PDA

View Full Version : Security??Stealth??Closed??



dibbly
27-08-2004, 10:42 PM
Hi all

Just wanting some help with some basic networking security.
I have cable broadband and therefore a static IP.
Running Sygate Pro Firewall on both computers XP/98 & ICS.
No Router!! although looking at dedicated gateway and firewall in near future.

Q1. Now, guys an' girls. I don't intend for this to get into a ginormous debate over stealth or closed ports. But I would like to know what ports you guys manually configure to close, if any at all and what reasons you have for doing so.

Q2. Ok, I have my Lan connection configured to share files etc and my cable connection is set to 'shared' thru TCP/IP but QOS. F&P Sharing and Client etc all disabled, but all enabled on my Lan. Now everything is cool here except I cant figure out why my Cable connection is 'shared'. Doesn't this mean i am foolishly sharing my cable with anyone who knows my IP????? or does 'shared' just mean i am using ICS???
I hope this makes sense enough for you to understand what I mean!!

oh alright then Q3, if stealth is the way to go, isn't my port 80 'open' while i am posting this? and if it is open then being 'stealthed' isn't really going to matter ...is it???

cheers all
dib

Spacemannz
27-08-2004, 11:05 PM
Most software firewalls you buy, or maybe download, I think would block known ports that are dangerous once installed. And maybe more, once they've been updated.

The only thing I had to configure thru Norton Internet Security was to add the NICS to it (for the LAN). That was it. Most trojan ports are blocked by default.

And new ones added with updates. Nah I doubt sharing with cable would be sharing with anyone else who knows the ip. I would say coz of ICS if its enabled.

Maybe if you were using wireless that could be possible. If your system wasnt secure enough.

Try this to test your firewall. Select all ports

http://www.grc.com/x/ne.dll?rh1dkyd2

Greg S
27-08-2004, 11:24 PM
> oh alright then Q3, if stealth is the way to go,
> isn't my port 80 'open' while i am posting this? and
> if it is open then being 'stealthed' isn't really
> going to matter ...is it???

Normally you would configure your firewall to allow http in/out on port 80 for your browser, and nothing else - that's why it's safe

robsonde
27-08-2004, 11:44 PM
i would close everything unl;ess you know that you need it open.
stelth is cool but closed is fine.

poprt 80 is not open when you post or open web pages...

port 80 is active with an out gi\oing connection and stilled closed for an incomming connection, this does not mean that you can not recive data over the oyut going connection.

hope that makes sence.....


as for closed Vs stelth......

closed is where if someone knocks then your system says "go away we dont want any!!"

stelth is where if someone knocks then your system hides under the table and pretends to not be home :-)

stu120404
28-08-2004, 01:12 PM
> as for closed Vs stelth......
>
> closed is where if someone knocks then your system
> says "go away we dont want any!!"
>
> stelth is where if someone knocks then your system
> hides under the table and pretends to not be home
> :-)

he he that is a Good way of putting it robsonde :)

dibbly
28-08-2004, 10:27 PM
hi all
thanks for all your input - and yeh that was a neat analogy robsonde - so its like ALL ports are "listening" they just have different way of responding to the knock at the door. Nice!!