Hi everyone My firewall is ZA+4.5 I have tried many online port scanners(shieldsup,sygate,auditmypc and so on) The only one i can achieve stealth is shieldsup. All the others my ports are closed. I am only a beginner so i just use the default settings. Every program is set to ask, and nothing gets server rights. The only expert rule i have i got from LowWaterMark's post on how to stop pings from the welchia worm. My question is, is closed ports good enough? If it isn't, how do i achieve stealth on these other online port scanners? Thanks Snowbound
Getting mixed results is not unusual, but you should show as stealth with ZA. Closed is still secure. Is your ZA set at the default High for the Internet zone? Edit: cancel the edit as LWM covered the router question. Regards, CrazyM
Yes my ZA+ default settings are on high. Iam on cable and do not have a router. I would really like to try sites like PC Flank and Hacker Whacker but for some reason they can't read my IP. This maybe a stupid question but i can't understand why some sites i can use and some i can't . If i can't achieve stealth can i feel safe with closed ports? I have read posts here from more experienced people saying they are not happy unless their firewall is completely stealth on all online scans. Snowbound
The fact that you can't use some scanning sites at all, and that some others give you results that differ from GRC, is probably all related. The type of network setup your ISP gives you is probably directly related to these issues. You might very well be entirely stealth right now. Those sites that will scan you but show your ports closed could simply be scanning the wrong place (the same reason other sites get the wrong IP for you). But, regardless of this... The true risk is exposing "open" ports to the Internet. The risk differences between closed and stealthed is in my mind a small thing. But again, I'm suspecting you may very well be stealth. No, that's not a problem. You don;t need to know how to write rules to be stealth with ZA.
One more thought... Can you tell us if your cable provider gives you a true public IP address on your PC, or if they are giving out private IP addresses? I won't go into the RFC (RFC 191 that describes reserved private IP address ranges and their uses, but usually ISPs that use private address ranges give their users IP addresses in the 10.*.*.* range, or alternately between 172.16.*.* and 172.31.*.*, or in the 192.168.*.* range. If your PC has an address in one of these ranges, then you have a private IP address visible only to your cable provider.
Are you doing any kind of web filtering? Some of these sites will not function properly if things like web proxy filtering are used. Getting into the the "stealth vs. closed" debate would be a sure way to hijack this post A closed response is normal and secure, and as LWM mentions, as long as you are not exposing open/listening ports/services on your system. ZA will normally stealth a system by default. Regards, CrazyM
Snowbound ... The following URLs below should give you a better understanding of ZoneAlarm. I have ZoneAlarm Pro and am in total stealth, am also on cable, and am as snug as all get out. My Pro version I have password protected. So no worries mate, if you are in stealth you are just fine. Stealth as I understand it means that the computer does not exist on the internet and if a GRC probe was unable to penetrate your firewall, you are A-OK in that area. The following is a very informative thread LWM posted re ZoneAlarm. http://www.wilderssecurity.com/showthread.php?t=3899 Here is ZoneLabs support site: http://www.zonelabs.com/store/content/support/3zapHelpDocs.jsp
Hi LWM My IP is not in that range that u specified. My ports are always either stealth or closed, never open so that is obviously good! I am trying to learn about firewalls and rulesets. It would be nice to know how to do it myself. I have learned a lot from your ZA posts. Thanks LWM CrazyM, iam not using any kind of web filtering so........ Yes the stealth vs closed does cause quite a kurfuffle around here sometimes! Thanks LWM and CrazyM for your help. I feel secure now with ZA+ just how it is on my system Snowbound
Thanks peaches I have read that thread and it is very imformative(as most of LWM's posts are) As i said in my previous post I feel my zone alarm, like yours is protecting me from all the baddies out there! ZA is very good for people like me with limited(veeery limited) firewall skills Thanks again peaches Snowbound
This is the only thing i changed in ZA+ from the default settings. I just checked everything in general settings. Does this make a difference? Didn't know if i should lock host files but i thought i would try it. Thanks Snowbound
Well, the options in that "General Settings" section are all mostly unrelated. It's a bit of a catch-all area for some overall config options in ZA. Checking the first column of items are all meant to increase your security, so if your system works right, connects to your ISP without problems, doesn't timeout or have the ISP connection hang up on you, then leave those 4 checked. In the second column, the two "Allow" items have a specific use. If you don't use a VPN to connect to some of network and you don't have any special protocol requirements, then those two should be unchecked. (Never select any extra Allow options unless you need them in order to make your system or a required application work.) The Hosts file item isn't a terribly serious item, it just locks your Hosts file. Helpful yes, but not a guarantee that some malware can't still attack your Hosts file. So leave that checked. None of these options effect stealth, but those first 4 are good to have checked if you can.
Hi LWM I've been running ZA+ for about a week with everything checked and system runs fine. I just unchecked the two allow options like u said. I didn't realize these should not be checked unless needed. Everything else i will leave the same. I really don't know if i have true stealth or not but i will run it like this and hopefully it will keep the bad guys away. Like i said, i really like ZA for its easability and great out of the box protection. Thanks LWM I will watch for more of your insightful posts on ZA. Snowbound