When I run the Shields Up scan it comes up clean even the 1056 port one, however with PCFlank on the quick scan it shows 135 open. Although it is getting the right address could it be looking at the ISP instead? I did try this port specifically with GRC and said it was stealthed. I have a rule in Kerio 2.1.5 to block it. Any ideas please.
I tend to doubt the results on pcflank. I have, at various times, with various firewalls, run tests at grc and come up stealth, and then run the same tests at pcflank and it claimed I had an open port. So I then tested that one port at grc.com and it showed stealth. So I chose to believe Shields up.
A much more thorough and accurate test is available at www.securityspace.com unfortunately it does cost money but it is cheap at $10 a year for unlimited desktop audits. The results are excellent as it also detects patch levels and and your susceptibilty to recent exploits. My testing there showed a few flaws on my system using Sygate so I switched to Zone Alarm and have no negatvie results since. I run an audit once a month or so.
Here's a couple places with an assortment of port scanners. 1) Alken's Online Security Check 2) Dozleng's Internet Security & Others
Thanks for the links. I tried http://www.blackcode.com/ which seemed to be high rated and my m/c came through clean, so maybe PCFlank is not on button
The PCFlank Port Scan is UNRELIABLE. You should NOT base you opinion of your Firewall, nor of a Port being Open, Closed, or otherwise Stealthed, based on that test!!! I ran a varity of test today at PCFlank. I ran some them several different times, and used various "methods" offerred. The Port tests I ran included 1) the Quick Test, 2) the individual Port Scan Test using various different methods: Common Ports, Selected Ports, Random Ports, and a few port ranges, including 3) the Random Port Scan test. I even ran several of the same scans twice. So, what's the prob The first time I ran the Quick Scan Test, it reported that that 139 Ports were OPEN, and NOT stealthed! (Not port 139! That ain't open either.) Any possiblility that you ran a quick test and it said some number like that? 135 is pretty close, eh? ALL of the SUBSEQUENT scans I performed using the individual tests, with using all 3 available methods reported that my ports were NOT open, nor closed, but were STEALTHED! (Along with a happy face.) (I re-ran a few of the tests to be sure I didn't misread anything.) FINALLY, AS A LAST TEST after about 45 minutes to an hour or so at that site, I RETURNED to re-run the the Quick Test JUST FOR THE HELL OF IT, AND watcha suppose it said after that? Unlike it previously reported, but was reported by ALL of the independent tests I ran there to scan my Ports the QUICK TEST NOW reported: "I'm Stealthed!" Baloney! Though I had no patience to sit around for 1/2 an hour doing a single test to scan Ports 0 - 65535, I have no reason to believe that SUDDENLY and unexplainably, 139 of my Ports we in fact unStealthed. I've run many tests on my Ports at a variety of Sites, especially during the past few months. Not one of them reported any of my Ports to be unstealthed. The same results have been seen during port scans when I've been running Norton during the past 5+ years to Stealth my Ports. BTW. The TCP SYN ("half-port open") test showed Ports as being Stealthed, as well. So, what shall we say about the reliability and validity of the Quick Scan Port Scan Test? A bit flipped from 0 to 1 during xfer to my PC? My Browser was tired of being "on the wagon" and "got drunk" for a minute or two? Somehow, that seems unlikely, and I would be inclined to suggest that PCFlank us some buggy code doing Port Stealth testing, and (IMO) it's worth ignoring. So, here's an idea. Find another site to test your Ports with!
