You can check how well protected you are by using shields up! here
I tested myself with my firewall on - and then again with it off.
heh the results with the firewall in place ::: all passed
results without firewall ::: very scary oO
v_Ln
Printable View
You can check how well protected you are by using shields up! here
I tested myself with my firewall on - and then again with it off.
heh the results with the firewall in place ::: all passed
results without firewall ::: very scary oO
v_Ln
Oh yeah baby.Quote:
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
wohooooQuote:
One or more ports on this system are operating in FULL STEALTH MODE!
Ports found to be OPEN were: 1025, 5000 :(
Other than what is listed above, all ports are CLOSED. except 135, 139, 445 wich are stealth.
w00t.Quote:
Results from scan of ports: 0-1055
1 Ports Open
1049 Ports Closed
6 Ports Stealth
---------------------
1056 Ports Tested
Messegner port blocked. No pop-up messeges :D
ok here is the scary part
I dont have a firewall installed, i dont have internet secuirt installed, i dont have an Anti Virus. I remove most of them by hand. My computer setting that I did set up seem to be secure even without a firewall.
/me goes installs Firewall and AV now.
You can never be secure enough:)
That's not fair, it seems as if you run a service like a webserver, then you fail no matter what. Maybe mine is just configured wrong. Does anyone else have a service such as ftp or http that can verify that you automatically fail just from running one of these?
:( I'm a failure.
Oh, am i good or what?
:D :DQuote:
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
slick
[edit] same with and without a firewall :D [/edit]
Only DCOM port 1025 was open. Everything else ws green lights all the way.
Norton Internet Security didn't pick up a portscan, though. That's strange, because it usually does.
Maybe it though there was a connected state between this computer and the ShieldsUp! site and allowed it. But all the ports were stealthed anyway, so I don't need to worry.
Blue lights all the way, apart from a couple of ports which were stealthed. But then I'm behind a router with a built-in firewall so I'd expect that to be the case. ;)
Btw, I've not changed any settings since I put the router in place, so I'm quite impressed that it didn't have any open ports 'out of the box'. Anyway, using NAT means that you can only hit my router with ping floods etc. - I'm sure it would take a lot of effort to actually hit anything on my private network.
One thing to note when using these web based scans is the IP address being scanned. The scan could be directed at a device or proxy server upstream never actually reaching your box(es).
I have to port forward TCP port 113 (ident) from my router to a non existing IP address to achieve 'stealth' at the router.
I love the quote on the shields up page...
"... The text below might uniquely identify you on the internet..."
then it shows my IP address....
MIGHT identify me???? I WANT it to identify me. It HAS to identify me or i can't get anything done online...
just a random observation... i've used shields up many times and it provides a handy service
The grc scan showed no services (last time it showed my ports as a seemingly random mix of closed/stealth). The sygate online scan http://scan.sygatetech.com/ showed my ssh (behind a router). Obviously sygate scan has something that grc does not. Besides the fact that sygate offers far more flexibillity. (i am a little biased against the hype filled grc site)
I show completely stealthed with both scans. Im behind a router and each machine also has a software firewall installed.
Here is a scan of my system from 2003-12-14 . This was done with the firewall off, and then another with the firewall on. (copied from my web site at: http://www.freewebs.com/moxnix/ )
Quote:
Here is a comparison of a port scan of my box, with the firewall turned off on the first one and then turned on on the second one. Note: my system is a very secure system, even with the firewall off. I have disabled all netbios and turned off all un-necessary services.
Firewall off:
GRC Port Authority Report created on UTC: 2003-12-14 at 22:25:23
Results from scan of ports: 0-1055
1 Ports Open
1048 Ports Closed
7 Ports Stealth
---------------------
1056 Ports Tested
The port found to be OPEN was: 1025
Ports found to be STEALTH were: 135, 136, 137, 138, 139, 445,
593
Other than what is listed above, all ports are CLOSED.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
And this with the Firewall on:
GRC Port Authority Report created on UTC: 2003-12-14 at 22:29:40
Results from scan of ports: 0-1055
0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
From the ShieldsUp! page:
Hmm, I'm running Linux behind a D-Link router, and to the best of my knowledge neither of those use Windows networking technology. ;)Quote:
Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment!
w00t!!
i'm steath yes :D
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
haha i passed on all tests. shields up is a good resource that i have been using alot recently, thanks for letting the other users know about it :D
WOOT our system is.
"All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet."
Our system rocks...
/me wonders what the hell Nightfall has running on it other then Norton
Nightfalls_Girl
I also passed their little tests... though, they couldn't really test my PC(s) because it is behind a cisco router that I'm using as my border firewall. I do have open ports on that... but they are restricted via ACLs to only allow certain subnets. I even tried disabling the firewalls on the PCs and just letting the boarder firewall be the only protection. Same results each time.
