ANYONE HELP WITH SHIELDS UP PROBLEM?

I have broadband/ADSL. Thanks for taking the time to reply.

What type of Internet connection do you have? Cable modem? If so then you should use an external firewall box between the cable modem and your PC. A box designed to share your Internet connection is suitable for you, even if you only want to use one PC.

Jason

[-]

Try UNSTICKING your CAPS-lock key. Well-adjusted people DO NOT enjoy being YELLED/SHOUTED at.

"Stealthing" is nonsense. Just read

This is the IP address, you're visible in the Internet with:

But you don't need "Stealthing". It's just misunderstanding the TCP/IP network protocol family.

Are they open really? You can test this by typing into a command shell:

netstat -an

or by using

If there are any LISTENING sockets, which are NOT bound to 127.0.0.1, but are bound to 0.0.0.0 or your IP address, then those ports are open.

Usually, the "results" of GRC mean nothing. To test, what's really goin'on, just test like described.

Yours, VB.

just to add msg to OP, this is your router's ip

(just to add) or are not bound to a computer's IP (a private one, behind the router), like 192.168.0.1. This is accesbile from other comps oin your LAN. but not to the outside world

open to teh world

and even if they are open. If you need them open, you could restrict access with a firewall. Your router would block incoming anyway. So the outside world couldn't access. Even if the port is set open outside the LAN. It'd be better if the port was open only to teh LAN. I do not know how to change that. I also have many windows services on 0.0.0.0 , I think it's VMWARE in my case though. but my router blocks them so i'll leave it.

but that test will tell him if there is anything open on 0.0.0.0 to be concerned about, but won't tell him whether or not his PFW is restricting access. For that he needs to scan from antoher computer outside his network, or use an online scanner (requesting another comp outside his network to scan). Windows firewall can block incoming. As can your router.

Other scan sites than gibsons are

sygate also have a port scanner

note: sygate's PFW is very nice and usable but apparently has security issues mentinoned by VB available in the archives.

What is the make and model number of the modem and is it connected to your PC with a usb or ethernet cable?

Jason

This is true, if the OP uses NAT. If not, it's the IP address of his box. Anyway it's the IP address he uses in the Internet.

Yes.

Yours, VB.

Volker...I just ran Shields Up for grins and got this:

"Your Internet port 139 does not appear to exist!

One or more ports on this system are operating in FULL STEALTH MODE!

Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion. Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet."

How much of this is nonsense?

I'm using SP2 Firewall :-) I also scan with Rootkit Revealer every once in a while to see what's going on.

Thanks

rm

All of it AFAICS. There is no "stealthing". Dropping TCP SYN instead of sending an RST does not improve security at all.

Microsoft decided to drop and not to send RST. This is a disadvantage of the Windows-Firewall. But it does not lower security, so you can live with it.

Yours, VB.