Shields up v PCFlank

Discussion in 'other firewalls' started by djg05, Apr 20, 2005.

Thread Status:
Not open for further replies.
  1. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    When I run the Shields Up scan it comes up clean even the 1056 port one, however with PCFlank on the quick scan it shows 135 open. Although it is getting the right address could it be looking at the ISP instead? I did try this port specifically with GRC and said it was stealthed. I have a rule in Kerio 2.1.5 to block it.

    Any ideas please.
     
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I tend to doubt the results on pcflank. I have, at various times, with various firewalls, run tests at grc and come up stealth, and then run the same tests at pcflank and it claimed I had an open port. So I then tested that one port at grc.com and it showed stealth. So I chose to believe Shields up.
     
  3. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Glad you find the same
     
  4. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    A much more thorough and accurate test is available at www.securityspace.com unfortunately it does cost money but it is cheap at $10 a year for unlimited desktop audits. The results are excellent as it also detects patch levels and and your susceptibilty to recent exploits. My testing there showed a few flaws on my system using Sygate so I switched to Zone Alarm and have no negatvie results since. I run an audit once a month or so.
     
  5. AvianFlux

    AvianFlux Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    237
  6. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
  7. treat2

    treat2 Registered Member

    Joined:
    Apr 23, 2005
    Posts:
    26
    The PCFlank Port Scan is UNRELIABLE. You should NOT base you opinion of your Firewall, nor of a Port being Open, Closed, or otherwise Stealthed, based on that test!!!

    I ran a varity of test today at PCFlank. I ran some them several different times, and used various "methods" offerred. The Port tests I ran included 1) the Quick Test,
    2) the individual Port Scan Test using various different methods: Common Ports, Selected Ports, Random Ports, and a few port ranges, including 3) the Random Port Scan
    test.

    I even ran several of the same scans twice.

    So, what's the probo_O

    The first time I ran the Quick Scan Test, it reported that that 139 Ports were OPEN, and NOT stealthed! (Not port 139! That ain't open either.)

    Any possiblility that you ran a quick test and it said some number like that? 135 is pretty close, eh?

    ALL of the SUBSEQUENT scans I performed using the individual tests, with using all 3 available methods reported that my ports were NOT open, nor closed, but were STEALTHED! (Along with a happy face.)

    (I re-ran a few of the tests to be sure I didn't misread anything.)

    FINALLY, AS A LAST TEST after about 45 minutes to an hour or so at that site, I RETURNED to re-run the the Quick Test JUST FOR THE HELL OF IT, AND watcha suppose it said after that?

    Unlike it previously reported, but was reported by ALL of the independent tests I ran there to scan my Ports the QUICK TEST NOW reported: "I'm Stealthed!"

    Baloney!

    Though I had no patience to sit around for 1/2 an hour doing a single test to scan Ports 0 - 65535, I have no reason to believe that SUDDENLY and unexplainably, 139 of my Ports we in fact unStealthed.

    I've run many tests on my Ports at a variety of Sites, especially during the past few months. Not one of them reported any of my Ports to be unstealthed. The same results have been seen during port scans when I've been running Norton during the past 5+ years to Stealth my Ports.

    BTW. The TCP SYN ("half-port open") test showed Ports as being Stealthed, as well.

    So, what shall we say about the reliability and validity of the Quick Scan Port Scan Test?

    A bit flipped from 0 to 1 during xfer to my PC?

    My Browser was tired of being "on the wagon" and "got drunk" for a minute or two?

    Somehow, that seems unlikely, and I would be inclined to suggest that PCFlank us some buggy code doing Port Stealth testing, and (IMO) it's worth ignoring. So, here's an idea. Find another site to test your Ports with!
     
Loading...
Similar Threads
  1. boredog
    Replies:
    7
    Views:
    1,113
Thread Status:
Not open for further replies.