The ports that are forwared on the router then hit a firewall on my server, along with tcp wrappers, port sentry, and really strict password policies, amongs all the other good stuff.
The rest of my clients all have a software firewall and av.
My goal is to setup my wired network separate from my wireless network (different subnets) but still get internet access from my router and allow printing to my network printer. Some simple ACLs can take care of that.
If I can get the switch working (trying to recover it from water damage...), then I can separate it further with vlans...
Its really quite fun setting up all this with major restrictions, but still working just fine. Quite a nice little challenge, really.
Yeah, you do fail if you run a server of any sort (as I do)...
I'm running Apache... Hrm... I've seen this website before and it is geared to the average home user. I remember installing PWS on my 98 Box many years ago because I was in so despirate need of a web server at the time. I didn't get owned, but I realized that PWS didn't like PHP so I switched to Apache... :)Quote:
80
HTTP
OPEN! The web is so insecure these days that new security "exploits" are being discovered almost daily. There are many known problems with Microsoft's Personal Web Server (PWS) and its Frontpage Extensions that many people run on their personal machines. So having port 80 "open" as it is here causes intruders to wonder how much information you might be willing to give away.
I did it again after locking my PC done some - without firewall.
All ports closed except 135 :(
Tim_Axe :: I ahve a webserver running as well - but its not configured to alow outside connections - I just use it to test php and stuff before uploading to remote host :)
v_Ln
hi,
had clean insatall the other day so i was interested to see how i will go with this test as before i was disabling services and this and that so this time i didnt do much of "homework" on it.have zone alarm on it-happy with result: NO BAD FOR A NEWBIE
LEARNT SOMETHING HERE. BIG THANKYOU TO YOUR GUYS.KEEP A GOOD WORK
Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet!
Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
0
<nil>
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
21
FTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
22
SSH
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
23
Telnet
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
25
SMTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
79
Finger
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
80
HTTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
110
POP3
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
113
IDENT
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
119
NNTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
135
RPC
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
139
Net
BIOS
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
143
IMAP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
389
LDAP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
443
HTTPS
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
445
MSFT
DS
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1002
ms-ils
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1024
DCOM
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1025
Host
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1026
Host
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1027
Host
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1028
Host
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1029
Host
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1030
Host
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
1720
H.323
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
5000
UPnP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
Hello. I joined this forum to get help with internet security. There is person who has broken into my pc. He also had physical access to it before I knew it was him.
I wiped my hard drive and install zonealarm pro. He got in as if it was nothing anyway.
What else can I do to keep him out?
Trinity7
Trinity : when you say wiped your HD what do you mean. Did you do a complete format and reinstal of everything? Is your firewall configured correctly?? Have you got an AVP (anti-virus prog) in place and have you done a complete scan? have you checked for trojans with something like the cleaner??
Have you checked for any open ports on your PC?
v_Ln
more information please!!!!!!!!!!
does he still have physical access to it?(if he does check users in control panel set them to limited acount or delete ones you dont recognize.(you can do this going to control panel/users or control panel/administrative tools/computer managment/local users and groups( in left)/users
which operating system you use?
do you use password?
did you put administrative password when install?
its a lot of ways he/she can brake in your pc
be little bit more specific please
Who's the man? ME! I'm lovin' it.Quote:
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
Shields up sucks. There are better ones, but the only reliable one I'v found, altho not web-based is Nessus.
just passed the test thx
have a nice day
just ran the sygate scan for the first time and everything was blocked.
grc came back stealth as well. i guess kerio personal firewall does a pretty good job.
I am running Windows 98. I have McAfee Virus protection, McAfee Cleaner, McAfee firewall, and Zone Alarm Pro. I have a hard disk pass word and one user name for windows.
I use AOL as my ISP and then I tried Anonymizer.com.
I reformatted the hard drive and reinstalled everything fresh and he still got in.
He did initially have physical access to my computer but now he doesn't.
I tried to configure everything properly.
This guy hacks into my computer no matter what I do.
Thanks for the link! It would appear that I've got quite a bit of work to do!
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.
Oh well, back to reading until my eyes bleed.
Labchick64
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
Its always nice when you get that, long time since I ran ShieldsUp considering it was one of the first things I was directed to at AO that scared me.
i just ran the tests and got perfect too but i was interested what would happen if i took down tiny... two simple clicks later, i retested and boy did i fail... thank god for tiny's great firewall... =)
with tiny:
without tiny:Quote:
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
=) tiny is great! =)Quote:
Solicited TCP Packets: RECEIVED (FAILED) — As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection. It is generally possible to increase your system's security by hiding it from the probes of potentially hostile hackers. Please see the details presented by the specific port links below, as well as the various resources on this site, and in our extremely helpful and active user community.
Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
Ping Echo: PASSED — Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests) from our server.
I failed all over the place. Port 22, 54, 80, 443. God what should I do?
I am running Windows 98. I have McAfee Virus protection, McAfee Cleaner, McAfee firewall, and Zone Alarm Pro. I have a hard disk pass word and one user name for windows.
I use AOL as my ISP and then I tried Anonymizer.com.
I reformatted the hard drive and reinstalled everything fresh and he still got in.
He did initially have physical access to my computer but now he doesn't.
I tried to configure everything properly.
This guy hacks into my computer no matter what I do.
What can I do to keep him out?
I am running Windows 98. I have McAfee Virus protection, McAfee Cleaner, McAfee firewall, and Zone Alarm Pro. I have a hard disk pass word and one user name for windows.
I use AOL as my ISP and then I tried Anonymizer.com.
I reformatted the hard drive and reinstalled everything fresh and he still got in.
He did initially have physical access to my computer but now he doesn't.
I tried to configure everything properly.
This guy hacks into my computer no matter what I do.
What can I do to keep him out?
I have always used NMAP from a remote loacation to do my security test. Its the only tool I really trust.
trinity7 - You should probably ask this question in Newbie Security Questions -> http://www.antionline.com/newthread....ead&forumid=56 - I even linked it to start a new thread. Anways, after your clean format, you needed to get all of the updates with Windows Update and you will at the least be much better off, or make it a little harder. To prevent him from hacking your PC, just get a firewall (like Tiny, or any others mentioned) and block his computer from connecting to yours, and block ports that ShieldsUp! says you have open. And using a proxy won't really help you against hack attacks or viruses, since they are made for a different reason...
Personally I don't have too much use for a website that scans for ports that I have open (special case: running a web server - see sig), but I do not question their good (since they are great) for people who are learning about computer security. It makes learning much more personal when you see that you are open. I know which ports I have open, since my router is setup to redirect/forward those ports to my server on my LAN, so stuff like nessus is much better since there are ports that I *must* have open, since nessus not only finds out what is open, but can be configued to attack those ports and tell you what vulnerabilities you need to deal with. Sort of a level up once you've decided that you understand ports and the programs that use them well enough that you know that you want to have one or two open.
ThePreacher - You don't happen to be running your own HTTP/HTTPS and SSH and DNS server on your machine do you? If not..., it could be the way your ISP (or work place, if at work) is setup... If it is your ISP, either they are very limited in IP addresses (Having their own servers & end user IP the same one), or something... I don't know for sure if it is good (or bad) to have all of that under a single IP address setup the way I described it, so I sort of hope they did that on purpose, or there are some advantage to it... Then again, it could be a proxy they run (and you use), or just something they deal with at their router(s)...
odd,
this may sound stupid, but...
i ran shields up, and every port, except 113 (which was closed) came back as stealthed???
I'm a bit confused, because i'm behind a router (only game ports are open) and zonealarm (only IE and games are allowed)...
it says i failed because i responed to a ping? How do i correct that, i was under the impression that ZA would block pings.
Thanks
Im sorry my sarcastic side takes over at times. Yes I do indeed run all the services you listed. These were the only ports open on my computer thanks to shorewall.Quote:
Originally posted here by Tim_axe
ThePreacher - You don't happen to be running your own HTTP/HTTPS and SSH and DNS server on your machine do you? If not..., it could be the way your ISP (or work place, if at work) is setup... If it is your ISP, either they are very limited in IP addresses (Having their own servers & end user IP the same one), or something... I don't know for sure if it is good (or bad) to have all of that under a single IP address setup the way I described it, so I sort of hope they did that on purpose, or there are some advantage to it... Then again, it could be a proxy they run (and you use), or just something they deal with at their router(s)... [/B]
TheTempest> Your router was probably responding to those probes and not ZA. You will need to see in your routers doc if you can connect to the routers interface and enable SPI or port forwarding (for TCP 113 not ICMP) to show 'stealth'.
Hmmm....this is wierd! With and without my firewall I have recieved the same response:I think maybe my router has another firewall that can only be turned off when the router is shut down. I'm not sure about this though because one should be able to administer the settings of any firewall from the OS. Any ideas?!Quote:
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
GRC Port Authority Report created on UTC: 2004-01-02 at 02:26:25
Results from scan of ports: 0-1055
0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Find the LAN side IP address of the gateway and make it a url like http://192.168.1.1
Then from your browser you should be able to configure it. Your routers documentaion will say what it supports.