Interesting results, Do i need firewall?

Just now i tested firewall test with no firewall on. with shields up and auditmypc,
strange thing is that,
result from shields up-
1)service ports(1056 ports) - all stealthed.
2)file sharing test - unable to connect to netbios to comp that means no leakage.
3)common ports - all trustealthed.
auditmy pc results
1)port scanner - We scanned the ports you requested, looking for any services or viruses that might be running on them, and did not find anything. This usually indicates that your firewall software or security software is functioning properly.
2)Security Scan - same result as above.
hackerwatch test
1)simple probe - Packets were successfully sent to your computer. The server was unable to obtain a connection or any traffic from your computer. This generally indicates that your firewall blocked the traffic successfully.
2)port scan - ports are secure.

right now im using only avira antivir as antivirus. and firefox with no script.

Im pretty amazed at these tests results.

 

Im more amazed that you didnt say if you running a NAT router or does your service provider provide that for you? Which would more or less explain the blocked packets and good test results you got.

 

you will be amazed more when you hear that i dont use NAT or router stuff.
But i dont know that my service provider provide that for me or not.

Can u tell me that how to find it?It will be a silly question but whenever i shut down the pc and start pc and internet i can see that my ipaddress had changed automatically.

 

Maybe your modem has a builtin firewall?

 

i dont know.sure i will check it out.but i think there is no inbuilt firewall, i will check it right now.

 

i didnt find anything about firewall here. it is ADSL2 + modem which connects to a switch and then to my computer.

 

Sometimes ISPs block specific critical ports like 137-139 and others. So that might account for some of the test results. Also, most ports on your PC are probably closed too. However, if you run a scan somewhere and everything shows up stealth, then you either have a router or firewall in there somehow, perhaps in the modem as suggested above... if running XP, is the XP firewall on and you don't realize it?

 

well before testing i purposly disabled xp firewall.

 

Test PC's ports from inside, then it should not be fooled by anything. The simplest tool I know is WWDC, it will show you opened ports (like this).
But there is also a difference, whetever the port is really opened, or it is just a localhost, you will need to check it out with a tool like SuperScan.

 

See if Gibson Shields Up gives the same results. Also, did you make sure the ip address scanned matches your pc's?

 

I dont know about this-
my pc ip address when i look in cmd is different from the ip address shields up is showing.
and whenever i shut down the modem and restart, i see a different ip address of my pc on shields up.

 

This means that you are not testing your machine but something else, your modem most likely.

Fax

 

i didnt understand what u said. or can u tell how to test my machine?

 

If shieldup report a different IP than the one you see if you use the IPCONFIG command it means that shields up is testing something else than your machine...

How to test your machine? Well, if your ISP is filtering traffic there si nothing you can do apart from asking your ISP to remove the protection.

If its your modem filtering traffic you need to find a setting to disable that particular feature or change modem to test your PC.

Cheers,
Fax

 

AFAIK the switch will act like a NAT router. The switch cannot direct any inbound because it doesn't know where to send it.

 

Which still means, yes. You still need some sort of firewalling mechanism even with the ADSL2 modem playing pseudo NAT. This configuration sounds dangerously easy to overwhelm much like sending ARP packets to a WEP router to break security.

- beads

 

Is it really pseudo NAT? A NAT router is really just a switch with a modem built in (at least that's what mine is). I didn't think you needed a firewall to stop inbound as long as your ports were closed or stealthed.

 

A simple NAT device usually does not stealth ports but keep them closed... so I wonder if it is really the switch doing it...

Fax

 

If you set up a DMZ then it stealths them. Not sure if that's actually what's happened though.

 

The switch from modem is used to split the connection into many connections.
But i dont know that much of things which all of u talkin about, like DMZ or NAT router.
But will it be safe without a firewall as i dont use any confidential stuff like credit card and etc on internet and i dont have that much confidential matters stored on my pc.
Well i use pc for my works like graphics and internet for surfing and downloading.

 

NAT/switch/whatever devices will protect you from the inbound unsolicited traffic... but are you protected from outgoing (PC--> Internet) unsolicited traffic?

Software firewall or other utilities will usually provide both (inbound/outbound) protection...

Cheers,
Fax

 

If you don't want or feel the need to filter outbound traffic, I would just re-enable XP's firewall which will protect you from other clients on the switch, if you are on a LAN.

 

I have no idea how any of this works but with my Netgear DG834 Router if I check with www.grc.com I'm told that everything is stealthed. I have no software firewall running - not even XP

 

Interesting report,.. but you should realise that such a report is not possible with windows with no interaction of a filter/firewall.
I can certainly lock windows, with no services active (for internet), to show closed ports for sevices,... but stealth needs ability to block the outbound reply of ~ open/closed (then seen as stealth)

 

Your "modem" is probably a gateway appliance that runs in NAT mode..the majority of DSL ISPs have been providing those over the past years, compared to just pure "bridged" modems which they used years ago.

Wonderfully easy to see if yours is running as a NAT box..just run IPCONFIG..if you have a class C private IP address (such as 192.168.1.xxx)..you're behind NAT. If you have a public IP address...well, it's not NAT...and your PC is probably dug into already.