Author |
Message |
Acadia
|
Posted: Sun Aug 19, 2012 4:50 am |
|
|
welcoming committee |
|
Joined: Wed Apr 11, 2012 6:45 am Posts: 1073
|
Purchased a new router so naturally I wanted to test its security. I went to two sites, grc and pcflank. How accurate are these sites because I got two different results? GRC says that all 1056 of my ports are stealth but I failed the ping. Pcflank says that I passed the ping but have about half-a-dozen ports closed but not stealth. Thanks, Acadia
_________________ The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson
|
|
|
|
|
jaylach
|
Posted: Sun Aug 19, 2012 8:54 am |
|
|
Resident Geekazoid Administrator |
|
Joined: Wed Mar 21, 2012 5:09 am Posts: 9455 Location: The state of confusion; I just use Wyoming for mail.
|
LOL! I think that worrying about such intimate details of your firewall is a waste of effort and energy. Actually it depends a LOT on how the people that wrote the sites see and word things. For instance the difference between the two on stealth. The ports that are stated as blocked but not stealth may just be listed as stealth on the first. After all, isn't blocked the ultimate stealth? Bottom line is that unless you know exactly (and understand) how they are performing the tests, and how they mean their terminology, these things can be deceptive and confusing.
|
|
|
|
|
Manny Carvalho
|
Posted: Sun Aug 19, 2012 6:23 pm |
|
|
welcoming committee |
|
Joined: Thu Mar 22, 2012 1:35 am Posts: 715
|
The reason ports sometimes don't show as stealth when checking on something like ShieldsUp is because in actuality the test is done on your first device that hits the internet. Typically, that's your router and not your machine. That's exactly what Acadia was doing trying to determine what ports are open in his router. All I can say about the difference in test results is that PCFlank is a little wonky and I haven't used it for years. Nevertheless, you should check if they are really talking about the same ports. The difference between stealth and closed is minimal really. Both are closed and don't allow any inbound traffic but with stealth it doesn't respond saying that the traffic was blocked. For almost all things there's not much difference. If somebody is going to target you specifically they will get you no matter what this setting is. I wouldn't worry about it. The ping is a little different and it means that when you are pinged you either respond or not. Ping is pretty useful in your network but can be used to find you externally. It's a handy little troubleshooting thing but if it bothers you =and not really bad to respond actually in almost all cases - you can turn off that ability as shown here: http://www.sysprobs.com/enable-ping-reply-windows-7 on Win7 but in actuality, since the router is being tested, that's where you start first. You have to figure out how to do that in your router if you really care about it. Like I said I wouldn't worry too much about this unless somebody is really out to get you and if they are they will find you regardless of this. To really test your machine with these sites you have to bypass your router. If you really want more detail go here and follow the links mentioned in the thread. An understanding of network protocols would be very handy here: http://www.outpostfirewall.com/forum/showthread.php?23874-Shields-Up-Test-Fails
_________________ Best regards, Manny Carvalho MS-MVP since 2002
|
|
|
|
|
Acadia
|
Posted: Fri Aug 24, 2012 3:11 pm |
|
|
welcoming committee |
|
Joined: Wed Apr 11, 2012 6:45 am Posts: 1073
|
Sorry so long getting back to you all, retirement is so time consuming . Since I did the firewall testing which, as Manny stated was really only for the router in my case, I discovered that my new router does not even have a ping killing feature. Upon doing some research I found some sites that stated rightly or wrongly, and I am seeking your opinions here, that the "ping" is not that important. I even found one site that stated "stealth" was not that important: http://www.hansenonline.net/Networking/stealth.html Not sure why Steve Gibson places so much importance on the ping IF what I read is true but this router has too many good reviews so as long as GRC states that all of my ports are cool then I shall continue on. Then again of course, I've got all my other layers of protection also. Thanks all, Acadia
_________________ The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson
|
|
|
|
|
JoanA
|
Posted: Fri Aug 24, 2012 4:07 pm |
|
|
Moderator |
|
Joined: Thu Apr 05, 2012 3:25 pm Posts: 1916 Location: Pembrokeshire, South Wales, UK
|
I like your remark about retirement being time consuming, I so agree, in fact I don't know how I found time to go to work before retiring, there just aren't enough hours in the day to do everything I want to do.
|
|
|
|
|
Manny Carvalho
|
Posted: Fri Aug 24, 2012 4:08 pm |
|
|
welcoming committee |
|
Joined: Thu Mar 22, 2012 1:35 am Posts: 715
|
Stevie has a propensity for hyperbole. Yes, in an ideal world your PC would be silent but for ping to pose a problem then the attacker would already know you. Attacks rarely come this way since email is so much easier. And anyway even if they know of you they couldn't enter because your ports are closed. I bet Wilder's will tell you the same.
In my best NY accent - furget-abut-it.
_________________ Best regards, Manny Carvalho MS-MVP since 2002
|
|
|
|
|
sboots
|
Posted: Fri Aug 24, 2012 8:19 pm |
|
|
Site Admin |
|
Joined: Tue Apr 10, 2012 9:48 pm Posts: 2954 Location: New Jersey
|
I concur with Manny. The important thing is that the router or any forward facing device connected directly to the Internet does not have open ports that allow an external connection without a high level of security. -steve
_________________ stephen boots Microsoft MVP 2004 - 2020 "Life's always an adventure with computers!"
|
|
|
|
|
Acadia
|
Posted: Sat Aug 25, 2012 1:50 pm |
|
|
welcoming committee |
|
Joined: Wed Apr 11, 2012 6:45 am Posts: 1073
|
Thanks, guys. Yeah, based upon what I've been reading that is the case but it is always reassuring to me to get the opinions of the folks here. I had to laugh, one website that I came upon stated "Steve Gibson is brilliant but over the top". But I do highly recommend his firewall (port) test page and his password (haystacks) test page, the best that I have found.
Acadia
_________________ The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson
|
|
|
|
|
|