Must be doing something wrong (KIS 6) Advice needed..

Just recently installed the KIS 6 (build 621) program from the systweak offer like a lot of others but have a problem..

No matter what setting I use for the firewall, www.grc.com (shieldsup) reports me as not attaining true stealth status like I can obtain with NIS 2007 or other programs with no tweaking..

I'm a little more familiar with NIS and Zonealarm (still never tweaked them much either), but it's a little frustrating to see it not being true stealth and also KIS showing 'blocked attacks' at 0.

can I grab any pointers from those here that can achieve this status with KIS?

thanks

 

Hi Crappopotamus,
The best thing to do would be vist the Kaspersky Forum.
BC.

 

What kind of advice are you looking for?

 

To be able to achieve a true stealth status like ZA and NIS07 do straight from the get-go I presume.

 

How to stealth all of his ports.

Crap, is it port 113 that shows closed and not stealth?

 

Please go into the anti-hacker part.
Here it is easy to stealth the zones.

If this not works properly, I suggest reinstalling KIS.

What version of KIS are you using?

 

I'm using 621 , Under anti-hacker it has "internet" and my IP address listed, both are checked as "stealth".

Only thing I changed from the install was I set the firewall to training mode and have allowed only things I know are legit to go out..

here are the results:

---------------------

GRC Port Authority Report created on UTC: 2007-04-06 at 21:22:51

Results from scan of ports: 0-1055

0 Ports Open
811 Ports Closed
245 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be STEALTH were: 0, 22, 42, 135, 139, 179, 392,
393, 394, 395, 396, 397, 398,
399, 400, 401, 402, 403, 404,
405, 406, 407, 408, 409, 410,
411, 412, 413, 414, 415, 417,
418, 419, 420, 421, 422, 423,
424, 425, 426, 427, 428, 429,
430, 431, 432, 433, 434, 435,
436, 437, 438, 439, 440, 441,
442, 443, 444, 445, 446, 447,
448, 449, 450, 451, 452, 453,
454, 455, 456, 457, 458, 459,
460, 461, 462, 463, 464, 465,
466, 467, 468, 469, 470, 471,
472, 473, 474, 475, 476, 477,
478, 479, 480, 481, 482, 483,
484, 485, 486, 487, 488, 489,
490, 491, 492, 493, 494, 495,
496, 497, 498, 499, 500, 501,
502, 503, 504, 505, 506, 507,
508, 509, 510, 511, 512, 513,
514, 515, 516, 517, 518, 519,
520, 521, 522, 523, 524, 525,
526, 527, 528, 529, 530, 531,
532, 533, 534, 535, 536, 537,
538, 539, 540, 541, 542, 543,
544, 545, 546, 547, 548, 549,
550, 551, 552, 553, 554, 555,
556, 557, 558, 559, 560, 561,
562, 563, 564, 565, 566, 567,
568, 569, 570, 571, 572, 573,
574, 575, 578, 579, 580, 581,
582, 583, 584, 585, 586, 587,
588, 589, 590, 591, 592, 593,
594, 595, 596, 597, 598, 599,
600, 601, 602, 603, 604, 605,
606, 607, 615, 616, 617, 618,
619, 620, 621, 622, 623, 624,
625, 626, 627, 628, 629, 630,
631, 632, 633, 634, 635, 636,
637, 638, 639, 1023

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

 

811 ports were not stealthed, omg... something is wrong here.

all ports stealthed here, just using my router with no installed firewall on my laptop, just an AV.

 

I would suggest a reinstall. When I ran KIS6, I had the firewall in training mode, and all ports at GRC were stealth. If that doesn't work, the Kaspersky forum is a good choice.

 

It is possible that you have some software running on your PC that is behaving like server. To check what is happening right click the K icon in the Sys Tray and select Netwoek Monitor. Select the Open Ports tab and check to see which have an IP address that is NOT 127.0.0.1 or 0.0.0.0. Against those entries check the Local Port to see if one of them is the port that GRC reports as beong closed only. If you locate this then take a look at the application against that entry...that could be your culprit. You can either prevent the applciation from running or set up custom rules to block inbound traffic (TCP & UDP) for that specific port.

I had this problem with Skype acting as a server and therefore had non stealthed ports. Set up custom rules to block the relevent ports re. inbound traffic and GRC then reported back a fully stealthed system...and Skype has continued to function normally.

I am not saying that this is the solution to your issue but it may be and so may be worth investigating.

 

The only ports in the open ports list that have an IP other than 127 or 0, is 1900 and 49315. UDP SVCHOST.EXE -K LOCALSERVICE is how they are listed.

I connect to the internet through verizon wireless broadband evdo rev-a cellular connect. It uses vzwmanager software to achive the connection using a usb dongle modem (cellular). That could be considered a server I presume? BUT if I install norton or ZA or even mcafee they all pass trustealth the first go-round, even with this verizon connection software.

 

FWIW I just installed KIS 6.0 build 6.0.2.621 on my laptop and hooked directly into my cable modem (bypassing my router). I then went to GRC, ran the shields up on all services ports, and the result was stealth on all ports.

 

Did an uninstall, used the registry cleaner from kaspersky, and reinstalled, updated and got this. Even worse.

NOTE: I have a second laptop, using the same verizon wireless access software but I have NIS2007 installed.. Trustealth rating on all ports ... So it has nothing to do with the verizon software, it could'nt.

----------
GRC Port Authority Report created on UTC: 2007-04-07 at 01:46:24

Results from scan of ports: 0-1055

0 Ports Open
1024 Ports Closed
32 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be STEALTH were: 0, 22, 42, 135, 139, 179, 181,
182, 183, 184, 185, 186, 187,
188, 189, 190, 191, 202, 206,
209, 210, 211, 213, 214, 215,
445, 492, 493, 507, 530, 568,
1023

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.




dammit.




HOWEVER --- The other laptop with the same verizon access software and NIS2007 get this:

-------------

GRC Port Authority Report created on UTC: 2007-04-07 at 02:38:51

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

hmmph.

 

Curious.

 

very strange. I run .621 as well and everything is stealthed.
maybe have a look at the kaspersky forum. They'll help

 

That is indeed mighty curious. I only had to create inbound block rules for Skype (Ports 80, 443, 1043 & 3927) after which Shields Up reports everything was stealthed.

I agree with Sjoeii...a post at the Kaspersky Forum is worth a go.

 

EliteKiller had said:

I personally also tried a Shields Up scan and it came up full stealth, EXCEPT for port 113.
ShieldsUp then explains why on many systems, port 113 is simply blocked and not stealthed... and that stealthing 113 can sometimes (not always) create problems.

What do others think and recommend?

 

http://www.grc.com/faq-shieldsup.htm#IDENT

You can also forward port 113 in your router (if you have one) to a non-existent IP on your LAN.

 

If he has got a Router there is no point in going to shieldsup, 'cos he'll be testing his Router not KIS!

 

Not all routers filter 113 either.

 

I do have a router.
D-Link DI-604

Also KIS 6.0.0.300

If one has the above router's firewall plus KIS (full protection enabled) plus Spybot (Teatimer, Resident shield enabled), SywareBlaster, is it ok to keep port 113 simply closed instead of stealth?

[Btw, On a laptop (with Netgear wireless router) I have Avira Classic, Comodo, Spyware Blaster, Spybot & Winpatrol. Port 113 is also shown as closed instead of stealth.]

 

I don't have a router on this connection, as it is EV-DO cellular, I don't have the $$ for a linksys 3g router, I just use the antihacker firewall when I go to grc.com

 

Visit the Kaspersky Forums, re-install, or make sure windows firewall is off.