    news:jDh7d.92109$wV.35030@attbi_s54...
    > Jay Calvert wrote:
    > > I wouldn't just let any service scan my system. You don't know what they

    are
    > > recording about you. Imagine if they found out you had port 137 or 139
    > > open, They could very easily gain access to your files. Knowing that

    you
    > > either won't do anything about it, or will take time before you get a

    proper
    > > firewall in place.
    > >
    > > The only trusted source for a portscan is GRC.com or even the Symantec

    site
    > > has a scanner.
    > >
    > > Jay
    > > http://habaneronetworks.com
    > >
    > > "keexer" <> wrote in message
    > > news:...
    > >
    > >>Was curious to know how my firewall is holding up since it's been a
    > >>long time since I used one of those websites that scans/tests your
    > >>vulnerable ports for you. So I recently visited these three sites and
    > >>ran their ports scanner tests:
    > >>http://vector.servehttp.com
    > >>http://probe.hackerwatch.org
    > >>http://www.pcflank.com
    > >>
    > >>Ever since then my firewall has shown a five-fold increase in the
    > >>number of "alerts" that outside computers have been trying to get in.
    > >>
    > >>
    > >>Is this coincedence or ....
    > >>
    > >>Also is there any software that tests if you have unwanted leakage
    > >>*out* to the internet?
    > >>Gina

    > >
    > >
    > >

    > Personally, I wouldn't put stock in anything having to do with Mr.
    > Gibson either. (grc.com)


    Would you care to elaborate why not? Are you just spreading FUD or do you
    have some legitimate issue (technical or otherwise?).
    Kerry Liles, Oct 4, 2004
    #8
  9. keexer

    Mark Guest

    Kerry Liles wrote:
    > "Mark" <> wrote in message
    > news:jDh7d.92109$wV.35030@attbi_s54...
    >
    >>Jay Calvert wrote:
    >>
    >>>I wouldn't just let any service scan my system. You don't know what they

    >
    > are
    >
    >>>recording about you. Imagine if they found out you had port 137 or 139
    >>>open, They could very easily gain access to your files. Knowing that

    >
    > you
    >
    >>>either won't do anything about it, or will take time before you get a

    >
    > proper
    >
    >>>firewall in place.
    >>>
    >>>The only trusted source for a portscan is GRC.com or even the Symantec

    >
    > site
    >
    >>>has a scanner.
    >>>
    >>>Jay
    >>>http://habaneronetworks.com
    >>>
    >>>"keexer" <> wrote in message
    >>>news:...
    >>>
    >>>
    >>>>Was curious to know how my firewall is holding up since it's been a
    >>>>long time since I used one of those websites that scans/tests your
    >>>>vulnerable ports for you. So I recently visited these three sites and
    >>>>ran their ports scanner tests:
    >>>>http://vector.servehttp.com
    >>>>http://probe.hackerwatch.org
    >>>>http://www.pcflank.com
    >>>>
    >>>>Ever since then my firewall has shown a five-fold increase in the
    >>>>number of "alerts" that outside computers have been trying to get in.
    >>>>
    >>>>
    >>>>Is this coincedence or ....
    >>>>
    >>>>Also is there any software that tests if you have unwanted leakage
    >>>>*out* to the internet?
    >>>>Gina
    >>>
    >>>
    >>>

    >>Personally, I wouldn't put stock in anything having to do with Mr.
    >>Gibson either. (grc.com)

    >
    >
    > Would you care to elaborate why not? Are you just spreading FUD or do you
    > have some legitimate issue (technical or otherwise?).
    >
    >
    >
    >

    True, I agree, I should actually say something when I post. I
    apologize. I'm thinking I was just tired when I posted that.

    But, it's funny you use the acronym FUD, because that is exactly the
    issue I have with the information posted at grc.com. While the
    technical information that is posted there is (mostly) accurate, you
    have to wade though an awful lot of media hype and sensationalism to get
    to it.

    Back to the original subject though, I do think the OP is probably safe
    using the SheildsUP! service. I do think there are better alternatives
    though. If all you want is a port scan consider asking someone you
    personally know and trust to install Nmap and scan you.

    If you are interested in outbound "leakage" when browsing web sites, the
    issue is mostly with the browser, not the firewall. If you can browse
    the web, you have already allowed the browser to send information out,
    no matter what firewall you are using. What it sends is up to the
    browser (and the active content it allows). Try different tests whether
    from pcflank.com or grc.com. You will get different results depending
    on which browser you use. If you see something you don't like, start
    locking down your browser settings.

