Security & Ports.

Discussion in 'Computer Security' started by The One, Mar 21, 2007.

  1. The One

    The One Guest

    Today I did an online security test on the Symantec website. The results
    showed that most of my common ports were either open or closed.
    I then did the same test on the Shields Up website and the results showed
    all my ports to be stealth.
    Yesterday while online NAV reported an intrusion attempt on port 1476 by
    NMap Xmas Scan, the attempted intrusion was blocked.
    I have 3 questions.
    Firstly why does the symantec site report the ports status to be different
    to the shields up site?
    Secondly if my ports are stealth is it possible for a scanner to see my
    machine on the internet?
    Thirdly is it possible that my linksys router firewall ingnored the scanner
    and it was in fact the symantec software that responed thus making me
    visable on the internet.

    Many thanks....
    The One, Mar 21, 2007
    #1
    1. Advertising

  2. The One

    Rick Merrill Guest

    The One wrote:
    > Today I did an online security test on the Symantec website. The results
    > showed that most of my common ports were either open or closed.


    Actually?-!

    > I then did the same test on the Shields Up website and the results showed
    > all my ports to be stealth.


    That means they don't respond with a NAK.

    > Yesterday while online NAV reported an intrusion attempt on port 1476 by
    > NMap Xmas Scan, the attempted intrusion was blocked.
    > I have 3 questions.
    > Firstly why does the symantec site report the ports status to be different
    > to the shields up site?




    > Secondly if my ports are stealth is it possible for a scanner to see my
    > machine on the internet?


    Only if you have some ports open, i.e. you run a server.

    > Thirdly is it possible that my linksys router firewall ingnored the scanner
    > and it was in fact the symantec software that responed thus making me
    > visable on the internet.


    that's possible.
    Rick Merrill, Mar 21, 2007
    #2
    1. Advertising

  3. The One

    Todd H. Guest

    "The One" <> writes:

    > Today I did an online security test on the Symantec website. The results
    > showed that most of my common ports were either open or closed.
    > I then did the same test on the Shields Up website and the results showed
    > all my ports to be stealth.
    > Yesterday while online NAV reported an intrusion attempt on port 1476 by
    > NMap Xmas Scan, the attempted intrusion was blocked.
    > I have 3 questions.
    > Firstly why does the symantec site report the ports status to be different
    > to the shields up site?


    Good question.

    > Secondly if my ports are stealth is it possible for a scanner to see my
    > machine on the internet?


    A scanner, no. It'll look like there's nothing on that IP address to
    a scanner. Traces of you will be out there on the net in the logs of
    the web servers you visit of course.

    > Thirdly is it possible that my linksys router firewall ingnored the
    > scanner and it was in fact the symantec software that responed thus
    > making me visable on the internet.


    Do a third test. broadbandreports.com has a port scanner in their
    toolset. see what it says. It would be unusual for a hardware
    appliance to blithely allow traffic in like that. I'm inclined to
    toss the symantec scan out as erroneous.


    --
    Todd H.
    http://www.toddh.net/
    Todd H., Mar 21, 2007
    #3
  4. The One

    B. Nice Guest

    On Wed, 21 Mar 2007 16:07:57 GMT, "The One" <> wrote:

    >Today I did an online security test on the Symantec website. The results
    >showed that most of my common ports were either open or closed.


    I just checked. It correctly reported all my ports as closed.

    >I then did the same test on the Shields Up website and the results showed
    >all my ports to be stealth.
    >Yesterday while online NAV reported an intrusion attempt on port 1476 by
    >NMap Xmas Scan, the attempted intrusion was blocked.
    >I have 3 questions.
    >Firstly why does the symantec site report the ports status to be different
    >to the shields up site?


    Good question.

    >Secondly if my ports are stealth is it possible for a scanner to see my
    >machine on the internet?


    Please define "see" on the internet.

    "Closed" means a rejection message is sent back letting the sender
    know that there is no service to connect to. If you are "stealthed" no
    response is sent back. Some people think the latter is more secure. I
    don't think so. But "stealth" is a cool term for marketing people
    wanting to promote something.

    Actually the Symantec site is one of the few online scanners that
    acknowledges "closed" as a safe state.

    >Thirdly is it possible that my linksys router firewall ingnored the scanner
    >and it was in fact the symantec software that responed thus making me
    >visable on the internet.


    What do you mean by that?
    B. Nice, Mar 21, 2007
    #4
  5. The One

    Bullseye Guest

    The One wrote:

    > snip <


    Secondly if my ports are stealth is it possible for
    > a scanner to see my machine on the internet?

    --
    When you are in stealth mode, if a packet is is sent to a particular
    port, the firewall drops any packet that is not allowed by the rules.
    If this was an attempt by hacker to scan your ports, the very fact that
    the packet was dropped tells the hacker there is something there.
    Therefore, like another poster said, stealth is a marketing tool
    employed by software companies attempting to sell software firewalls.
    A closed port is just as secure as a stealthed port. The only concern
    would be the open ports. However, if the Shields Up test showed your
    ports closed, the problem was most likely with the Synmantec test
    rather than your firewall. Also, there is no such thing as being
    invisible on the Internet. It's just that there are so many easy
    targets out there not running any kind of firewall or security
    software, most hackers aren't going to waste their time trying to take
    down your firewall and get into your system. You're simply one out of
    millions out there.

    --
    Posted via a free Usenet account from http://www.teranews.com
    Bullseye, Apr 2, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AM
    Replies:
    4
    Views:
    742
  2. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    575
    COMSOLIT Messmer
    Sep 5, 2003
  3. Mike
    Replies:
    27
    Views:
    1,301
  4. Ramon F Herrera
    Replies:
    7
    Views:
    616
    DA Morgan
    Mar 3, 2007
  5. Bruce Meyer
    Replies:
    2
    Views:
    592
    Bruce Meyer
    Apr 25, 2007
Loading...

Share This Page