| ||||||
 |
| | LinkBack | Thread Tools | Display Modes |
|
#11
02-18-2007, 12:00 AM
| ||||
| ||||
| Quote:
Here are my excellent Linksys WRT54GS (with firewall)/Vista firewall with advanced firewall results. As with crabby, I am very impressed with my inbound protection combo--and the Vista firewall's contribution, if any (?), to these results. Attempting connection to your computer. . . Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet! Your Internet port 139 does not appear to exist! One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion. Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet. Checking the Most Common and Troublesome Internet Ports This Internet Common Ports Probe attempts to establish standard TCP Internet connections with a collection of standard, well-known, and often vulnerable or troublesome Internet ports on YOUR computer. Since this is being done from our server, successful connections demonstrate which of your ports are "open" or visible and soliciting connections from passing Internet port scanners. Your computer at IP: xx.xxx.xx.xxx Is being profiled. Please stand by. . . Total elapsed testing time: 4.991 seconds Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice. Determine the status of your system's first 1056 ports This Internet service ports "grid scan" determines the status — Open, Closed, or Stealth — of your system's first 1056 TCP ports. A scan of a stealthed system is up to four times slower since many more probes must be sent to guarantee against Internet packet loss. Your computer at IP: xx.xxx.xx.xxx Is being carefully examined: Total elapsed testing time: 68.080 seconds Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
__________________       |
|
#12
02-18-2007, 12:13 AM
| ||||
| ||||
| OK, I assume that you tried Leaktest from the link Sean posted. For more leak tests, go here: http://www.personalfirewall.comodo.c...ica&country=US. Then, "Download Comodo Parent Injection Leak Test Suite." Let us know how it turns out, and please let us know what you are doing to combat inbound and outbound baddies.
__________________ |
|
#13
02-18-2007, 12:41 AM
| ||||
| ||||
| HaHaHaHaHa. To heck with the Vista firewall. I just ran all the tests with it off and got exactly the same results. So, I'll be looking for a firewall where I can turn all its features off except for excellent outbound protection. I'm turning Windows firewall off for good. Talk about full circles. It doesn't do anything I want effectively/convincingly. If you want a good router firewall, then I recommend the Linksys WRT54GS very highly. I had found that I seemed to be invisible on the web before when using only this firewall, but the tests I used were not nearly as comprehensive as the Shields Up tests.
__________________ |
|
#14
02-18-2007, 01:02 AM
| ||||
| ||||
I passd GRC 100% and found this link with lots of others test sites. http://www.google.com/search?sourcei...=firewall+test
__________________ The only Stupid Question is the one you failed to Ask! Beta Tester since Pre Win 95. |
|
#15
02-18-2007, 02:25 AM
| ||||
| ||||
| Way to go Snuffy. What firewall(s) are you running? And, thanks for the search link.
__________________ |
|
#16
02-18-2007, 03:02 AM
| ||||
| ||||
| To be completely fair, I took the router out of my system and tested the Vista firewall using the Shields Up tests. It did very well. It only failed in one area: "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." I suspect that the ping reply would not occur if I had changed my network to public. So, I suspect that the Vista firewall would do an excellent job when out and about--hot spots or not. I wish I had thought about testing the firewall with my network set as public too. Maybe I'll do it tomorrow.
__________________ |
|
#17
02-18-2007, 06:12 PM
| ||||
| ||||
| I changed our network to a public network making sure that network discovery, file sharing, and printer sharing were turned off. And, I took the router out of the system. The Vista firewall passed all the Shields Up tests, but still failed Leaktest. Conclusion: I think that the firewall is very good on incoming given its most restrictive settings which are appropriate for being out and about. I tried one other approach: leaving our network as public, but turning on network discover, file sharing, and printer sharing. The firewall again failed the ping reply test.
__________________ |
|
#18
02-19-2007, 12:49 AM
| ||||
| ||||
 Vista actually has 2 firewalls. #1 is on by default = incoming #2 is off by default = outgoing start --> type -> firewall --> click firewall with advanced security --> find Windows Firewall Properties and turn on outgoing or at least read about how it works. Not  any morePS: I am running both Vista Firewalls.
__________________ The only Stupid Question is the one you failed to Ask! Beta Tester since Pre Win 95. Last edited by Snuffy : 02-19-2007 at 12:54 AM. |
Vista has 2 Firewalls |
#19
02-19-2007, 12:55 AM
| ||||
| ||||
| I am getting better with with the Windows Firewall with Advanced Security. I was able to block LeakTest's access to the Web by altering the way Vista suggests writing "Outbound" rules. By making this change, I also did better with the Comodo leak tests. Of course, the first one still was blocked. The test pharse I was using is "I don't leak." In this regard, I kept the Comodo site from being able to reproduce the whole phrase. All it could reproduce was "I"--which might mean that, for example, a credit card number could not be transmistted. Unfortunately, the third Comodo test reproduced the whole phrase. However, I don't think Comodo could do anything if I could preclude it form using IE. Even though Firefox is my default brower and I have disabled IE, the 2nd and 3rd Comodo tests are able to start IE and connect through IE. Does anyone know how to absolutely prevent IE from being used. Also, does anyone have any thoughts about how to deal with the general approach the two hardest-to-defeat Comodo leak tests are using the get to the Web.
__________________ |
|
#20
02-19-2007, 12:57 AM
| ||||
| ||||
| Quote:
__________________ |
Linear Mode
