Please help me verify something...

Discussion in 'other firewalls' started by MakoFusion, Nov 25, 2003.

Thread Status:
Not open for further replies.
  1. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    Take the firewall test at www.pcflank.com

    Take these test 5-6 times each to see if you get the same results everytime...

    "Quick Test"
    " Advanced Port Scanner" TCP connect scanning (standard)

    I have tried both of these tests many times each coming up with different results especially on ports 135, 137, 138, and 139 using Linksys EtherFast Cable/DSL Firewall Router BEFSX41 with Flash version 1.45.3, Sep 26 2003. Sometimes I am full stealth and other times 1 or more of these ports are open.

    I then attepted the same procedure over again after I fowared these ports to my router on 192.168.1.99 and yet again to 192.168.1.200! I am coming up with different results even when these ports are fowarded.

    Be interested to see what your results are... Does anyone else here get different results for different reports each scan?

    On the other hand I can take grc.com shields up test and stealth on 1-1024 all day long.

    Mikk
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I tried the scans as you requested at Pc Flank I tried all of their tests three times and got the same results each time The. sample shot is just a partial but they were always the same on all tests. I am useing eZTrust armor firewall and a DSL modem.
     

    Attached Files:

  3. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    another test results.
     

    Attached Files:

  4. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    I took the test 6 more times today.... ugh!!!
    "Quick Test" on Mozilla 1.5 behind a Linksys router with ports 135-139 fowarded to 192.168.1.200 The results speak for themself.
     

    Attached Files:

  5. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    This time I took 2 TCP CONNECT scanning tests from the Advanced Port Scanner option. Here are the results...
     

    Attached Files:

  6. Dan Perez

    Dan Perez Retired Moderator

    Joined:
    May 18, 2003
    Posts:
    1,495
    Location:
    Sunny San Diego
    Hi Makofusion,

    You might want to consider the possibility that your linksys may be having problems. I have seen instances with other firewalls that when directing some scans against them they behave erratically and let some or all packets through because they cannot properly handle the stream of packets pushed towards them. You might want to see if there are any firmware updates available for your model firewall. Also, if you haven't already done so, you might try to look for further inconsistency between runs of other firewall scans (particularly those that test many ports in one test)
     
  7. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Yes, there is something wrong with PC Flank.
    I ran the quick test and it said I had ports 138 and 139 showing. I do not, as I have a router and Outpost locked down tight.
    I went to BlackCode, GRC, Hackerwatch, and a couple of other scan sites. All stealth except port 113 which I do not bother to forward.
    Back to PC Flank. All stealth the second time.
    They have been unreliable in the past and I don't know what their problem is. Maybe it's the cold Russian winter nights.
     
  8. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    I have the latest possable firmware on my router! I also just came back from a friend who has a different Linksys router model but with updated firmware as well. The test results were unreliable as well!
     
  9. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Why don't you email them and let them know they have a problem.
    I think they are tired of hearing it from me. :D
     
  10. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi MakoFusion

    Any particular reason you are forwarding those ports on the Linksys? Which model of router? On a related note, firmware releases have not been consistent with Linksys and how they respond to unsolicited inbound packets.

    Best practice is not to forward anything through the router unless you really need to. Stealth or closed, it will block unsolicted inbound packets and your systems behind the router will not see them.

    Regards,

    CrazyM
     
  11. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    The model and firmware are at the top of this posting. I fowarded the ports after taking the test with inconsistant results to make sure my router was not gibbed. It was for testing purposes only! I wanted to be sure before I came on here to post about the site's unreliability. I will not be using the site www.pcflank.com for any more tests... The site gets my vote of no confidence.
     
Loading...
Thread Status:
Not open for further replies.