PCFlank and LnS

Just now I did two tests at www.pcflank.com. The quick test tells me:

But then the stealth test let me know all ports of my PC are invisible (stealthed).

Seems to me rather strange and contradictory. Is there any commercial link (affiliation) between PCFlank and Outpost? People here get the same results, doing these tests?

 

The 'advanced port scan' gave the following results:

Again, ports 137, 138 and 139 are not stealthed but closed.
Is this a weakness in LnS? Does it mean I'm at risk? If so, what to do about it?

 

Are you using the enhanced rules set ? That is what you should be using for max security.Try www.grc.com and run Shieldsup test .Testing on my pc all ports stealthed no packets in or out and no ping repley.tru full stealthed.

 

Yes, of course I do.

That's one of the first things I did after installing LnS, a while ago: it said all ports are stealth. Because of that I'm so amazed, and a bit worried, that PCFlank told me three ports are not stealth but just closed.

Anybody tried this 'Advanced Port Scan' at http://www.pcflank.com/scanner1.htm and if so, what are your results?

 

Interesting indeed, I did all the tests on pcflank also with Outpost 4.0 and it passed all of them, however interestingly enough when I did the quick test, it also gave me that port 139 was open, yet all the other tests reported full stealth

Port: Status Service Description
21 stealthed FTP File Transfer Protocol is used to transfer files between computers
23 stealthed TELNET Telnet is used to remotely create a shell (dos prompt)
80 stealthed HTTP HTTP web services publish web pages
135 stealthed RPC Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems
137 stealthed NETBIOS Name Service NetBios is used to share files through your Network Neighborhood
138 stealthed NETBIOS Datagram Service NetBios is used to share files through your Network Neighborhood
1080 stealthed SOCKS PROXY Socks Proxy is an internet proxy service
1243 stealthed SubSeven SubSeven is one of the most widespread trojans
3128 stealthed Masters Paradise and RingZero Trojan horses
12345 stealthed NetBus NetBus is one of the most widespread trojans
12348 stealthed BioNet BioNet is one of the most widespread trojan
27374 stealthed SubSeven SubSeven is one of the most widespread trojans
31337 stealthed Back Orifice Back Orifice is one of the most widespread trojans
139 closed NETBIOS Session Service NetBios is used to share files through your Network Neighborhood

I do believe though that this port isnt nessecarily active to share files through your network, unless you actually enable your computer to do it, Also I think there might be an error on pcflank here somewhere, this is the first time I've seen this port closed not stealthed untill today. I also cloed the NETBIOS in Outpost settings, and it still gives an open verdict, deffinately something amiss on pcflank I wouldnt be too concerned


Edit: I just did a check on port 139 on www.grc.com and used the custom port scan, this is the result I get for port 139:

Port
Status Protocol and Application

139
Stealth netbios-ssn
NETBIOS Session Service

 

Well, at grc I also checked ports 137, 138 and 139. The results:

So, it looks like some sort of bug at the site of PCFlank. I'm just curious if other people have comparible results.

Anyway, what makes me a bit suspicious is that they first let you know that one or more ports are not stealth but only closed and then immediately recommend Outpost.....why

 

Yes, this is a known issue of PCFlank scan:
https://www.wilderssecurity.com/showthread.php?t=102887

Frederic

 

Thanks, Frederic.
May be I should have used the search first, anyway, it's a PCFlank problem, so I think I'd better leave it there .

 

Hank pcflank recomend outpost because they are a sponsor site for the program, they get a % profit from everyone of their redirected sales