aftermath
11-21-04, 08:29 AM
having recently found a nasty iv taken more of an interest im my security.
The problems i have atm are that my pc acts as a gateway using microsofts ICS in windows 2000 and seting high levels of security in both kerio and zonealarm stop the internet to all atached pcs.
This has the effect that when set up as a gateway(kerio) or when set to medium for zonealarm so that my network can accses the internet my security suffers.
idealy it would be best to use some kind of rooter. Iv looked at cisco ones for the soho user.
alternatively i could install smoothwall on my old 266 but this is currently a print-server since the printer does not work when directly conected to this pc.
using grc to scan my pc for each produced this.
results for zonealarm when alowing conection shareing
GRC Port Authority Report created on UTC: 2004-11-21 at 13:50:38
Results from scan of ports: 0-1055
2 Ports Open
1048 Ports Closed
6 Ports Stealth
---------------------
1056 Ports Tested
Ports found to be OPEN were: 80, 113
Ports found to be STEALTH were: 135, 137, 138, 139, 445, 1025
Other than what is listed above, all ports are CLOSED.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.
the results for kerio
GRC Port Authority Report created on UTC: 2004-11-21 at 13:53:14
Results from scan of ports: 0-1055
4 Ports Open
1047 Ports Closed
5 Ports Stealth
---------------------
1056 Ports Tested
Ports found to be OPEN were: 80, 113, 135, 389
Ports found to be STEALTH were: 0, 139, 445, 1025, 1027
Other than what is listed above, all ports are CLOSED.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Except for the ping responce to me zonealarm would apear to be doing a better job.
80 is http so its open cos im browsing right?
113. is ident duno what that does. how can i close it? grc recons that this is real bad.
135, are net-bios ports. i dont have the file and print shareing set up for the wan this is a bit worrieing. does it mean even with out drivers its open?
389 i have no idea what this does. how can i close it?
1002 this is an ics port aparently. any beter whays to ics that are free and non m$?
ok next is a closed port as bad as open? can any remote computer open these ports?
The problems i have atm are that my pc acts as a gateway using microsofts ICS in windows 2000 and seting high levels of security in both kerio and zonealarm stop the internet to all atached pcs.
This has the effect that when set up as a gateway(kerio) or when set to medium for zonealarm so that my network can accses the internet my security suffers.
idealy it would be best to use some kind of rooter. Iv looked at cisco ones for the soho user.
alternatively i could install smoothwall on my old 266 but this is currently a print-server since the printer does not work when directly conected to this pc.
using grc to scan my pc for each produced this.
results for zonealarm when alowing conection shareing
GRC Port Authority Report created on UTC: 2004-11-21 at 13:50:38
Results from scan of ports: 0-1055
2 Ports Open
1048 Ports Closed
6 Ports Stealth
---------------------
1056 Ports Tested
Ports found to be OPEN were: 80, 113
Ports found to be STEALTH were: 135, 137, 138, 139, 445, 1025
Other than what is listed above, all ports are CLOSED.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.
the results for kerio
GRC Port Authority Report created on UTC: 2004-11-21 at 13:53:14
Results from scan of ports: 0-1055
4 Ports Open
1047 Ports Closed
5 Ports Stealth
---------------------
1056 Ports Tested
Ports found to be OPEN were: 80, 113, 135, 389
Ports found to be STEALTH were: 0, 139, 445, 1025, 1027
Other than what is listed above, all ports are CLOSED.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Except for the ping responce to me zonealarm would apear to be doing a better job.
80 is http so its open cos im browsing right?
113. is ident duno what that does. how can i close it? grc recons that this is real bad.
135, are net-bios ports. i dont have the file and print shareing set up for the wan this is a bit worrieing. does it mean even with out drivers its open?
389 i have no idea what this does. how can i close it?
1002 this is an ics port aparently. any beter whays to ics that are free and non m$?
ok next is a closed port as bad as open? can any remote computer open these ports?