Results 1 to 10 of 10

Thread: Recommend a firewall-tester?

  1. #1
    webdaddy Guest

    Default Recommend a firewall-tester?

    What's the best free firewall-tester around these days? Recommendations, please. I'm looking for one where I won't subsequently get plagued with adverts for a new firewall.
    Obviously, the absolute trustworthiness of one tester utility or another is of paramount importance.
    Do all firewall-testers require Active-X to be installed?
    For reasons I won't go into here, I'm still using a v6.1 ZA Free, and am wondering which ports might not be adequately covered by it.

    Operating System:Windows XP Home Edition
    Software Version:6.1
    Product Name:ZoneAlarm (Free)

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Recommend a firewall-tester?

    <blockquote><hr>webdaddy wrote:
    What's the best free firewall-tester around these days? Recommendations, please. I'm looking for one where I won't subsequently get plagued with adverts for a new firewall.
    Obviously, the absolute trustworthiness of one tester utility or another is of paramount importance.
    Do all firewall-testers require Active-X to be installed?
    For reasons I won't go into here, I'm still using a v6.1 ZA Free, and am wondering which ports might not be adequately covered by it.

    Operating System:
    Windows XP Home Edition
    Software Version:
    6.1
    Product Name:
    ZoneAlarm (Free)

    <hr></blockquote>


    I assume you mean a port scan for determining the status of the external internet ports?

    If the ZA has some application listed in the Program listing with an Internet server, then and only then will the port scans show a closed/open port status.
    Otherwise, all ports will be seen as "stealthed" and the state of the port will be indetermineable.

    I loved the old s -y-g-a-t-e on line port scanner, but unfortunately symantec has put a stop to it.
    Also as you say, their own symantec port scanner is more or less just advertising for their own product.

    Still one of the next best online port scanners, and fairly well known, is the ShieldsUP! test at Steve Gibson's grc.com site.

    https://www.grc.com/x/ne.dll?bh0bkyd2

    Once at the shieldsup! site, please then immediately do a ipconfig /all in the command prompt, and check your own computer's assigned IP matches with that shown by the ShieldsUp! site.

    If the two IPs do not match, then it is not the firewall of the computer that will be tested, but instead the firewall of the hardware firewall connected in front of the computer. In this case, unplug the computer from the router and use either the cable modem alone (if using cable internet) or use the dialup modem of the pc (if using dsl).
    Any online port scanner conducted in a public access point or wireless access point will usually show open ports in their firewall/router.

    If the two IPs do match, then the computer's firewall will be tested and then proceed with the port scans and tests.

    This is one of the "cleanest sites" around (although some of the site's general information is getted somewhat dated) .

    There should never be any need to download/install activeX to perform an online port scan.
    Occasionally maybe the need to allow site cookies or javascripts for firewall and browser tests, but activeX is never needed.


    As an alternative, if using two computers at work/home, you could scan the one with the other computer with special tools and do very detailed port scans for the TCP SYN and general UDP connection attempts.
    http://sectools.org/port-scanners.html is one such place to find tools of these kind.

    Best regards.
    Oldsod.

    Message Edited by Oldsod on 10-14-2008 08:46 AM
    Best regards.
    oldsod

  3. #3
    webdaddy Guest

    Default Re: Recommend a firewall-tester?

    Ah, I was forgetting that my router would complicate things.
    In effect, what I'm wanting to obtain is an assessment of the combined effectiveless of my router and my particular edition of ZA Free.
    As I've understood it to date, a DSL router stealths pretty much everything on the INWARD path. Is that true, though, and even if it is, would one's machine still be at risk of intrusion if a hacker knew one's IP address? Also, are there not plenty of logical ports through which OUTWARD connections could be made, irrespective of the router?
    I seem to recall running
    a command rather like ipconfig a long time ago, but I think that that gives you the ports that are making connections at that moment. It doesn't give you the longterm vulnerability.


  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Recommend a firewall-tester?


