How secure is your computer? Shields Up!

Richdog · 15 Jul 2006 at 09:11

Heh just came accross that Shields Up! website that tests your computer for vulnerabilities and my computer did very well on it: http://www.grc.com/x/ne.dll?rh1dkyd2

File Sharing:

Your Internet port 139 does not appear to exist!

One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

Common Ports:

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

All Service Ports:

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

Not sure how accurate this test is, but has anyone else tried this to see how "secure" they are?

CurlyWhirly · 15 Jul 2006 at 10:34

I've always had a 'perfect' stealth rating when I've run Shields Up! but as to whether it's a real assessment of how secure you are I don't know unfortunately.

AFAIK Steve Gibson seems to exaggerate security threats :confused:

tolien · 15 Jul 2006 at 11:09

CurlyWhirly said:
AFAIK Steve Gibson seems to exaggerate security threats

Quite.

masterk · 15 Jul 2006 at 11:31

Not hard to pass this test. I think there are better ones around though.

Eddietop · 15 Jul 2006 at 11:40

If you have a nat enabled router, with ICMP shutoff and no forwarded ports you should get "TruStealth" everytime.

Phil99 · 15 Jul 2006 at 12:20

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

Using Windows Firewall with NAT disabled on my router (block of IPs)

growse · 15 Jul 2006 at 14:19

Steve Gibson = Muppet.

Anyone who thinks that completely stealthed ports is the be-all and end-all of internet security really needs to shut up.

There are better scanners out there - those that will test udp ports etc.etc.

Richdog · 15 Jul 2006 at 14:23

growse said:
Steve Gibson = Muppet.

Anyone who thinks that completely stealthed ports is the be-all and end-all of internet security really needs to shut up.

There are better scanners out there - those that will test udp ports etc.etc.

What are better scanners to use? Got any linkies? I didn't know anything about Steve Gibson, didn't realise he was a scare-monger.

tolien · 15 Jul 2006 at 14:41

Better still, blocking ICMP is a bad thing (breaks path MTU discovery etc).

The ideal's just find someone with a linux box and get them to nmap you.

http://www.netmonitor.org/tools/nscan.php is basically nmap with a pretty interface, and does UDP et al.

bitslice · 15 Jul 2006 at 16:37

doesn't mean much, other than you turned a firewall on.

a totally compromised PC would still pass.

.

Richdog · 15 Jul 2006 at 16:42

bitslice said:
a totally compromised PC would still pass.

Really? Hmm interesting. Guess its BS then the text saying "this is very unusual for a windows computer" yadda yadda.

tolien · 15 Jul 2006 at 16:58

Richdog said:
Guess its BS then the text saying "this is very unusual for a windows computer" yadda yadda.

More like it's normal, unless you're not running any firewall at all (including the Windows one), and aren't behind NAT.
Most ISPs block NetBIOS et al at their border routers too.

the_box · 15 Jul 2006 at 17:18

i am all in green true stealth

toString · 15 Jul 2006 at 17:25

Hack the Gibson!

Here's a good question. I fail on port 6881, I have it open for BT. I could shift uTorrent to use a 'less common' and higher port, and then open that on my firewall. Would this effect the way people connect to me? I assume it wouldn't..

Uhtred · 15 Jul 2006 at 18:00

There's nothing wrong with having ports open, it's just have ports open running services with security vulnerabilities. BT will be fine.

CurlyWhirly · 15 Jul 2006 at 18:28

Eddietop said:
If you have a nat enabled router, with ICMP shutoff and no forwarded ports you should get "TruStealth" everytime.

I used to get a "Trustealth" rating even when I used to use a USB modem and software firewall and I've even run it after disabling my software firewall and I still passed :confused:

bigredshark · 15 Jul 2006 at 18:45

This really proves why the test is useless. if the mickey mosue home firewalls they build into routers give a 'perfect' security rating then it's deeply flawed. personally i use a cisco 1800 router at home (aquired from work - with the security IOS) and a netscreen 5GT in transparent mode (found that somewhere too...). Then allocate my ADSL a public /28 and I don't have to mess around with NAT, when IPv6 makes it it'll be the sensible way to do things from a usability point of view (without the incredibly expensive kit obviously) but it'll be a security pain when all the home users who have no idea start using it.

Syngress · 15 Jul 2006 at 19:59

tolien said:
Better still, blocking ICMP is a bad thing (breaks path MTU discovery etc).

Its very true that disabling ICMP as a whole is a bad thing, what people should really be doing is just blocking ICMP Echo, Echo Reply and Teaceroute (RFC1393)

At least that way you wont break they major items like Path MTU and Gateway redirects.

garyh · 16 Jul 2006 at 00:24

bigredshark said:
This really proves why the test is useless. if the mickey mosue home firewalls they build into routers give a 'perfect' security rating then it's deeply flawed.

And please tell me why that is? All your post seems to be is a willy wave at your very expensive CISCO kit which is completely OTT for a standard home network.

growse · 16 Jul 2006 at 01:01

Expensive enterprise kit > free software firewall. If you don't see that to be true, you're brain's gone wondering.

Generically, if you tell someone who's running a free software firewall that they're 'totally 100%' secure, you're lying.