I'm running Online Armor behind an ASUS router and when I run the GRC and PC flank tests it says a number of ports are listed as OPEN while the rest are all stealth. I'm wondering if this is typical, and if I need to fix it... GRC says: 135 and 445 are closed PC flank says these ports are closed: 135 closed RPC 137 closed NETBIOS Name Service 138 closed NETBIOS Datagram Service 139 closed NETBIOS Session Service 1080 closed SOCKS PROXY
Have you tried opening a command prompt then enter.. "netstat -an" without the quotes, it will tell you which ports are listening I found this article helpful.. http://stoicjoker.com/ClosePort445.html
There's a bunch, but I think it might be my router. When I run the test on my phone I get the same result. I'm not sure why it would be doing this, or how to fix it. My last one didn't have these closed ports.
This topic has been discussed to great lengths before, but from what I remember the GRC test will not return accurate results if your device is behind a router. You'll need to enable your router's stealth settings. Also from what I remember, there is no real advantage between closing ports or hiding them. If your worried about incoming or outgoing data, you could write rules for your firewall to further refine your control.
If I remember right, PC Flank was prone to giving inconsistent and flaky results. I would not trust it or take those results too seriously... Also, closed is fine...
I don't get it... from what you list there all your ports are closed according to both sites. Yet you say your problem is that you have open ports. Which ones are open then? Or did you mean to say that these ports are open/listening, and not closed? And made a mistake? If you are behind a router then the tests are testing it, and not your firewall/computer. If you're not behind a router... you should be, yet still I think it's a good idea to have your ports closed at the OS level before any 3'rd party software and/or hardware to solve the problem. So I also recommend the "netstat -an" thing. You should be able to find out how to close all of them at the source via your trusty search engine. If not, or even if so I recommend a 2-way software FW with a nice, tight rule set. And again the router, with SPI (which most come with these days). 137-139 can probably be closed by disabling NetBios over TCP/IP. 135 & 445 are a bit more tricky, and accomplished via a combination of disabling services and registry tweaks. But "make sure" it doesn't break any essential functionality before just going in there and winging it. 1080 sounds like a web scanner to an AV, or something of the sort.
Sorry that was a typo. I meant closed. My old router used to have all of them as stealth, then I upgraded to this Asus one and I'm getting the above listed results. I didn't see anything in the firmware about stealth all ports. Was just wondering if it was safe.
Okay... those ports you listed are closed then. And the rest stealthed... correct? If so, you're perfectly safe, yes. Closed ports are just as good as stealthed ones. There are some cases with VPN's/proxies where they can't stealth certain ports or it'd create problems with clients trying to connect with them, so they end up closed instead of stealthed. 443 and 113 are 2 such ports. And this is just 1 example. There are other scenarios as well where it's prudent, for certain reasons not to stealth the ports. But as long as they're closed you're fine.