    <blockquote><hr>webdaddy wrote:
    Ah, I was forgetting that my router would complicate things.
    In effect, what I'm wanting to obtain is an assessment of the combined effectiveless of my router and my particular edition of ZA Free.
    As I've understood it to date, a DSL router stealths pretty much everything on the INWARD path. Is that true, though, and even if it is, would one's machine still be at risk of intrusion if a hacker knew one's IP address? Also, are there not plenty of logical ports through which OUTWARD connections could be made, irrespective of the router?
    I seem to recall running
    a command rather like ipconfig a long time ago, but I think that that gives you the ports that are making connections at that moment. It doesn't give you the longterm vulnerability.


    <hr></blockquote>


    First of all, ipconfig /all does not involve any ports, just certain IPs.
    Perhaps you were thinking of netstats, such as netstat -anob which not only gives the ports used/listening for both for remote and source, along with the associated addesses.
    Also, the netstat -anob includes the PID of the applications and it's image name (sometimes some of the associated .dlls in use at that moment.

    Secondly, the IP assigned to you by your internet provider and the port scans are completely unrelated.
    Every site you computer will connect to will always be given your publically assinged IP. (Just the same as you see the IPs of the sites connected to your computer.)
    And never the private IP as assigned to your computer by your own home router (by means of it's NAT or DHCP function) is ever seen on the "outside", so in effect your computer's true IP is never revealed to any internet server/site.
    The router created a private network for your computer and this private network in basically unpenetratable by hackers.
    So fear not.

    Anyways, doing a online port scan could be used to test your router - the results would be self evident.

    Furthermore, the ZA does have an inbound intrusion counter - it should be showing a zero count if your ZA is properly configured for your dns and dhcp servers in the zones of the firewall.

    The IP known by other sites is not a problem - how many IPs would like for me to give to you and test out?
    The knowledge of those IPs is useless - no hacker can hack an IP just by itself. There is a lot more to hacking a server/web site than just knowing the IP that is involved.

    Here are some IPs for google.com: 64.233.187.99, 209.85.171.99, 72.14.207.99. Easily found. Checking the ports of these IPs - definitely port 80 (http) and maybe port 443 (https) and maybe even ports 20 & 21 (ftp, ftp data) and a few others are seen as "open" by a port scan.
    Ever hear of Google getting hacked by hackers from somewhere on the web? Every hacker knows the IPs of google, so why haven't they done this yet?

    Besides any intelligent hacker would realise your IP is a home user IP and not a big business/enterpise IP and simply stop and move on to the greener pastures.
    There is no money in a home users IP - no big companysecrets or "trade" information or stock/share informations or accounting/bookeeping details or new technology to steal and sell for a reasonable profit.
    What is the biggest secret on a home users PC ? - maybe family photos and notes, letters, some media files and so forth.
    Any hacker knows those pictures of your wife or mother has no financial value to anybody.
    They skip the home users setups and concentrate nt their time/efforts where there the real money is to be found.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    webdaddy Guest

    Default Re: Recommend a firewall-tester?

    I wish I could be as certain of things as you are. You see, I recently became a victim of identity theft for the fourth time in as many years, with the equivalent of $8000 having been effectively stolen by the fraudster(s) from my credit card account on this last occasion. I've carefully analysed the possibilities of where the fraudster(s) is continually obtaining my creditcard details. The only places I've ever used my credit card is online, for various product purchases.
    Whereas my card issuer believes the crook is someone who works for one of the e-retailers with whom I've transacted, I myself think there's also a slim possibility that my PC has been either fortuitously scanned or has actually been hacked. Either way, I'm looking for some reassurance that my PC is safe. I might add that I don't keep any sensitive financial details on my main hard drive. Instead, I keep them on an external drive which is turned off for 99% of the time.
    I've always taken PC security very seriously and it's ironic that, despite all sensible precautions, I appear to have been specifically targeted by fraudsters who are, from the evidence, extremely organised. That's not to say, of course, that my PC is implicated in this.
    The norm has been for my ISP to issue static IP addresses to its customers, rather than dynamic ones, and that's always given me a slight uneasy feeling.
    As for any record on my PC of intrusions, well there are none indicated in my ZA Overview tab at present (remember, I'm using the Free version, and an old edition, at that), but then, as it happens,
    I've recently reinstalled everything on my PC from scratch. Prior to that, there were two intrusions blocked. Also, my router very occasionally reports UDP and TCP scans. Using ZA,
    I always ensure that I carefully control programs and processes that attempt
    to make unexpected outward connections.

