Interesting results, Do i need firewall?

Discussion in 'other firewalls' started by sach1000rt, Jul 9, 2007.

Thread Status:
Not open for further replies.
  1. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    Just now i tested firewall test with no firewall on. with shields up and auditmypc,
    strange thing is that,
    result from shields up-
    1)service ports(1056 ports) - all stealthed.
    2)file sharing test - unable to connect to netbios to comp that means no leakage.
    3)common ports - all trustealthed.
    auditmy pc results
    1)port scanner - We scanned the ports you requested, looking for any services or viruses that might be running on them, and did not find anything. This usually indicates that your firewall software or security software is functioning properly.
    2)Security Scan - same result as above.
    hackerwatch test
    1)simple probe - Packets were successfully sent to your computer. The server was unable to obtain a connection or any traffic from your computer. This generally indicates that your firewall blocked the traffic successfully.
    2)port scan - ports are secure.

    right now im using only avira antivir as antivirus. and firefox with no script.

    Im pretty amazed at these tests results.
     
  2. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Im more amazed that you didnt say if you running a NAT router or does your service provider provide that for you? Which would more or less explain the blocked packets and good test results you got.
     
  3. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    you will be amazed more when you hear that i dont use NAT or router stuff.
    But i dont know that my service provider provide that for me or not.

    Can u tell me that how to find it?It will be a silly question but whenever i shut down the pc and start pc and internet i can see that my ipaddress had changed automatically.
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Maybe your modem has a builtin firewall?
     
  5. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    i dont know.sure i will check it out.but i think there is no inbuilt firewall, i will check it right now.
     
  6. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    i didnt find anything about firewall here. it is ADSL2 + modem which connects to a switch and then to my computer.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,787
    Sometimes ISPs block specific critical ports like 137-139 and others. So that might account for some of the test results. Also, most ports on your PC are probably closed too. However, if you run a scan somewhere and everything shows up stealth, then you either have a router or firewall in there somehow, perhaps in the modem as suggested above... if running XP, is the XP firewall on and you don't realize it?
     
  8. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    well before testing i purposly disabled xp firewall.
     
  9. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Test PC's ports from inside, then it should not be fooled by anything. The simplest tool I know is WWDC, it will show you opened ports (like this).
    But there is also a difference, whetever the port is really opened, or it is just a localhost, you will need to check it out with a tool like SuperScan.
     
  10. wat0114

    wat0114 Guest

    See if Gibson Shields Up gives the same results. Also, did you make sure the ip address scanned matches your pc's?
     
  11. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    I dont know about this-
    my pc ip address when i look in cmd is different from the ip address shields up is showing.
    and whenever i shut down the modem and restart, i see a different ip address of my pc on shields up.
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    This means that you are not testing your machine but something else, your modem most likely.

    Fax
     
  13. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    i didnt understand what u said. or can u tell how to test my machine?
     
  14. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    If shieldup report a different IP than the one you see if you use the IPCONFIG command it means that shields up is testing something else than your machine...

    How to test your machine? Well, if your ISP is filtering traffic there si nothing you can do apart from asking your ISP to remove the protection.

    If its your modem filtering traffic you need to find a setting to disable that particular feature or change modem to test your PC.

    Cheers,
    Fax
     
  15. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    AFAIK the switch will act like a NAT router. The switch cannot direct any inbound because it doesn't know where to send it.
     
  16. beads

    beads Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    49
    Which still means, yes. You still need some sort of firewalling mechanism even with the ADSL2 modem playing pseudo NAT. This configuration sounds dangerously easy to overwhelm much like sending ARP packets to a WEP router to break security.

    - beads
     
  17. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    Is it really pseudo NAT? A NAT router is really just a switch with a modem built in (at least that's what mine is). I didn't think you needed a firewall to stop inbound as long as your ports were closed or stealthed.
     
  18. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    A simple NAT device usually does not stealth ports but keep them closed... so I wonder if it is really the switch doing it...

    Fax
     
  19. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    If you set up a DMZ then it stealths them. Not sure if that's actually what's happened though.
     
  20. sach1000rt

    sach1000rt Registered Member

    Joined:
    May 29, 2007
    Posts:
    171
    Location:
    india
    The switch from modem is used to split the connection into many connections.
    But i dont know that much of things which all of u talkin about, like DMZ or NAT router.
    But will it be safe without a firewall as i dont use any confidential stuff like credit card and etc on internet and i dont have that much confidential matters stored on my pc.
    Well i use pc for my works like graphics and internet for surfing and downloading.
     
  21. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    NAT/switch/whatever devices will protect you from the inbound unsolicited traffic... but are you protected from outgoing (PC--> Internet) unsolicited traffic?

    Software firewall or other utilities will usually provide both (inbound/outbound) protection...

    Cheers,
    Fax
     
  22. wat0114

    wat0114 Guest

    If you don't want or feel the need to filter outbound traffic, I would just re-enable XP's firewall which will protect you from other clients on the switch, if you are on a LAN.
     
  23. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I have no idea how any of this works but with my Netgear DG834 Router if I check with www.grc.com I'm told that everything is stealthed. I have no software firewall running - not even XP
     
  24. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Interesting report,.. but you should realise that such a report is not possible with windows with no interaction of a filter/firewall.
    I can certainly lock windows, with no services active (for internet), to show closed ports for sevices,... but stealth needs ability to block the outbound reply of ~ open/closed (then seen as stealth)
     
  25. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Your "modem" is probably a gateway appliance that runs in NAT mode..the majority of DSL ISPs have been providing those over the past years, compared to just pure "bridged" modems which they used years ago.

    Wonderfully easy to see if yours is running as a NAT box..just run IPCONFIG..if you have a class C private IP address (such as 192.168.1.xxx)..you're behind NAT. If you have a public IP address...well, it's not NAT...and your PC is probably dug into already.
     
Loading...
Thread Status:
Not open for further replies.