Purchased a new router so naturally I wanted to test its security. I went to two sites, grc and pcflank. How accurate are these sites because I got two different results?

GRC says that all 1056 of my ports are stealth but I failed the ping. Pcflank says that I passed the ping but have about half-a-dozen ports closed but not stealth.

Thanks,
Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson

LOL! I think that worrying about such intimate details of your firewall is a waste of effort and energy.

Actually it depends a LOT on how the people that wrote the sites see and word things. For instance the difference between the two on stealth. The ports that are stated as blocked but not stealth may just be listed as stealth on the first. After all, isn't blocked the ultimate stealth?

Bottom line is that unless you know exactly (and understand) how they are performing the tests, and how they mean their terminology, these things can be deceptive and confusing.

_________________

The reason ports sometimes don't show as stealth when checking on something like ShieldsUp is because in actuality the test is done on your first device that hits the internet. Typically, that's your router and not your machine. That's exactly what Acadia was doing trying to determine what ports are open in his router.

All I can say about the difference in test results is that PCFlank is a little wonky and I haven't used it for years. Nevertheless, you should check if they are really talking about the same ports. The difference between stealth and closed is minimal really. Both are closed and don't allow any inbound traffic but with stealth it doesn't respond saying that the traffic was blocked. For almost all things there's not much difference. If somebody is going to target you specifically they will get you no matter what this setting is. I wouldn't worry about it.

The ping is a little different and it means that when you are pinged you either respond or not. Ping is pretty useful in your network but can be used to find you externally. It's a handy little troubleshooting thing but if it bothers you =and not really bad to respond actually in almost all cases - you can turn off that ability as shown here: http://www.sysprobs.com/enable-ping-reply-windows-7 on Win7 but in actuality, since the router is being tested, that's where you start first. You have to figure out how to do that in your router if you really care about it. Like I said I wouldn't worry too much about this unless somebody is really out to get you and if they are they will find you regardless of this.

To really test your machine with these sites you have to bypass your router.

If you really want more detail go here and follow the links mentioned in the thread. An understanding of network protocols would be very handy here: http://www.outpostfirewall.com/forum/showthread.php?23874-Shields-Up-Test-Fails

_________________
Best regards,
Manny Carvalho
MS-MVP since 2002

Sorry so long getting back to you all, retirement is so time consuming . Since I did the firewall testing which, as Manny stated was really only for the router in my case, I discovered that my new router does not even have a ping killing feature. Upon doing some research I found some sites that stated rightly or wrongly, and I am seeking your opinions here, that the "ping" is not that important. I even found one site that stated "stealth" was not that important: http://www.hansenonline.net/Networking/stealth.html

Not sure why Steve Gibson places so much importance on the ping IF what I read is true but this router has too many good reviews so as long as GRC states that all of my ports are cool then I shall continue on. Then again of course, I've got all my other layers of protection also. Thanks all,
Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson

I like your remark about retirement being time consuming, I so agree, in fact I don't know how I found time to go to work before retiring, there just aren't enough hours in the day to do everything I want to do.

_________________
Joan Archer
http://crossstitcher.webs.com

Stevie has a propensity for hyperbole. Yes, in an ideal world your PC would be silent but for ping to pose a problem then the attacker would already know you. Attacks rarely come this way since email is so much easier. And anyway even if they know of you they couldn't enter because your ports are closed. I bet Wilder's will tell you the same.

In my best NY accent - furget-abut-it.

_________________
Best regards,
Manny Carvalho
MS-MVP since 2002

I concur with Manny. The important thing is that the router or any forward facing device connected directly to the Internet does not have open ports that allow an external connection without a high level of security.
-steve

_________________
stephen boots
Microsoft MVP 2004 - 2020
"Life's always an adventure with computers!"

Thanks, guys. Yeah, based upon what I've been reading that is the case but it is always reassuring to me to get the opinions of the folks here. I had to laugh, one website that I came upon stated "Steve Gibson is brilliant but over the top". But I do highly recommend his firewall (port) test page and his password (haystacks) test page, the best that I have found.

Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson