Most trusted online security scan?

Discussion in 'polls' started by optigrab, Oct 22, 2003.

Thread Status:
Not open for further replies.
  1. optigrab
    Offline

    optigrab Registered Member

    My first poll, but I sincerely want to know the answer. :D Hope this one doesn't violate any Board policies or generally seem like the proverbial "stupid question" :p

    My guess is that the majority of members subscribe to a "layered approach" to all aspects of security, so a lot of you will want to specify more than one. Looking forward to the discussion!
  2. crockett
    Offline

    crockett Registered Member

    Hi ;)

    Three best to me (by far):

    http://www.pcflank.com/test.htm about privacy (nice and precise)

    http://www.pcflank.com/exploits.htm about firewall defences (beware - powerful test !) You have to tick all the boxes to proceed with all the attacks at the same time.

    http://www.leader.ru/secure/who.html again about privacy (terribly good - already helped me several times to discover flaws in my soft's or config's when I thought all was perfect)

    If you haven't done it already, please go and try these and come back to tell me what you think... (Don't try the second one if you're not firewall-protected !)

    Rgds, Crockett :cool:

    Attached Files:

  3. crockett
    Offline

    crockett Registered Member

    BlackCode I can't even run, 'cause my security settings seem to keep me from even going further than the start page ! JVScripts enabled, though... Strange.

    Crockett :cool:

    Attached Files:

  4. beetlejuice
    Offline

    beetlejuice Registered Member

    :D For a ports test I like Gibsons-GRC. Quick and to the point whether your ports are open, closed, or stealth. A while back I believe I read that he is working on a scanner that will include all :eek:65,535 ports. :eek: I can't wait for that!! :D
  5. bigc73542
    Offline

    bigc73542 Retired Moderator

    I agree with beetlejuice. I like grc. for a quick port scan to make every thing is stealth . :)
  6. JayK
    Offline

    JayK Poster

    You can already custom scan ports.
  7. JayK
    Offline

    JayK Poster

    Pcflank test looks too "clever" and yet it can't work if you are using an ISP trasnparent NAT :)
  8. snapdragin
    Offline

    snapdragin Administrator

    i choose grc. too.... :D it was quick and i like that i can just enter a port range and scan.

    JayK...."ISP transparent NAT"....?? i am not sure what that is, could you explain it so i don't go around thinking you mean one of those see-through cased routers?

    snap :)

    sorry..spelled your name JKay..it sounded the same :doubt:
  9. JayK
    Offline

    JayK Poster

    Hmm perhaps the word NAT was redudant. transparent proxy

    But seriously, I don't know what that means either, it just sounds cool! :)

    PS See my tag line
  10. snapdragin
    Offline

    snapdragin Administrator

    ROFL - well it DOES sound cool! Thanks JayK!
  11. optigrab
    Offline

    optigrab Registered Member

    Hi Crockett

    I tried the " Holmes/Who" site you recommended - Seems like a good one, but it didn't give me any different results than PC Flank or GRC, and it doesn't seem as polished. Then again, I only tried the first port scan :doubt: Still, I've bookmarked it.

    I have found that Sygate Online (stealth scan option) tells me I've got several ports 'Blocked' but not 'Stealth'. But every other scan I've done (PC Flank, GRC, Sygate quick scan) tells me I'm 'All Stealth'. Question: Does anyone suppose that these results are reliable - that is, Sygate found a problem others didn't?

    Regards, Optigrab ;)
  12. crockett
    Offline

    crockett Registered Member

    Hi Optigrab :)

    If your system is safe, as yours seems to be, there's no automatic reason Holmes would give you any different result.

    But I recall, when first trying Opera a couple of years ago, I tried the test and was amazed to see the site could access... my internet connection username ! Talk about a surprise ! :eek:

    After some trial and error and dialogs with the Opera crew, we realized the problem came from some flaw in the SunJava machine (1.3 at the time if my memory is good). Using some combination of Java and Javascripts, the Holmes site could get access to the info the JavaMachine knew.

    The point is - I was very proud of the fact that I succeeded all the on-line tests I could get my hands on, and then this flaw was revealed by Holmes.

    So I was glad I came accross it so I could correct the flawed configuration on my pc (i.e. change my JavaMachine or decide to disable JavaScripts alltogether).

    More recently, I decided to try the FireBird stand-alone browser, and again went through many tests, always succeeding... But again, I went to Holmes, and with JavaScripts enabled, it was able to see which previous site I was connecting from. That puzzled me, since I had history and referrers disabled in the browser AND referrers disabled in WebWasher (web filter). I then tried with a former version of FBird (i.e. Phoenix) and got the same troubling result. I then switched to Opera, which appeared not to suffer from the flaw. I then tried Beonex (a third stand-alone browser based on the Mozilla engine), and it didn't suffer from the flaw either...

    See, in some instances this Holmes site can really see some important things that most other sites can't...

    Now, you can understand why - even when I succeed on PCFlank - I always double-check on Holmes... ;)

    Rgds, Crockett :cool:
  13. crockett
    Offline

    crockett Registered Member

    HI again ;)

    I now spend most of my time on Opera, and Opera doesn't even allow me to enter the 'start procedure' on Sygate tests. Opera behaves like this only on Sygate site, displaying a message it doesn't allow the procedure for security reasons.

    Not sure why, but I think it might be because the site tries to unsecurely access the browser on port 443 when this port should be reserved for secure connections only. :doubt:

    Beyond that, the Sygate scan site has a rather uneven reputation, to say the least. On the other hand, their firewall has a rather good reputation and seems to almost always be part of the top four list of free FW's on the market (OutPost, LookAndStop, Kerio2.15 and Sygate).


    If I recall, it had already been discussed some time ago... To get to the desired thread(s), you may click on my name ('View profile of Crockett'), ask for some of the first posts I had on Wilders and see which messages lead to threads which can give you some various opinions about the site.

    Feel free to PM if you can't find the desired threads you're looking for.

    Rgds, Crockett :cool:

    Attached Files:

  14. optigrab
    Offline

    optigrab Registered Member

    Hi Crockett :)

    I see (said the blind man)! Thanks for the wealth of knowledge. As is usual for me I'll have to read through a couple of times before it all sinks in my primitive brain ;)

    I'll also go back to Holmes (to test my mettle) and Sygate (to unravel the bugger).

    Many thanks, and I'll be in touch.

    Best regards
    Optigrab :D
  15. CrazyM
    Offline

    CrazyM Firewall Expert

    For the scan at Sygate Blocked = Stealth

    From their site:
    "Ideally you should receive "Blocked." This indicates that your ports are not only closed, but they are completely hidden (stealthed) to the world."

    Regards,

    CrazyM
  16. spydespiser
    Offline

    spydespiser Registered Member

    GRC for me :)

    speed,convenience and easy to remember/type in when i mess something up/have to switch browsers/configurations dont go as planned
    when all clear from there, then try others and try additional tweaks from there
    but thats me :D Simple :D

    SpyD :cool:
  17. JayK
    Offline

    JayK Poster

    That's strange, did you ever figure out why? The current build of FB 0.7 don't have this problem.
  18. optigrab
    Offline

    optigrab Registered Member

    You are correct, CrazyM, of course. My mistake. I meant "Closed, not Blocked/Stealth".

    WEB-80-CLOSED, POP3-110-CLOSED, IDENT-113-CLOSED, NetBIOS-139-CLOSED, HTTPS-443-CLOSED, 445-CLOSED, 1080-CLOSED, 1245-CLOSED.

    This is for "Sygate Stealth Scan" only; Sygate Quick, and most other scans say I'm stealth. Just beginning my investigation to find the cause.

    Best regards :)
    Optigrab
  19. crockett
    Offline

    crockett Registered Member

    Hello :)

    Went back and checked ShieldsUp again... Of course I agree this is one of the top ones also.

    https://grc.com/x/ne.dll?bh0bkyd2

    Rgds, Crockett :cool:

    Attached Files:

  20. crockett
    Offline

    crockett Registered Member

    Among other things, the Browser Header scan is very nice...

    Crockett :cool:

    Attached Files:

  21. optigrab
    Offline

    optigrab Registered Member

    I figured out the Sygate Stealth Scan that previously gave me the above result. Seems the scan calls the browser to send a DNS request to a different server (other than my ISP). Created a new rule in my firewall and now I am stealth on all Sygate scans. I now have an enhanced respect for that clever site. ;)
  22. crockett
    Offline

    crockett Registered Member

    Hi JayK :)

    Sorry for late answer...

    I just redid the same test with FireBird and came to the same conclusion...

    Attached Files:

  23. crockett
    Offline

    crockett Registered Member

    You can try it yourself if you want...

    I start from this post: http://www.wilderssecurity.com/showthread.php?t=15280;start=msg95416#msg95416

    Click on the link to leader.ru/who...

    See screenshot for the settings I use in FB

    Attached Files:

  24. crockett
    Offline

    crockett Registered Member

    Please also note that, in addition, I use a specifically dedicated filter to block referrers and prefixes, among other things...

    Attached Files:

  25. crockett
    Offline

    crockett Registered Member

    Of course, no cookie allowed...

    But I'm afraid I still get the same surprising result:

    Holmes just knows where I'm coming from...

    Attached Files:

    • Res1.gif
      Res1.gif
      File size:
      3.3 KB
      Views:
      1,744
Thread Status:
Not open for further replies.