HackerWatch Test

Hi guys; sorry for being late...

Here's where I've gotten since I last wrote.

I tried several firewalls in turn, and am afraid I have to say they all brought me back to the exact same results.

I don't believe the ip address which is scanned when I initiate the scanning test belongs to anyone else but me - although I absolutely do agree that the router question often is a valid possibility, and can be a source for mistaking some tests results.

One of the firewalls I used logged the different connection attempts and it looked something like this: 21 (attack detection: blocked); 23 (attack detection: blocked); 79 (attack detection: blocked) etc. The point here being that port 25 does not appear on the list of blocked attempts (between ports 23 and 79).

The second thing that worries me is that my firewall's log shows the exact same verdict as the scanning site does. I wish those two would contradict each other so I could pick my firewall as the one to be trusted, but right now I can't.

I also agree that some tests are not to be trusted, but then how do we know which one to pick as reference ?

Still trying to figure something out by myself, at least until a miraculous (and logical) explanation just hits me...

I'll keep you up to date.

Crockett

 

"I also agree that some tests are not to be trusted, but then how do we know which one to pick as reference ?"

Check out the Test sites you will find at the link I posted..they can be trusted.

 

By chance to you have file sharing enabled??

 

I don't.

 

Root;

I went through the whole thread all over again, and it's only now I'm really hit by two things you pointed to.

The first one is worth mentionning again, i.e. [paraphrasing] 'never trust a scanning site unless it mentions your own ip as scanning address'.

I'm so used to check my firewall against scanning sites which do mention this ip (not to mention the fact that I was shocked to 'discover' port 25 could finally be a weakness on my system) that I never paid due attention to Hackerwatch not crosschecking my ip.

The second one is this: one of the firewalls I used in trying to outscore Hackerwatch was Outpost. What exactly do you mean by "Well, outpost has the ability to look at active packets being transferred" ?

Looks like I still don't master all the tools embedded in today's leading firewalls.

Joseph, thanks to you for the interesting mention of proxies being scanned instead of the user's pc - I didn't pay all the attention I should have to his post.

Rickster, you're right - this forum is rather useful to say the least. Hope I didn't cause too much panic by starting this thread.

Finally, I followed MyNethingyman's advice and followed his thread to the list of scanning sites. A lot of them I already knew, some of them I discovered - thanks. I went through all of them except for the Java-requiring ones. Hackerwatch is the only one I [consistently] failed.

See you later.

Crockett