Must be doing something wrong (KIS 6) Advice needed..

Discussion in 'other anti-virus software' started by Crappopotamus, Apr 6, 2007.

Thread Status:
Not open for further replies.
  1. Crappopotamus

    Crappopotamus Registered Member

    Joined:
    Dec 21, 2004
    Posts:
    157
    Location:
    Illinois
    Just recently installed the KIS 6 (build 621) program from the systweak offer like a lot of others but have a problem..

    No matter what setting I use for the firewall, www.grc.com (shieldsup) reports me as not attaining true stealth status like I can obtain with NIS 2007 or other programs with no tweaking..

    I'm a little more familiar with NIS and Zonealarm (still never tweaked them much either), but it's a little frustrating to see it not being true stealth and also KIS showing 'blocked attacks' at 0.

    can I grab any pointers from those here that can achieve this status with KIS?

    thanks
     
  2. Badcompany

    Badcompany Registered Member

    Joined:
    Nov 18, 2005
    Posts:
    752
    Location:
    RUNCORN UK.
    Hi Crappopotamus,
    The best thing to do would be vist the Kaspersky Forum.
    BC.
     
  3. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    What kind of advice are you looking for?
     
  4. Crappopotamus

    Crappopotamus Registered Member

    Joined:
    Dec 21, 2004
    Posts:
    157
    Location:
    Illinois
    To be able to achieve a true stealth status like ZA and NIS07 do straight from the get-go I presume.
     
  5. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    How to stealth all of his ports.

    Crap, is it port 113 that shows closed and not stealth?
     
  6. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    Please go into the anti-hacker part.
    Here it is easy to stealth the zones.

    If this not works properly, I suggest reinstalling KIS.

    What version of KIS are you using?
     
  7. Crappopotamus

    Crappopotamus Registered Member

    Joined:
    Dec 21, 2004
    Posts:
    157
    Location:
    Illinois
    I'm using 621 , Under anti-hacker it has "internet" and my IP address listed, both are checked as "stealth".

    Only thing I changed from the install was I set the firewall to training mode and have allowed only things I know are legit to go out..

    here are the results:

    ---------------------

    GRC Port Authority Report created on UTC: 2007-04-06 at 21:22:51

    Results from scan of ports: 0-1055

    0 Ports Open
    811 Ports Closed
    245 Ports Stealth
    ---------------------
    1056 Ports Tested

    NO PORTS were found to be OPEN.

    Ports found to be STEALTH were: 0, 22, 42, 135, 139, 179, 392,
    393, 394, 395, 396, 397, 398,
    399, 400, 401, 402, 403, 404,
    405, 406, 407, 408, 409, 410,
    411, 412, 413, 414, 415, 417,
    418, 419, 420, 421, 422, 423,
    424, 425, 426, 427, 428, 429,
    430, 431, 432, 433, 434, 435,
    436, 437, 438, 439, 440, 441,
    442, 443, 444, 445, 446, 447,
    448, 449, 450, 451, 452, 453,
    454, 455, 456, 457, 458, 459,
    460, 461, 462, 463, 464, 465,
    466, 467, 468, 469, 470, 471,
    472, 473, 474, 475, 476, 477,
    478, 479, 480, 481, 482, 483,
    484, 485, 486, 487, 488, 489,
    490, 491, 492, 493, 494, 495,
    496, 497, 498, 499, 500, 501,
    502, 503, 504, 505, 506, 507,
    508, 509, 510, 511, 512, 513,
    514, 515, 516, 517, 518, 519,
    520, 521, 522, 523, 524, 525,
    526, 527, 528, 529, 530, 531,
    532, 533, 534, 535, 536, 537,
    538, 539, 540, 541, 542, 543,
    544, 545, 546, 547, 548, 549,
    550, 551, 552, 553, 554, 555,
    556, 557, 558, 559, 560, 561,
    562, 563, 564, 565, 566, 567,
    568, 569, 570, 571, 572, 573,
    574, 575, 578, 579, 580, 581,
    582, 583, 584, 585, 586, 587,
    588, 589, 590, 591, 592, 593,
    594, 595, 596, 597, 598, 599,
    600, 601, 602, 603, 604, 605,
    606, 607, 615, 616, 617, 618,
    619, 620, 621, 622, 623, 624,
    625, 626, 627, 628, 629, 630,
    631, 632, 633, 634, 635, 636,
    637, 638, 639, 1023

    Other than what is listed above, all ports are CLOSED.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - A PING REPLY (ICMP Echo) WAS RECEIVED.
     
  8. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    811 ports were not stealthed, omg... something is wrong here.

    all ports stealthed here, just using my router with no installed firewall on my laptop, just an AV.
     
  9. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California
    I would suggest a reinstall. When I ran KIS6, I had the firewall in training mode, and all ports at GRC were stealth. If that doesn't work, the Kaspersky forum is a good choice.
     
  10. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    It is possible that you have some software running on your PC that is behaving like server. To check what is happening right click the K icon in the Sys Tray and select Netwoek Monitor. Select the Open Ports tab and check to see which have an IP address that is NOT 127.0.0.1 or 0.0.0.0. Against those entries check the Local Port to see if one of them is the port that GRC reports as beong closed only. If you locate this then take a look at the application against that entry...that could be your culprit. You can either prevent the applciation from running or set up custom rules to block inbound traffic (TCP & UDP) for that specific port.