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Recommend a firewall-tester?

    I seriously doubt the public IP as seen to the web by your router has anything to do with your previous malware/hacks.
    More than likely you installed malware yourself by unsafe downloads/installs or through unsolicited emails or by other means.

    Credit card fraud is irrevelant as to where you use it - it is the troyan stealing the information. (Most banks/credit companies place a strong watch on the internet spending/fraud of credit cards and your $8,000 should have been protected. Mine bank does this and any large sums of internet fraud is cut down to just a simple $100 fee not the entire loss).
    It would not matter if the information is stored elsewhere - the troyan installed on the desktop will still steal once the information is used via keystrokes or through the monitor screen and even watching the site interactions.

    It is irrevelant using the older free version for the intrusion protection or using the latest version. Even the older version will offer maximum protection when compared to the latest version.

    Oldsod.
    Best regards.
    oldsod

  7. #7
    webdaddy Guest

    Default Re: Recommend a firewall-tester?

    I agree with much of what you say, OldSod. As for any malware that might have got on to my PC in its previous incarnation, I very much doubt that any did, as I regularly ran antispyware checks. I never open unsolicited e-mails, either; I double-delete them. And my ISP separately filters e-mails, as well as me using antivirus software and conducting specific folder checks. Nevertheless, repeatedly becoming a victim leaves one still with some nagging doubt.
    I agree with your view about my older version of ZA. I looked into the efficacy of it, compared to more-up-to-date versions,
    a long time ago and came to the conclusion that I'd be no better off updating to a later or even the very latest version.
    I guess I can only conclude that, as my card issuer has suggested, my details were obtained by completely different means and not by any neligence on my part. Therefore, it seems rather worthless to perform an external test on the firewall.


  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Recommend a firewall-tester?


    <blockquote><hr>webdaddy wrote:
    I agree with much of what you say, OldSod. As for any malware that might have got on to my PC in its previous incarnation, I very much doubt that any did, as I regularly ran antispyware checks. I never open unsolicited e-mails, either; I double-delete them. And my ISP separately filters e-mails, as well as me using antivirus software and conducting specific folder checks. Nevertheless, repeatedly becoming a victim leaves one still with some nagging doubt.
    I agree with your view about my older version of ZA. I looked into the efficacy of it, compared to more-up-to-date versions,
    a long time ago and came to the conclusion that I'd be no better off updating to a later or even the very latest version.
    I guess I can only conclude that, as my card issuer has suggested, my details were obtained by completely different means and not by any neligence on my part. Therefore, it seems rather worthless to perform an external test on the firewall.


    <hr></blockquote>
    Best regards.
    Oldsod.
    Best regards.
    oldsod

  9. #9
    webtripper Guest

    Default Re: Recommend a firewall-tester?

    Can someone help me with accessing ShieldsUp! port scanner tool?After accessing:
    https://www.grc.com/x/ne.dll?bh0bkyd2
    , nothing happens when I click &quot;Proceed&quot;., no error message, no pop-up; the page just keeps trying to load (even after 30 minutes).
    I emailed the GRC tech support folks, who told me that they had had reports of access problems associated with the newest ZoneAlarm versions.
    Can anyone provide me with any ideas why this may be happening?
    My config is as follows:Windows XP Pro, SP2ZoneAlarm Internet Security Suite, version 8.0.298.000- added grc.com and grctech.com to &quot;trusted sites&quot; under Identity Protection- added grc.com and grctech.com to &quot;site list&quot; under Privacy (disabled 3rd party cookies)
    Have tried both Firefox 3.03 and Internet Explorer 8 (both with default settings)- added grc.com and grctech.com to &quot;trusted sites&quot;- disabled InPrivate
    browsing in IE 8
    Thanks in advance!

  10. #10
    webtripper Guest

    Default Resolution for accessing GRC port scanning site

    After I shut down ZoneAlarm Internet Security Suite, I was able to access the ShieldsUp! site and run the port scan utilities without any problems.
    Problem solved... crude, but effective.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •