PDA

View Full Version : ShieldsUp results confuse!!!



Spencer
30-08-2004, 11:13 AM
I have ZoneAlarm V4.5.594.000 running under W2000 SP4 behind a Nokia i500 adsl router and when I do a ShieldsUP test, only ports 0 and 135 show as stealth, the rest just show as closed.

The file-sharing test reported "connection refused" and "netBIOS secure"; "Unsolicited TCP Packets" passed as well, but "Solicited TCP Packets" failed and Ping reply also failed. The port 113 test itself failed with a "page not available" result but I can't tell if that is due to successful security or incorrect testing procedure by me.

Overall I get the impression that my computer is secure, but would prefer to see all ports as stealth, and ShieldsUP tells me to achieve this I need a personal fire wall such as Zone Alarm, which I already have. I have checked all the security settings in ZA and can't see what I need to add to kill the ping response (it fails even with incoming and outgoing pings blocked in ZA) or how to fix the solicited TCP packets issue either.

I'm no expert on ZA or security techniques so "connect up the dots" advice is needed.

Thanks in advance. Spence

CYaBro
30-08-2004, 11:28 AM
hey Spencer,

Because you are using a Nokia i500 router, which has NAT (Network address translation) built-in, the shieldsUp test is actually testing the router and not your PC. Your PC is hidden to the internet by the router, which is good.
With that router there would be no way of hacking in to your PC from the internet unless you got a trojan horse on your PC but you have Zone Alarm installed which will pick up anything trying to get out to the internet.

The ping reply will fail because the router is responding to ping commands. Some routers have an option of disabling this but the Nokia i500 doesn't from memory.

tommy
30-08-2004, 12:24 PM
>With that router there would be no way of hacking in to your PC from the internet
Does this also keep out worms such as Blaster, Netsky, etc if one has an unpatched version of Windows XP?

whiskeytangofoxtrot
30-08-2004, 01:30 PM
> Does this also keep out worms such as Blaster,
> Netsky, etc if one has an unpatched version of
> Windows XP?

There is no reason not to be patched against those, one would be extremely foolish if this were the case.

Murray P
30-08-2004, 02:03 PM
Polluted Internet (http://www.theregister.co.uk/2004/08/27/polluted_internet/)

Cheers Murray P

tommy
30-08-2004, 02:30 PM
> > Does this also keep out worms such as Blaster,
> > Netsky, etc if one has an unpatched version of
> > Windows XP?
>
> There is no reason not to be patched against those,
> one would be extremely foolish if this were the
> case.

Thank you but that does not answer my question. Does a NAT router keep those worms out or can they still get in?

CYaBro
30-08-2004, 02:46 PM
a NAT router will block the worms that spread by infecting a PC with a certain port open because the infected PC's on the internet can only see the router and its internet IP address and not your PC's network IP address.

Spencer
30-08-2004, 09:06 PM
Thanks guys, it sounds like I don't need to worry about extra security right now. I did read one bit on ShieldsUp that made me think though. They mentioned setting logons and passwords for routers and I didn't realise mine had such a thing as it was a simple plug & play install. Do I need to get the manual out a have a read, or is it not a problem?

Spence