Hello I've finally decided to buy a firewall for my PC. For the record I have a P4 512 RAM WIN XP ADSL AV and a firewall on one of those 2-week trials. Now I don't want to influence your comments by naming the FW before you check out the scan results. Note I know virtually zilch about technical stuff - I just installed it with 'recommended config' and away we went. I have no complaints about it malfunctioning or anything. It's just I've read many times over (but don't quite understand) that stealth/blocked is good and closed is bad. So here are the results for the F/Wall from PC FLANKS set of tests:- QUICK TEST Danger! Trojan horse check Warning! Browser privacy check Danger! STEALTH TEST TCP "ping" non-stealthed TCP NULL non-stealthed TCP FIN non-stealthed TCP XMAS non-stealthed UDP non-stealthed BROWSER TEST Cookies Red sad face Referrer Red Sad Face TROJAN TEST 34 Closed Ports ADVANCED PORT SCANNER Standard Scan 4 Stealthed 9 Closed 1 Open TCP SYC Scan 5 Stealthed 8 Closed 1 Open EXPLOITS TEST A Green Smiley (at last) As you can see its got lots of closed only ports etc. People seem to brag that their FWs are all blocked. Are these results OK or do I need to fine tune it with other members' guidance or try another FW?
Hello Lison, Most personal firewalls that I have tried have given me stealth on all the tests mentioned with the default installation of the products. Some of them only gave me stealth once I've tweaked the settings a little, it will be hard for people here to advise you which setting to tweak without knowing which firewall your using. As for your results, the stealth vs closed is a debate that is ongoing for a long time now as some feel that stealth is not really more secure than closed. I personally prefer to be stealth on all tests but that is only my opinion. The ones in your test results that would worry me would be the open ports! Before you purchase that firewall that you are trialing, I would definitively get those ports closed or stealth with some tweaking or rules created (depending on your product), otherwise even with your firewall in place you are still very much vulnerable.
Thanks for the reply... It was two firewalls actrually. Factory configs on both. I wouldn't know how to do much to customize them anyway. There was a difference in one more blocked port on one of them otherwise both delivered identical results. The two firewalls were... Sygate Personal Pro 5.5 (2525?) BitGuard Why??
a lot depends on which ports were stealthed or closed and which port was open I personally do not find pcflank tests particularly reliable as they are unable to check my computer due to the fact that my isp uses a proxy server i tend to go for https://grc.com/x/ne.dll?bh0bkyd2 which tells you exactly which ports are open and i bet it's 5000
Are you running both firewalls on the same machine at the same time? That would be a bad idea, since they both need to own the ipstack of windows. That would most probably result in less than reliable reports. I don;t care for closed or stealth ports. It's the open port that matters. It can be okay, for instance when you are running p2p software, or a webserver. it all depends (some easy answer, but that's the case here too).
Like meneer said, I wouldn't run both firewalls at the same time. You can try both of them during the trial (although not at the same time) and then decide which one suits you best. Since I tried BitGuard a long time ago, I'm not to sure how it has evolved but I do believe that the default installation should give you stealth and I do know that Sygate Pro also should give you stealth at default installation. Remove one of these firewalls and redo the test. Also try these other sites for testing: 1- http://www.dslreports.com/scan 2- http://www.blackcode.com/scan/ 3- http://scan.sygate.com/ 4- https://grc.com/x/ne.dll?bh0bkyd2 Either firewall should give good protection just not at the same time. Also don't forget to turn off Windows XP firewall if it's turned on.
I only used one Firewall at a time unistall/install. No problems here. The port open was/is 80. Switch off internal XP firewall?? I haven't done that. It's on. And still is. Could that stuff up the tests? Plz advise again before I switch it off.
Maybe. We share the ADSL modem with 2 PCs in the house. 1xP3 into modem via crossover cable. 1xP4 into modem vis USB. What do you think?
It could be that pcflank scanned the router. In that case the results prove nothing at all. But first: Why is port 80 opened? Are you running a webserver somewhere? If so: is it a windows server? If so is it fully patched? It could be the internal webserver of the router (provided that you can manage the router via a browser). In that case it's a badly configured router. Open the config screen and make sure that you can only manage it from the internal network. Besides, using http (port 80) is no good idea, better use https (port 443).
Is the modem also acting as a gateway/router (doing NAT)? Do the pc's behind the modem have separate public IP's or private IP's? Regards, CrazyM
To me norton is consider the most best n powerful firewall. It's can verified what u want and do not. U cam try the free trail.
Sounds to me that it is not Your Actual IP address that is being scanned, could be your ISP cache server or your router but in your case I suspect that it is the PC that connects directly to the internet as you are not using a router.