Shields up question..

Discussion in 'other firewalls' started by Comp01, Nov 29, 2003.

Thread Status:
Not open for further replies.
  1. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    I am using Sygate5.5 free, Almost everytime I do a full service port test (About onces a week) the first time I do it, says I have a bunch of ports just closed, and not stealthed, I then do another test, and pass, with full stealth, Is this adaptive behaviour of sygate? or what? (I am usually running my basic online apps when testing, mirc, and trillian) Closed still prevents hackers, right?
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi Comp01,

    See if you have the option to "block all traffic from this IP" checked.
    If Sygate detects a scan and it blocks all traffic from grc for the time-period that you set, it is logical you get all stealth the second run.

    Regards,

    Pieter
     
  3. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi Comp01, no this isn't adaptive behaviour of sygate. You should be getting a Blocked and Stealth result with the scan tests, although i know little about mIRC and how it opens ports...? Maybe some else can help you with that?

    A scan result of Blocked* means that your ports are closed and stealthed (hidden) - meaning your system is not sending back a reply to anyone scanning your system.

    A scan result of Closed* means that your ports are blocked (closed) but not stealth - which means when someone scans your system, they will get a reply that your ports are closed, so they won't be able to get in.

    Where are you doing the scan that is saying you have ports that are closed and not stealth? i know pcflanks' scans are not returning the correct information because with me i get the failed with one scan, then a minute later, it says i pass. And i know my ports are blocked and stealth.
    sorry Comp01, i just noticed the title of your post..lol..but you should still be getting a stealth scan result at Shields Up with Sygate, unless one of your apps is keeping a port open while you are doing the scan Do you remember what ports they were?

    regards,

    snap

    edited to add that the Blocked* and Closed* scan results are from Sygate's scan test.
     
  4. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Oops...i was typing while you were posting Pieter... :D
     
  5. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    I didnt save the results of lastnight, but its almost always random, iheres the text summary:
    GRC Port Authority Report created on UTC: 2003-11-29 at 22:59:30

    Results from scan of ports: 0-1055

    0 Ports Open
    224 Ports Closed
    832 Ports Stealth
    ---------------------
    1056 Ports Tested

    NO PORTS were found to be OPEN.

    Ports found to be CLOSED were: 832, 833, 834, 835, 836, 837,
    838, 839, 840, 841, 842, 843,
    844, 845, 846, 847, 848, 849,
    850, 851, 852, 853, 854, 855,
    856, 857, 858, 859, 860, 861,
    862, 863, 864, 865, 866, 867,
    868, 869, 870, 871, 872, 873,
    874, 875, 876, 877, 878, 879,
    880, 881, 882, 883, 884, 885,
    886, 887, 888, 889, 890, 891,
    892, 893, 894, 895, 896, 897,
    898, 899, 900, 901, 902, 903,
    904, 905, 906, 907, 908, 909,
    910, 911, 912, 913, 914, 915,
    916, 917, 918, 919, 920, 921,
    922, 923, 924, 925, 926, 927,
    928, 929, 930, 931, 932, 933,
    934, 935, 936, 937, 938, 939,
    940, 941, 942, 943, 944, 945,
    946, 947, 948, 949, 950, 951,
    952, 953, 954, 955, 956, 957,
    958, 959, 960, 961, 962, 963,
    964, 965, 966, 967, 968, 969,
    970, 971, 972, 973, 974, 975,
    976, 977, 978, 979, 980, 981,
    982, 983, 984, 985, 986, 987,
    988, 989, 990, 991, 992, 993,
    994, 995, 996, 997, 998, 999,
    1000, 1001, 1002, 1003, 1004,
    1005, 1006, 1007, 1008, 1009,
    1010, 1011, 1012, 1013, 1014,
    1015, 1016, 1017, 1018, 1019,
    1020, 1021, 1022, 1023, 1024,
    1025, 1026, 1027, 1028, 1029,
    1030, 1031, 1032, 1033, 1034,
    1035, 1036, 1037, 1038, 1039,
    1040, 1041, 1042, 1043, 1044,
    1045, 1046, 1047, 1048, 1049,
    1050, 1051, 1052, 1053, 1054,
    1055

    Other than what is listed above, all ports are STEALTH.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.
     
  6. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    And then I got:
    GRC Port Authority Report created on UTC: 2003-11-29 at 23:04:11

    Results from scan of ports: 0-1055

    0 Ports Open
    0 Ports Closed
    1056 Ports Stealth
    ---------------------
    1056 Ports Tested

    ALL PORTS tested were found to be: STEALTH.

    TruStealth: PASSED - ALL tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.
     
Loading...
Thread Status:
Not open for further replies.