Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×
Our Newsletter now includes a Sunday edition! Stay updated 7 days a week!

Test Your Firewall

opalhort

By opalhort
in IT and Computers

 Share

Recommended Posts

opalhort Platinum Member

opalhort

Posted
Posted

Today there is an article in the BKK Post Database "A firewall for everyone" by Wanda Sloan.

Link to article (not sure how long this link will be active).

There is a test mentioned (www.grc.com "ShieldsUp") Link

When I ran this test with only the WinXP firewall switched on some major risks were found. After activating ZoneAlarm and deactivating the WinXP firewall a few minor risks were found.

I have not yet installed the Comodo firewall but will give it a try soon.

We are on a LAN behind a correctly configured ADSL modem/router.

opalhort

Guest Reimar

Guest Reimar

Posted
Posted

Had you enable or disable the firewall in your Router/Modem?

jstumbo Gold Member

jstumbo

Posted
Posted
Today there is an article in the BKK Post Database "A firewall for everyone" by Wanda Sloan.

Link to article (not sure how long this link will be active).

There is a test mentioned (www.grc.com "ShieldsUp") Link

When I ran this test with only the WinXP firewall switched on some major risks were found. After activating ZoneAlarm and deactivating the WinXP firewall a few minor risks were found.

I have not yet installed the Comodo firewall but will give it a try soon.

We are on a LAN behind a correctly configured ADSL modem/router.

opalhort

Did you have an exceptions in the configuration of the WinXP firewall? You can close them.

opalhort Platinum Member

opalhort

Posted
  • Author
Posted (edited)
Had you enable or disable the firewall in your Router/Modem?

I did not touch the router firewall at all (it is always enabled). Left it alone the way it has been for a long time.

opalhort

Edited by opalhort
opalhort Platinum Member

opalhort

Posted
  • Author
Posted
Did you have an exceptions in the configuration of the WinXP firewall? You can close them.

No. My Win XP firewall has been off since day one because I have been using ZoneAlarm only (of course in conjunction with the router firewall).

I only posted this topic because I think the link Wanda Sloan provided (www.grc.com) is very good and may help people to verify their security settings.

opalhort

opalhort Platinum Member

opalhort

Posted
  • Author
Posted (edited)
Yes, I like the article too. I PDFed it and attach it here.

--

Maestro

Thanks for that. Why can't I figure out how to get a news post into a PDF file?

Posting links to newspapers is no good since they tend to change after a short time.

opalhort

//Edit: See new topic "Free PDF writer" in Internet Forum

Edited by Maestro
Thaising Gold Member

Thaising

Posted
Posted (edited)

I have tried what you recommend, the online scan on my machine with zone alarm was passed with flying color.

Edited by Thaising
Gary A Star Member

Gary A

Posted
Posted

I was curious what it would find with Linux and Firefox. I often use Linux when I am on the Internet. I have no firewall or antivirus protection. Apparently I am very safe. All green.

Guest Reimar

Guest Reimar

Posted
Posted (edited)

As long as the Router's Firewall is configured correctly there isn't any need for an additional software firewall just a good Anti Virus software!

I use the Router's Firewall only for years and not any software firwall and haven't any problems. The Anit Virus Software I use is Avast on "Workstation" PC's and ClamAV on Servers! Both are Freeware!

For Server's many AV software want work special the free one. I was using Avast on Server for some years and on a new Server ClamAV for to compare to Avast. The ClamAV was as good as Avast and as the time was coming to renew thw Avast License I was changing the other Server's to ClamAV too. Never any Problem!

Edited by Reimar
Farma Platinum Member

Farma

Posted
Posted

I get this reply from that website. :o

"The ShieldsUP! system incorporates technology designed to circumvent many common web browser proxies so that most of our visitors never encounter this special interception page. This built-in circumvention technology is one of several reasons why ShieldsUP!'s tests are often more accurate than other web-based online security tests.

However, in this case, it appears that our automatic proxy circumvention system has failed to determine your machine's true IP address, so the results of further tests would not be trustworthy.

The "reverse DNS lookup" of your connection's public IP address is:

Cache-???.???

As you can see, this looks suspiciously like the name of an intermediate proxy, as discussed above. We are unable to bypass this proxy, since even your browser's secure SSL connections are being intercepted. If you are able to disable your browser's use of this proxy we'll be able to check your system, but until then we are unable to proceed. "

opalhort Platinum Member

opalhort

Posted
  • Author
Posted
As long as the Router's Firewall is configured correctly there isn't any need for an additional software firewall just a good Anti Virus software!

Yes, you are correct....but...

In our case sometimes our ADSL bandwidth is exhausted (one plays on-line game, one watches video/tv) then I may have to use the good old dial-up and a software firewall is then a must. All our PCs are on a LAN behind a router but every PC can also go online using dial-up if need be.

For me ZoneAlarm is convenient to help me control outbound traffic. Not malware or virus (haven't had any of those for a few years) but some programs like to update/upgrade themselves and I may not like to let this happen at least for the time being for one or another reason.

This is the reason why I still like to use a software firewall.

opalhort

Steve2UK Gold Member

Steve2UK

Posted
Posted (edited)

I was previously toying with the idea of posting this about Comodo Firewall Pro V3 - and seeing this thread referring to the Bangkok Post article now prompts me to do it. I e-mailed Wanda Sloan as follows:

Comodo Firewall Pro V3 issues - best to wait for fixes before install?

