PCFlank and LnS

Discussion in 'LnS English Forum' started by HankPiano, Dec 9, 2006.

Thread Status:
Not open for further replies.
  1. HankPiano

    HankPiano Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    62
    Just now I did two tests at www.pcflank.com. The quick test tells me:
    But then the stealth test let me know all ports of my PC are invisible (stealthed).

    Seems to me rather strange and contradictory. Is there any commercial link (affiliation) between PCFlank and Outpost? People here get the same results, doing these tests?
     
  2. HankPiano

    HankPiano Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    62
    The 'advanced port scan' gave the following results:
    Again, ports 137, 138 and 139 are not stealthed but closed.
    Is this a weakness in LnS? Does it mean I'm at risk? If so, what to do about it?
     
  3. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Are you using the enhanced rules set ? That is what you should be using for max security.Try www.grc.com and run Shieldsup test .Testing on my pc all ports stealthed no packets in or out and no ping repley.tru full stealthed.
     
  4. HankPiano

    HankPiano Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    62
    Yes, of course I do.
    That's one of the first things I did after installing LnS, a while ago: it said all ports are stealth. Because of that I'm so amazed, and a bit worried, that PCFlank told me three ports are not stealth but just closed.

    Anybody tried this 'Advanced Port Scan' at http://www.pcflank.com/scanner1.htm and if so, what are your results?
     
    Last edited: Dec 10, 2006
  5. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Interesting indeed, I did all the tests on pcflank also with Outpost 4.0 and it passed all of them, however interestingly enough when I did the quick test, it also gave me that port 139 was open, yet all the other tests reported full stealth :rolleyes:

    Port: Status Service Description
    21 stealthed FTP File Transfer Protocol is used to transfer files between computers
    23 stealthed TELNET Telnet is used to remotely create a shell (dos prompt)
    80 stealthed HTTP HTTP web services publish web pages
    135 stealthed RPC Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems
    137 stealthed NETBIOS Name Service NetBios is used to share files through your Network Neighborhood
    138 stealthed NETBIOS Datagram Service NetBios is used to share files through your Network Neighborhood
    1080 stealthed SOCKS PROXY Socks Proxy is an internet proxy service
    1243 stealthed SubSeven SubSeven is one of the most widespread trojans
    3128 stealthed Masters Paradise and RingZero Trojan horses
    12345 stealthed NetBus NetBus is one of the most widespread trojans
    12348 stealthed BioNet BioNet is one of the most widespread trojan
    27374 stealthed SubSeven SubSeven is one of the most widespread trojans
    31337 stealthed Back Orifice Back Orifice is one of the most widespread trojans
    139 closed NETBIOS Session Service NetBios is used to share files through your Network Neighborhood

    I do believe though that this port isnt nessecarily active to share files through your network, unless you actually enable your computer to do it, Also I think there might be an error on pcflank here somewhere, this is the first time I've seen this port closed not stealthed untill today. I also cloed the NETBIOS in Outpost settings, and it still gives an open verdict, deffinately something amiss on pcflank I wouldnt be too concerned


    Edit: I just did a check on port 139 on www.grc.com and used the custom port scan, this is the result I get for port 139:

    Port
    Status Protocol and Application

    139
    Stealth netbios-ssn
    NETBIOS Session Service
     
    Last edited: Dec 10, 2006
  6. HankPiano

    HankPiano Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    62
    Well, at grc I also checked ports 137, 138 and 139. The results:

    So, it looks like some sort of bug at the site of PCFlank. I'm just curious if other people have comparible results.

    Anyway, what makes me a bit suspicious is that they first let you know that one or more ports are not stealth but only closed and then immediately recommend Outpost.....why o_O
     
  7. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
  8. HankPiano

    HankPiano Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    62
    Thanks, Frederic.
    May be I should have used the search first, anyway, it's a PCFlank problem, so I think I'd better leave it there :cautious: .
     
  9. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Hank pcflank recomend outpost because they are a sponsor site for the program, they get a % profit from everyone of their redirected sales :cautious:
     
Thread Status:
Not open for further replies.