Outpost 1.0 and GRC (port stealthing)

Solicited TCP Packets: RECEIVED (FAILED)

1028
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

1029
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

Any idea how to set these things in order to pass the tests?
No matter what i do it keeps on closing those two ports 1028 and 1029.
Also how to get that Solicited TCP packets filtered?

I know it's an old firewall but very lightweight and free so i'd like to get it working...

 

Do you have a router or a modem that does NAT (Network Address Translation)?

 

No, direct connection to internet using ADSL (PPPoE).

 

RejZoR,

Try the power, speed and very light on resources, CHX

You can use the filters from this page: http://members.shaw.ca/BIND-PE_and_ICS/stef001/content.htm

If you have some doubt, you can post here on Wilders or Software Security Central

Hope you like it.

 

Crow, please stay on topic.

Rejzor, most modems these days come with NAT(Network Address Translation). Check the manual that came with your modem to see if your modem has NAT capabilities.

If it does, GRC was actually scanning your modem, not your computer. Behind your modem, you are still protected by ZoneAlarm, which stealths all ports by default.

 

Chiawaikian, please stay on topic...

He was talking about Outpost 1, not ZA, and how he might get it working and stealthing properly on his machine...

 

RejZoR if you buy the 23/2005 edition of the german magazine c't you get a free copy of Outpost 2.7 (unlimited serial, but not working on 3.x or any other future versions). Still it's better then the old 1.0. PM me if needed

 

...

 

Oooops...
I think I am infatuated with my work on the ZA forum...
Sorry Vampiric_Crow.

 

Seems So!!

 

No problem...

 

No, my modem doesn't offer any NAT functionality. Also it's completely transparent. Only device that is registered as endpoint is LAN card.
PC doesn't even know that i'm using ADSL modem.

ZoneAlarm is great for browsing, mail and other simple things. Rules and interface are simple yet effective. And it always passed GRC tests. But problem is it will simply choke when there is lots of active connections. eMule which i use all the time uses large numbers of such connections. Memory usage of ZA will skyrocket, same will hapen with CPU usage over time.
Pings in games also tend to skyrocket with ZA without any reason.
So i avoid ZA because of these problems. Sygate has problems with the way how PPPoE works and will not allow modem to automatically reconnect after 24 hours (dyn IP). Kerio doesn't even stealth some ports so gunned down again...
Outpost 1.0 works excellent. Light, easy to use and doesn't interfere with anything. Yet i can't hide those 2 ports no matter what i do. All others are always stealthed but these 2 can't be Don't have a clue why is so.

 

Rejzor,Outpost 1.0 had several security issues if i well remember.One that i am certain of,is that it had absolutely no control on DNS requests on port 53.Practically it would think any connection there as the legitimate DNS.There was a long list of these vulnerabilities back then in the Outpost site.You may want to try search for them,they might still be there.In anycase,it was a firewall that i remember made me very uncomfortable stay with,exactly because like you ,i have no router.These issues were solved only in version 2.

 

Thanks to StyleWarz i'm now proud user of Outpost 2.7 which correctly passes all GRC tests Uses some more memory but i belive it's worth the extra "weight".
Thx again!

 

Been a while since I used OP Free but I do believe that you could remove existing global rules (including the DNS one) - this would require you to create separate DNS rules for every application though.

However GRC doesn't use DNS (Sygate's Stealth Scan did though) so I would suspect the problem may be with an application holding these ports open and OP Free not properly stealthing traffic as a result (not a big issue since the traffic is still blocked).