Hi Wanda,

Ironically, I read your column recommending the Comodo Firewall Pro V3 just the day after I finally gave up and uninstalled V3 (to reinstate V2.4) after a week of pain - because both the Firewall and Defense elements proved incapable of remembering the permissions they had "learned"........ both within a session and after fresh boot-ups. This meant repeated alerts asking for instructions to allow or block the very same processes that I had already flagged seconds before (worst cases being my Nod32 anti-virus installation triggering the same alerts without end and - arguably worse/more surprising - the same thing with Comodo's own BOClean anti-malware which I have installed alongside their Firewall).

Please take a look at the various threads currently running on Comodo's own user forum - http://forums.comodo.com/help_for_v3-b105.0/ particularly http://forums.comodo.com/help_for_v3/upgra...s-t15540.0.html and http://forums.comodo.com/help_for_v3/versi...s-t16478.0.html

I am far from being alone in having the "Comodo-not-remembering" problem - and others have experienced massive slowdowns, 100% CPU usage etc etc........not to mention finding it impossible to uninstall V3 (latest build 268). Fortunately, I was able to uninstall it cleanly and re-installed V2.4 - which works fine and which I will keep until Comodo have sorted out the problems of what, frankly, seems to be a very buggy beta release for many.

You may want to recommend to your readers that they wait a week or so until Comodo have fixed the main problems. When they do, it will be arguably the best pro-active Firewall around - even more remarkable given that it's free.

The Comodo forum invites you to request a link for a beta fix that is intended to address a number of significant issues with V3. I have just received a PM from that forum directing me to the link and listing the beta fixes it contains - but I have decided to wait until they release a V3.x that is more reliable.

As we like to say in LOS - up to you..........

[bTW, the Comodo forum already contains plenty of posts saying "I don't have a problem with my installation" - no need to add to those here. My point is that a significant number of people are having major (largely unexplained) problems. On that basis, the least you should do before installing the current V3 is set a Restore Point to roll back to in the event of trouble with it. Unless, of course, you're using Windows 98.......... :o]

Edited by Steve2UK
prallo Explorer Member

prallo

Posted
Posted (edited)

I am using the Comodo Firewall for 1 week now. I must say the best Firewall I´ve ever had !

No problems with it.

Edited by prallo
PattayaDavid Advanced Member

PattayaDavid

Posted
Posted

After reading this thread yesterday then Wanda Sloan's article on the Comodo 3 Pro Firewall, I uninstalled my Zone Alarm Basic Firewall and installed Comodo 3. I run Vista Ultimate on my computer. Before uninstalling my Zone Alarm Firewall, I ran the "ShieldsUp" test found at www.grc.com as recommended by Wanda Sloan to check for vulnerable ports to threats. The test found 3 open ports, all other ports closed and no stealth ports. After loading Comodo 3 Pro, I ran the test again and received the exact same results. Below is the results of my test. My question to you, how do I access and correct these port vulnerabilities? I don't have a clue and Wanda Sloan failed to address this issue in her article, thanks.

Port 21 FTP OPEN! FTP servers have many known security vulnerabilities and the payoff from exploiting an insecure FTP server can be significant. This system's open FTP port is inviting intruders to examine your system more closely.

Port 23 TELNET OPEN! Telnet provides a remote command prompt window which allows remote systems to be configured and controlled. Any system that appears to be offering a Telnet connection — like yours is right now — is offering the potential for total command-level access. Since a surprising number of Telnet servers are known to have no password, this open Telnet port will be attracting a LOT of the wrong kind of attention. If your network contains a residential NAT or DSL router, it may be that its "WAN-side" management interface is open and accepting connections. No matter what the cause, you should immediately attend to this open Telnet port.

Port 80 HTTP OPEN! The web is so insecure these days that new security "exploits" are being discovered almost daily. There are many known problems with Microsoft's Personal Web Server (PWS) and its Frontpage Extensions that many people run on their personal machines. So having port 80 "open" as it is here causes intruders to wonder how much information you might be willing to give away.

opalhort Platinum Member

opalhort

Posted
  • Author
Posted
My question to you, how do I access and correct these port vulnerabilities? I don't have a clue and Wanda Sloan failed to address this issue in her article, thanks.

You can close the open ports by accessing your router set-up screen.

opalhort

Daffy D Platinum Member

Daffy D

Posted
Posted

I too did the Wanda firewall test and all appeared to be OK, the only failed notice was with the ping thing;-

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

I have the free COMMODO Pro V3 fire wall and would like to know how to configure it to block the pings as recommend. I have looked through the options of COMODO but can’t see anything “ping like” so any pointers in that direction very welcome.

Thanks in advance

D.D. :o

astral Star Member

astral

Posted
Posted

Be careful of blocking pings.

I did that a while back and suddenly found my link to the ISP was dropping every few minutes.

The ISP used a ping to establish if my computer was still on line. :o

Daffy D Platinum Member

Daffy D

Posted
Posted
Be careful of blocking pings.

I did that a while back and suddenly found my link to the ISP was dropping every few minutes.

The ISP used a ping to establish if my computer was still on line. :D

Looks like there’s not much opinion about this so guess I will leave things as they are :o

D.D.

:D

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formally ThaiVisa) is Thailand's oldest and most popular expat and foriegner forum. Sign up today and have your say!

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...