    Mark
    Mark, Oct 5, 2004
    #9
  10. keexer

    Kerry Liles Guest

    I would agree that there is a lot of marketing hype on grc.com but, by way
    of a mild defence of that, I would argue there are SO many clueless people
    out there with computers on the Internet - some sort of attention-grabbing
    is rather important. Yes, I too get tired of some of the colour scheme
    things and hand waving, but then, I have spent a lot of time rebuilding
    neighbour's computers and networks after a serious infestation.

    Your advice to the OP is very valid and good.

    Regards,
    Kerry


    "Mark" <> wrote in message
    news:CWn8d.188539$D%.145266@attbi_s51...
    > Kerry Liles wrote:
    > > "Mark" <> wrote in message
    > > news:jDh7d.92109$wV.35030@attbi_s54...
    > >
    > >>Jay Calvert wrote:
    > >>
    > >>>I wouldn't just let any service scan my system. You don't know what

    they
    > >
    > > are
    > >
    > >>>recording about you. Imagine if they found out you had port 137 or 139
    > >>>open, They could very easily gain access to your files. Knowing that

    > >
    > > you
    > >
    > >>>either won't do anything about it, or will take time before you get a

    > >
    > > proper
    > >
    > >>>firewall in place.
    > >>>
    > >>>The only trusted source for a portscan is GRC.com or even the Symantec

    > >
    > > site
    > >
    > >>>has a scanner.
    > >>>
    > >>>Jay
    > >>>http://habaneronetworks.com
    > >>>
    > >>>"keexer" <> wrote in message
    > >>>news:...
    > >>>
    > >>>
    > >>>>Was curious to know how my firewall is holding up since it's been a
    > >>>>long time since I used one of those websites that scans/tests your
    > >>>>vulnerable ports for you. So I recently visited these three sites and
    > >>>>ran their ports scanner tests:
    > >>>>http://vector.servehttp.com
    > >>>>http://probe.hackerwatch.org
    > >>>>http://www.pcflank.com
    > >>>>
    > >>>>Ever since then my firewall has shown a five-fold increase in the
    > >>>>number of "alerts" that outside computers have been trying to get in.
    > >>>>
    > >>>>
    > >>>>Is this coincedence or ....
    > >>>>
    > >>>>Also is there any software that tests if you have unwanted leakage
    > >>>>*out* to the internet?
    > >>>>Gina
    > >>>
    > >>>
    > >>>
    > >>Personally, I wouldn't put stock in anything having to do with Mr.
    > >>Gibson either. (grc.com)

    > >
    > >
    > > Would you care to elaborate why not? Are you just spreading FUD or do

    you
    > > have some legitimate issue (technical or otherwise?).
    > >
    > >
    > >
    > >

    > True, I agree, I should actually say something when I post. I
    > apologize. I'm thinking I was just tired when I posted that.
    >
    > But, it's funny you use the acronym FUD, because that is exactly the
    > issue I have with the information posted at grc.com. While the
    > technical information that is posted there is (mostly) accurate, you
    > have to wade though an awful lot of media hype and sensationalism to get
    > to it.
    >
    > Back to the original subject though, I do think the OP is probably safe
    > using the SheildsUP! service. I do think there are better alternatives
    > though. If all you want is a port scan consider asking someone you
    > personally know and trust to install Nmap and scan you.
    >
    > If you are interested in outbound "leakage" when browsing web sites, the
    > issue is mostly with the browser, not the firewall. If you can browse
    > the web, you have already allowed the browser to send information out,
    > no matter what firewall you are using. What it sends is up to the
    > browser (and the active content it allows). Try different tests whether
    > from pcflank.com or grc.com. You will get different results depending
    > on which browser you use. If you see something you don't like, start
    > locking down your browser settings.
    >
    > Mark
    Kerry Liles, Oct 5, 2004
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MaK

    Saving Scanned Docs

    MaK, Aug 31, 2003, in forum: Computer Support
    Replies:
    3
    Views:
    476
    Kraftee
    Aug 31, 2003
  2. Look in my eyes and you'll find me

    Norton Anti-Virus 2002. How Can i have emails scanned on entry to my inbox

    Look in my eyes and you'll find me, Aug 31, 2003, in forum: Computer Support
    Replies:
    4
    Views:
    562
  3. Twixer

    How to change a scanned doc?

    Twixer, Oct 16, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    1,041
  4. reid decker

    save an send scanned pictures

    reid decker, Feb 3, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    1,691
    Boomer
    Feb 7, 2004
  5. Mike
    Replies:
    27
    Views:
    1,341
Loading...

Share This Page