I probed my computer at grc.com and all my computer passed all the test except it siad true stealth test faild because it said
Solicited TCP Packets: RECEIVED (FAILED)
how can i increase my security ,and what are Solicited TCP Packets :confused:
April 11th, 2004, 02:21 AM
are you trying to stealth your ports? Get a firewall which does that such as Norton's Personal Firewall. I think ZA does that too but its harder to use.
April 11th, 2004, 02:34 AM
In essence ? what it means is that the computer has responded to the probe.
Wheras in stealth mode it would not.
I use NAV NetSec 2004, it comes up with a clean (stealthy) score sheet.
April 11th, 2004, 03:10 AM
Did GRC.com specify a certain port?
April 11th, 2004, 05:37 AM
Can you be a little more specific about which test failed? It's been forever since I used any of the testing there, but there is a "leak test" that is going to fail every time because you pretty much give it permission to allow the traffic it is testing for. (overly simplistic explanation, but basically not much to worry about)
Without specifics, it's a little difficult to determine what you are looking at. foxyloxey provides an adequate explanantion.
Stealthing under many situations can actually give back _more_ information than just having the port closed, especially on server system. Stealthing is just another farce from the Steve Gibson camp. If you have a system that is listening on port 80 and stealthing everything else, the attacker obviously knows that a system exists there, and using timing attacks a sophistocated attack can even determine the type of firewall you are running as stealthing adds more latency than having the port just not being open. This latency may be calculated be using a carefully constructed request to any open services. Once this is accomplished, the attacker can make a good guess about the firewall based on this data.