Most trusted online security scan?

Discussion in 'polls' started by optigrab, Oct 22, 2003.

Thread Status:
Not open for further replies.
  1. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    My first poll, but I sincerely want to know the answer. :D Hope this one doesn't violate any Board policies or generally seem like the proverbial "stupid question" :p

    My guess is that the majority of members subscribe to a "layered approach" to all aspects of security, so a lot of you will want to specify more than one. Looking forward to the discussion!
     
  2. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi ;)

    Three best to me (by far):

    http://www.pcflank.com/test.htm about privacy (nice and precise)

    http://www.pcflank.com/exploits.htm about firewall defences (beware - powerful test !) You have to tick all the boxes to proceed with all the attacks at the same time.

    http://www.leader.ru/secure/who.html again about privacy (terribly good - already helped me several times to discover flaws in my soft's or config's when I thought all was perfect)

    If you haven't done it already, please go and try these and come back to tell me what you think... (Don't try the second one if you're not firewall-protected !)

    Rgds, Crockett :cool:
     

    Attached Files:

  3. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    BlackCode I can't even run, 'cause my security settings seem to keep me from even going further than the start page ! JVScripts enabled, though... Strange.

    Crockett :cool:
     

    Attached Files:

  4. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    :D For a ports test I like Gibsons-GRC. Quick and to the point whether your ports are open, closed, or stealth. A while back I believe I read that he is working on a scanner that will include all :eek:65,535 ports. :eek: I can't wait for that!! :D
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I agree with beetlejuice. I like grc. for a quick port scan to make every thing is stealth . :)
     
  6. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    You can already custom scan ports.
     
  7. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    Pcflank test looks too "clever" and yet it can't work if you are using an ISP trasnparent NAT :)
     
  8. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    i choose grc. too.... :D it was quick and i like that i can just enter a port range and scan.

    JayK...."ISP transparent NAT"....?? i am not sure what that is, could you explain it so i don't go around thinking you mean one of those see-through cased routers?

    snap :)

    sorry..spelled your name JKay..it sounded the same :doubt:
     
  9. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    Hmm perhaps the word NAT was redudant. transparent proxy

    But seriously, I don't know what that means either, it just sounds cool! :)

    PS See my tag line
     
  10. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    ROFL - well it DOES sound cool! Thanks JayK!
     
  11. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Hi Crockett

    I tried the " Holmes/Who" site you recommended - Seems like a good one, but it didn't give me any different results than PC Flank or GRC, and it doesn't seem as polished. Then again, I only tried the first port scan :doubt: Still, I've bookmarked it.

    I have found that Sygate Online (stealth scan option) tells me I've got several ports 'Blocked' but not 'Stealth'. But every other scan I've done (PC Flank, GRC, Sygate quick scan) tells me I'm 'All Stealth'. Question: Does anyone suppose that these results are reliable - that is, Sygate found a problem others didn't?

    Regards, Optigrab ;)
     
  12. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi Optigrab :)

    If your system is safe, as yours seems to be, there's no automatic reason Holmes would give you any different result.

    But I recall, when first trying Opera a couple of years ago, I tried the test and was amazed to see the site could access... my internet connection username ! Talk about a surprise ! :eek:

    After some trial and error and dialogs with the Opera crew, we realized the problem came from some flaw in the SunJava machine (1.3 at the time if my memory is good). Using some combination of Java and Javascripts, the Holmes site could get access to the info the JavaMachine knew.

    The point is - I was very proud of the fact that I succeeded all the on-line tests I could get my hands on, and then this flaw was revealed by Holmes.

    So I was glad I came accross it so I could correct the flawed configuration on my pc (i.e. change my JavaMachine or decide to disable JavaScripts alltogether).

    More recently, I decided to try the FireBird stand-alone browser, and again went through many tests, always succeeding... But again, I went to Holmes, and with JavaScripts enabled, it was able to see which previous site I was connecting from. That puzzled me, since I had history and referrers disabled in the browser AND referrers disabled in WebWasher (web filter). I then tried with a former version of FBird (i.e. Phoenix) and got the same troubling result. I then switched to Opera, which appeared not to suffer from the flaw. I then tried Beonex (a third stand-alone browser based on the Mozilla engine), and it didn't suffer from the flaw either...

