Outpost 1.0 and GRC (port stealthing)

Discussion in 'other firewalls' started by RejZoR, Nov 15, 2005.

Thread Status:
Not open for further replies.
  1. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Solicited TCP Packets: RECEIVED (FAILED)

    1028
    Host
    Closed Your computer has responded that this port exists but is currently closed to connections.

    1029
    Host
    Closed Your computer has responded that this port exists but is currently closed to connections.

    Any idea how to set these things in order to pass the tests?
    No matter what i do it keeps on closing those two ports 1028 and 1029.
    Also how to get that Solicited TCP packets filtered?

    I know it's an old firewall but very lightweight and free so i'd like to get it working...
     
  2. chiawaikian

    chiawaikian Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    46
    Do you have a router or a modem that does NAT (Network Address Translation)?
     
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No, direct connection to internet using ADSL (PPPoE).
     
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
  5. chiawaikian

    chiawaikian Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    46
    Crow, please stay on topic.

    Rejzor, most modems these days come with NAT(Network Address Translation). Check the manual that came with your modem to see if your modem has NAT capabilities.

    If it does, GRC was actually scanning your modem, not your computer. Behind your modem, you are still protected by ZoneAlarm, which stealths all ports by default.
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Chiawaikian, please stay on topic...

    He was talking about Outpost 1, not ZA, and how he might get it working and stealthing properly on his machine...
     
  7. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    RejZoR if you buy the 23/2005 edition of the german magazine c't you get a free copy of Outpost 2.7 (unlimited serial, but not working on 3.x or any other future versions). Still it's better then the old 1.0. PM me if needed ;)
     
  8. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    ... :D
     
  9. chiawaikian

    chiawaikian Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    46
    Oooops...
    I think I am infatuated with my work on the ZA forum...
    Sorry Vampiric_Crow.
     
  10. You Know

    You Know Guest

    Seems So!!
     
  11. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    No problem... :p
     
  12. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No, my modem doesn't offer any NAT functionality. Also it's completely transparent. Only device that is registered as endpoint is LAN card.
    PC doesn't even know that i'm using ADSL modem.

    ZoneAlarm is great for browsing, mail and other simple things. Rules and interface are simple yet effective. And it always passed GRC tests. But problem is it will simply choke when there is lots of active connections. eMule which i use all the time uses large numbers of such connections. Memory usage of ZA will skyrocket, same will hapen with CPU usage over time.
    Pings in games also tend to skyrocket with ZA without any reason.
    So i avoid ZA because of these problems. Sygate has problems with the way how PPPoE works and will not allow modem to automatically reconnect after 24 hours (dyn IP). Kerio doesn't even stealth some ports so gunned down again...
    Outpost 1.0 works excellent. Light, easy to use and doesn't interfere with anything. Yet i can't hide those 2 ports no matter what i do. All others are always stealthed but these 2 can't be :( Don't have a clue why is so.
     
  13. Hyperion

    Hyperion Registered Member

    Joined:
    Sep 29, 2003
    Posts:
    302
    Rejzor,Outpost 1.0 had several security issues if i well remember.One that i am certain of,is that it had absolutely no control on DNS requests on port 53.Practically it would think any connection there as the legitimate DNS.There was a long list of these vulnerabilities back then in the Outpost site.You may want to try search for them,they might still be there.In anycase,it was a firewall that i remember made me very uncomfortable stay with,exactly because like you ,i have no router.These issues were solved only in version 2.
     
  14. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Thanks to StyleWarz i'm now proud user of Outpost 2.7 which correctly passes all GRC tests :) Uses some more memory but i belive it's worth the extra "weight".
    Thx again!:D
     
  15. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Been a while since I used OP Free but I do believe that you could remove existing global rules (including the DNS one) - this would require you to create separate DNS rules for every application though.

    However GRC doesn't use DNS (Sygate's Stealth Scan did though) so I would suspect the problem may be with an application holding these ports open and OP Free not properly stealthing traffic as a result (not a big issue since the traffic is still blocked).
     
Loading...
Thread Status:
Not open for further replies.