Until yesterday I was using dialup with the Norton Internet package and getting "perfect" firewall test results from Gibson's "Shield Up" site.
I added a Zoom X5 dsl modem/router and the test results now show most ports blocked but not stealthed.
The modem is running in the dyanamic NAT mode which is the same as NAPT.
Any idea as to why my test results show the system less secure with the router than without it?
Thank you,
Mike
OK, you've got a lot of fun with playing with toys.
Yes, that's pretty good. However, it would be better to have selective access to this default behaviour.
Huh? Why should it be less secure? And how should something be less secure than your toys?
"Stealth" is just ridiculous marketing bullshit. Your computer isn't invisible just because you don't respond to incoming packets. If there's no computer then the last router *before* it will respond e.g. with a "destination unreachable" ICMP packet. No response usually means "yes, there *is* a host, and it's dropping packets".
[...]Your system isn't less secure.
cu
59cobalt
The machines are behind a NAT router. So, since no unsolicited inbound traffic can reach the machines and make the machines or the personal FW on the machines react because the router is setting in front of them blocking all unsolicited inbound traffic, which is what Gibson's little ridiculous
*stealth* test is about that is reacting to unsolicited inbound traffic to a machine with a PFW, how are the machines not stealthed?That's because stealth is ridiculous and its a Gibson term. And what do you mean most ports are blocked and not stealthed? Either all the ports are closed /blocked on the router or they are not. What is it?
Duane :)
The ports are closed is the main thing. They have FW routers where you can tell it not respond to ping traffic.
A personal FW is not a FW. It's just a machine level packet filter. The PFW doesn't separate two networks like a FW router, host based FW with two NIC's or FW appliance. FW's separate two networks the one it is protecting from usually the Internet and the one it's protecting the LAN.
Well, do you see how rediculous it is that it even gives different results?
The point is the ports are *closed* and it's the router setting in front of the machines. The machines are already stealthed, because they are behind a NAT router and they *cannot* respond to unsolicited inbound traffic with or without the PFW setting on them, which is all the little stealth test is about for a PFW.
Forget about the stealthed crap the ports are closed and that's all that counts. You should use Google if you want to find some other testing sites.
You should learn about FW(s). Your router may not be a FW either, but it comes closer to being a FW, than the PFW.
ICMP (the protocol ping uses) doesn't work on ports, because it works in a different layer. "stealth" is just a marketing term that means "no response to incoming packets, be they ICMP, TCP, UDP or whatever". It's nonsense, because in TCP/IP not responding does *not* mean that there's nothing there.
Perhaps these tests are just broken.
cu
59cobalt
The test conditions for each case are unknown and I can see what a can of worms testing these things is after reading Duane's links.
Thanks for your input.
Mike
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.