port scan shows ports not stealthed

Discussion in 'Computer Security' started by RH, Jul 15, 2007.

  1. RH

    RH Guest

    grc.com shows I have a lot of ports showing to be closed, but not stealth.
    Using new Linksys router on Vista...

    Is it a threat, can the ports be stealthed?
     
    RH, Jul 15, 2007
    #1
    1. Advertisements

  2. Probably, but stealth is nonsense.

    There are other much more important things to consider, like changing
    the default password of the router,
     
    Straight Talk, Jul 15, 2007
    #2
    1. Advertisements

  3. RH

    dc Guest

    dc, Jul 15, 2007
    #3
  4. RH

    jc Guest

    Are they serious? A good password has to be something a user can
    remember. Even written on paper, nobody could type these without making
    errors.


    jc
     
    jc, Jul 15, 2007
    #4
  5. RH

    Sebastian G. Guest


    Obviously not. You look at the domain name.

    Then store it on the computer. Heck, 100 impossible to remember different
    passwords for 100 different purposes in a database encrypted with one
    rememberable password is still better than not using different passwords
    and/or using weak ones.

    At any rate, the problem with this password generator is that unless you
    read the script code on the website, you can't even be sure that the owner
    of this website doesn't get known to your password as well, or if its
    generation method doesn't contain any backdoors (like
    password=encrypt(RSA-ECC,public_key,SHA1(count++))).
     
    Sebastian G., Jul 15, 2007
    #5
  6. RH

    RH Guest

    Thanks guys - that's a relief...

    Previous Linksys router I owned showed all ports as stealth, what gives with
    the change from stealth to closed? Was it the migration to Vista, the ISP,
    or the different Router?

    Just curious....
    rh
     
    RH, Jul 15, 2007
    #6
  7. RH

    jc Guest

    You're only as strong as your weakest link. What good would it be to
    have 64 char passwords if your db only required say, 16 chars?


    jc
     
    jc, Jul 15, 2007
    #7
  8. Uh... no. You want to read the above again?

    The user HAS to be able to remember the password, or he'll write it
    down, which would be BAD.

    Idealy, you find a way to make the user memorize something that looks
    entirely random but isn't.
    OK, who are you, and what did you do to Sebastian?

    Writing down passwords, even encrypted in a file, isn't as secure as
    memorizing them.
    That's true, of course.

    If you want to generate a hard-to-get password, think of a sentence
    that you can remember, and then only use the first letter of every word
    (or the first of the first word, second of the second word...)
    Juergen Nieveler
     
    Juergen Nieveler, Jul 15, 2007
    #8
  9. RH

    Robert Guest

    The difference between Stealth and Close is this;

    Closed: Device reports back that the port is closed.

    Stealth: Device reports back nothing.

    Without knowing your setup anyone would be hard pressed to tell you why
    this has changed. I don't believe the ISP is at fault here as they
    usually pass everything on unless they are some mom&pop shop that blocks
    things.

    So this leaves us with 2 things.... the router and Vista. If the router
    was configured to pass everything onto Vista (DMZ Setup) then it's Vista
    that is reporting back that the port is closed. If the DMZ is not setup
    then it is the router. I would start by looking at the router and ensure
    that it is setup the way you want.


    --

    Regards
    Robert

    Smile... it increases your face value!
     
    Robert, Jul 16, 2007
    #9
  10. RH

    Todd H. Guest

    If the router changed, it's a fairly safe bet that it, as the internet
    facing device is the reason for the observed change in behavior.

    It's unlikely that the change to Vista on the LAN side of a home
    gateway is a factor at all.

    If you post the model and revision of your router, perhaps those with
    that router can confirm or deny your grc.com results.

    A router that quietly drops inbound probes is a nice-to-have, but how
    much additional security it affords vs a router reporting actively
    back with closed is a matter of debate.

    Best Regards,
     
    Todd H., Jul 16, 2007
    #10
  11. RH

    dc Guest

    Not my idea, but...
    I use it for my router and someother things
    I copy and paste it into the router after tweaking
    Paste it into Notetab
    print it
    and put it in my fire safe

    Doesn't really make any difference on like the router
    What I usually do about it later is simply reset it in the back
    and then usually unplug it to dump the cache

    good day,
    dc
     
    dc, Jul 16, 2007
    #11
  12. RH

    Sebastian G. Guest

    jc wrote:


    Change the database.
     
    Sebastian G., Jul 16, 2007
    #12
  13. RH

    Sebastian G. Guest

    Juergen Nieveler wrote:


    Writing down passwords is not bad. The purpose of passwords is to be
    infeasible to guess by the attacker, which includes making it infeasible to
    get hold of where the password is written down.

    But writing down a strong password is way more secure than memorizing a weak
    on. Since memorizing a strong password typically is no serious option...
    Or simply take the whole sentence, which is no less secure but easier to
    remember and type.
     
    Sebastian G., Jul 16, 2007
    #13
  14. Except when the application or OS only accepts 8-letter-passwords and
    simply discards the rest. Without telling you, of course... as was
    recently the case with AOL.

    Juergen Nieveler
     
    Juergen Nieveler, Jul 16, 2007
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.