    I had this problem with Skype acting as a server and therefore had non stealthed ports. Set up custom rules to block the relevent ports re. inbound traffic and GRC then reported back a fully stealthed system...and Skype has continued to function normally.

    I am not saying that this is the solution to your issue but it may be and so may be worth investigating.:D
     
  11. Crappopotamus

    Crappopotamus Registered Member

    Joined:
    Dec 21, 2004
    Posts:
    157
    Location:
    Illinois
    The only ports in the open ports list that have an IP other than 127 or 0, is 1900 and 49315. UDP SVCHOST.EXE -K LOCALSERVICE is how they are listed.

    I connect to the internet through verizon wireless broadband evdo rev-a cellular connect. It uses vzwmanager software to achive the connection using a usb dongle modem (cellular). That could be considered a server I presume? BUT if I install norton or ZA or even mcafee they all pass trustealth the first go-round, even with this verizon connection software.
     
  12. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    FWIW I just installed KIS 6.0 build 6.0.2.621 on my laptop and hooked directly into my cable modem (bypassing my router). I then went to GRC, ran the shields up on all services ports, and the result was stealth on all ports.
     
  13. Crappopotamus

    Crappopotamus Registered Member

    Joined:
    Dec 21, 2004
    Posts:
    157
    Location:
    Illinois
    Did an uninstall, used the registry cleaner from kaspersky, and reinstalled, updated and got this. Even worse.

    NOTE: I have a second laptop, using the same verizon wireless access software but I have NIS2007 installed.. Trustealth rating on all ports ... So it has nothing to do with the verizon software, it could'nt.

    ----------
    GRC Port Authority Report created on UTC: 2007-04-07 at 01:46:24

    Results from scan of ports: 0-1055

    0 Ports Open
    1024 Ports Closed
    32 Ports Stealth
    ---------------------
    1056 Ports Tested

    NO PORTS were found to be OPEN.

    Ports found to be STEALTH were: 0, 22, 42, 135, 139, 179, 181,
    182, 183, 184, 185, 186, 187,
    188, 189, 190, 191, 202, 206,
    209, 210, 211, 213, 214, 215,
    445, 492, 493, 507, 530, 568,
    1023

    Other than what is listed above, all ports are CLOSED.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - A PING REPLY (ICMP Echo) WAS RECEIVED.




    dammit.




    HOWEVER --- The other laptop with the same verizon access software and NIS2007 get this:

    -------------

    GRC Port Authority Report created on UTC: 2007-04-07 at 02:38:51

    Results from scan of ports: 0-1055

    0 Ports Open
    0 Ports Closed
    1056 Ports Stealth
    ---------------------
    1056 Ports Tested

    ALL PORTS tested were found to be: STEALTH.

    TruStealth: PASSED - ALL tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.

    hmmph.
     
    Last edited: Apr 6, 2007
  14. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Curious.
     
  15. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    very strange. I run .621 as well and everything is stealthed.
    maybe have a look at the kaspersky forum. They'll help
     
  16. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    That is indeed mighty curious. I only had to create inbound block rules for Skype (Ports 80, 443, 1043 & 3927) after which Shields Up reports everything was stealthed.

    I agree with Sjoeii...a post at the Kaspersky Forum is worth a go.:)
     
  17. Rickk

    Rickk Registered Member

    Joined:
    Jan 9, 2007
    Posts:
    49
    EliteKiller had said:
    I personally also tried a Shields Up scan and it came up full stealth, EXCEPT for port 113.
    ShieldsUp then explains why on many systems, port 113 is simply blocked and not stealthed... and that stealthing 113 can sometimes (not always) create problems.

    What do others think and recommend?
     
  18. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
  19. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    If he has got a Router there is no point in going to shieldsup, 'cos he'll be testing his Router not KIS!
     
  20. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    Not all routers filter 113 either.
     
  21. Rickk

    Rickk Registered Member

    Joined:
    Jan 9, 2007
    Posts:
    49
    I do have a router.
    D-Link DI-604

    Also KIS 6.0.0.300

    If one has the above router's firewall plus KIS (full protection enabled) plus Spybot (Teatimer, Resident shield enabled), SywareBlaster, is it ok to keep port 113 simply closed instead of stealth?

    [Btw, On a laptop (with Netgear wireless router) I have Avira Classic, Comodo, Spyware Blaster, Spybot & Winpatrol. Port 113 is also shown as closed instead of stealth.]
     
  22. Crappopotamus

    Crappopotamus Registered Member

    Joined:
    Dec 21, 2004
    Posts:
    157
    Location:
    Illinois

    I don't have a router on this connection, as it is EV-DO cellular, I don't have the $$ for a linksys 3g router, I just use the antihacker firewall when I go to grc.com
     
  23. Metal425

    Metal425 Registered Member

    Joined:
    Mar 20, 2007
    Posts:
    188
    Location:
    Southern California
    Visit the Kaspersky Forums, re-install, or make sure windows firewall is off.
     
Loading...
Thread Status:
Not open for further replies.