Guest BooYah Posted November 12, 2002 Report Share Posted November 12, 2002 I'm running GuardDog, but when I probed my ports at Shields Up, the only ones stelathed were 23 and 80. 21, 25, 79, 110, 113, 135, 139, 143, 443, 445, and 5000 were all "closed" All the boxes in GuardDog, except for HTTP, POP3, SMTP, and DNS are unchecked. I also tried iptables -A INPUT -p tcp --syn -j DROP but got the same port scan results. Is it possible to be in total stealth mode, meaning to get all ports to register as "stealth?" BooYah! Quote Link to comment Share on other sites More sharing options...
Guest anon Posted November 12, 2002 Report Share Posted November 12, 2002 Firestarter will put all ports in " stealth " get it here : http://firestarter.sourceforge.net/ Quote Link to comment Share on other sites More sharing options...
Guest BooYah Posted November 12, 2002 Report Share Posted November 12, 2002 I got the same results with Firestarter. Something isn't right. FS didn't even list any hits/probes from ShieldsUp, or anywhere else for that matter. The LAN card and modem blink, and I watched the Network Monitor shoot up, so I know I was probed. I'm using a LAN card to connect to an ADSL modem, and don't have any problems with surfing or email. Both firewalls were setup on eth0, as is my network connection. Where should I start troubleshooting this? Thanks. Quote Link to comment Share on other sites More sharing options...
Guest anon Posted November 12, 2002 Report Share Posted November 12, 2002 FS works fine for me, all stealth. go to a term type su then type firestarter see if there are any error messages in the term Im assuming you have the latest iptables 1.2.6a-1mdk Quote Link to comment Share on other sites More sharing options...
Guest BooYah Posted November 12, 2002 Report Share Posted November 12, 2002 Thanks for the reply. No error messages when I run from the terminal. I do get a "logfile not found or access denied...firestarter log monitoring disabled" error message when booting-up, but I assume that's because I'm not logging in as root on bootup. I'm stumped. I uninstalled and reinstalled iptables and firestarter, but no luck. The only thing I can do with firestarter is stop all network traffic-and shut myself off from the internet and my POP email. Quote Link to comment Share on other sites More sharing options...
Counterspy Posted November 12, 2002 Report Share Posted November 12, 2002 There is too much made of being stealthed as opposed to being closed. The GRC site for Shields Up makes this clear. As long as your ports are closed, you do not have anything to worry about. The difference is being invisible where the doors cannot be seen (stealth) or being closed meaning your doors can be seen but they are all locked (closed). Machine hijackers or root kit types are not going to bother with you when there are all those unprotected machines just one ping away. Also consider that most of the test sites are geared toward Windows, not Linux. If you can find a site that does Linux-specific free scans, please post it. Counterspy Quote Link to comment Share on other sites More sharing options...
Guest Maciek Posted November 27, 2002 Report Share Posted November 27, 2002 If you want to seriously test your ports, avoid grc.com. There are at least ten sites which can test all or specific ports for free. At the moment I can remember only pcflank.com, but it may not be the best. Quote Link to comment Share on other sites More sharing options...
Germ Posted December 31, 2002 Report Share Posted December 31, 2002 http://scan.sygatetech.com/ does a lot more in-depth scanning than grc.com Quote Link to comment Share on other sites More sharing options...
larryt Posted January 1, 2003 Report Share Posted January 1, 2003 BooYah, If you are still having trouble or are not satified with what you have tried, do try ipkungfu. I like it because it is perfect for people like me who don't know ZIp about how to set up iptables by hand.:) www.linuxkungfu.org/ It is small and light and stealths everything and does not interfere with moving around on the web or restrick anything that I have noticed. Then drop over to pcflank and let it try to get in. However, I am using dial-up so don't know if there are any ASDL issues. Larry Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.