    See, in some instances this Holmes site can really see some important things that most other sites can't...

    Now, you can understand why - even when I succeed on PCFlank - I always double-check on Holmes... ;)

    Rgds, Crockett :cool:
     
  13. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    HI again ;)

    I now spend most of my time on Opera, and Opera doesn't even allow me to enter the 'start procedure' on Sygate tests. Opera behaves like this only on Sygate site, displaying a message it doesn't allow the procedure for security reasons.

    Not sure why, but I think it might be because the site tries to unsecurely access the browser on port 443 when this port should be reserved for secure connections only. :doubt:

    Beyond that, the Sygate scan site has a rather uneven reputation, to say the least. On the other hand, their firewall has a rather good reputation and seems to almost always be part of the top four list of free FW's on the market (OutPost, LookAndStop, Kerio2.15 and Sygate).


    If I recall, it had already been discussed some time ago... To get to the desired thread(s), you may click on my name ('View profile of Crockett'), ask for some of the first posts I had on Wilders and see which messages lead to threads which can give you some various opinions about the site.

    Feel free to PM if you can't find the desired threads you're looking for.

    Rgds, Crockett :cool:
     

    Attached Files:

  14. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Hi Crockett :)

    I see (said the blind man)! Thanks for the wealth of knowledge. As is usual for me I'll have to read through a couple of times before it all sinks in my primitive brain ;)

    I'll also go back to Holmes (to test my mettle) and Sygate (to unravel the bugger).

    Many thanks, and I'll be in touch.

    Best regards
    Optigrab :D
     
  15. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    For the scan at Sygate Blocked = Stealth

    From their site:
    "Ideally you should receive "Blocked." This indicates that your ports are not only closed, but they are completely hidden (stealthed) to the world."

    Regards,

    CrazyM
     
  16. spydespiser

    spydespiser Registered Member

    Joined:
    Sep 21, 2003
    Posts:
    162
    Location:
    Gtr M/C UK
    GRC for me :)

    speed,convenience and easy to remember/type in when i mess something up/have to switch browsers/configurations dont go as planned
    when all clear from there, then try others and try additional tweaks from there
    but thats me :D Simple :D

    SpyD :cool:
     
  17. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    That's strange, did you ever figure out why? The current build of FB 0.7 don't have this problem.
     
  18. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    You are correct, CrazyM, of course. My mistake. I meant "Closed, not Blocked/Stealth".

    WEB-80-CLOSED, POP3-110-CLOSED, IDENT-113-CLOSED, NetBIOS-139-CLOSED, HTTPS-443-CLOSED, 445-CLOSED, 1080-CLOSED, 1245-CLOSED.

    This is for "Sygate Stealth Scan" only; Sygate Quick, and most other scans say I'm stealth. Just beginning my investigation to find the cause.

    Best regards :)
    Optigrab
     
  19. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hello :)

    Went back and checked ShieldsUp again... Of course I agree this is one of the top ones also.

    https://grc.com/x/ne.dll?bh0bkyd2

    Rgds, Crockett :cool:
     

    Attached Files:

  20. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Among other things, the Browser Header scan is very nice...

    Crockett :cool:
     

    Attached Files:

  21. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    I figured out the Sygate Stealth Scan that previously gave me the above result. Seems the scan calls the browser to send a DNS request to a different server (other than my ISP). Created a new rule in my firewall and now I am stealth on all Sygate scans. I now have an enhanced respect for that clever site. ;)
     
  22. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi JayK :)

    Sorry for late answer...

    I just redid the same test with FireBird and came to the same conclusion...
     

    Attached Files:

  23. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    You can try it yourself if you want...

    I start from this post: http://www.wilderssecurity.com/showthread.php?t=15280;start=msg95416#msg95416

    Click on the link to leader.ru/who...

    See screenshot for the settings I use in FB
     

    Attached Files:

  24. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Please also note that, in addition, I use a specifically dedicated filter to block referrers and prefixes, among other things...
     

    Attached Files:

  25. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Of course, no cookie allowed...

    But I'm afraid I still get the same surprising result:

    Holmes just knows where I'm coming from...
     

    Attached Files:

    • Res1.gif
      Res1.gif
      File size:
      3.3 KB
      Views:
      1,744
Loading...
Thread Status:
Not open for further replies.