Ports Closed ... Need Firewall?

Discussion in 'Windows Desktop Systems' started by Quezacotl, Feb 18, 2003.

  1. Quezacotl

    Quezacotl Guest

    I ran this test, if all my ports but the RPC is closed do I need a firewall?

    Thanks

    - Quezacotl -
     
  2. Enyo

    Enyo Moderator

    Messages:
    1,338
    The scan only represents a snap shot from the time the test was ran, with that in mind who is to say that one of those ports may become exposed with the launch of a application or service on your system.

    A big part of firewalling is outbound protection which you currently have none of, you may become infected by a virus/trojan or any type of malware that has the ability to provide a back door to yor system, with a firewall in place you stand a chance of preventing that exposure.

    Most test sites only scan common ports, you may be exposing something above the 1024 mark.

    I would overall say if your on a high speed connection then you should firewall the box.

    However, if you keep it patched and secure and use the correct Restrict Anonymous settings then you system is OK.

    I recommend you go for the higher level of security unless you plan to keep a close eye on internet activity and activity of apps on your system.
     
  3. Quezacotl

    Quezacotl Guest

    thanks for the response

    I think i'll try the Sygate firewall ... I used to use norton .. but it slows the pc down to a crawl :)

    can you or someone reccomend a better site to scan more ports?

    Thanks

    - Quezacotl -
     
  4. Kr0m

    Kr0m Moderator

    Messages:
    1,390
    Location:
    Turtle Island
    Keep in mind that when someone probes you that if you have your firewall on a set properly, the 'prober' will not get a reply back from your computer and there's a good chance he'll move on to his next victim.

    With no firewall running but and having just your ports closed, the 'prober' will get a reply telling him the port is closed, and may try harder to access your PC.
     
  5. Enyo

    Enyo Moderator

    Messages:
    1,338
    computercops.biz offers a NMAP scan that is pretty good.

    pcflank.com used to over a complete scan but i dont think they do so now.

    dslreports.com 's Secure Me Now (Slow scan) is good

    www.hackerwhacker.com is a nice bet

    Then of course you have:

    blackcode.com/scan
    www.auditmypc.com
    www.grc.com
    scan.sygate.com

    Also you may want to try Local Port Scanner (LPS) it performs a port scan on the local host. I had limited success with it however.

    Also you could use SuperScan from foundstone to check your system from a remote host or even locally, i belive using "localhost" as the target will work.

    Oh and why not give NMAP NT a blast if your on a LAN :)
     
  6. Quezacotl

    Quezacotl Guest

    lol phew .. just a few eh?

    well I put on Sygate 5 Pro ... and everything is stealthed and it passed everytest of theirs...

    I also saw a post on browser security, only 1 med flaw (ie6)

    and I fixed my clipbook exploit .. cuz I copy & paste lots :D

    one question more, for a virus scanner ... pc cillin or mcaffee? which would you guys prefer? i have both

    Thanks so much for all your help

    - Quezacotl -
     
  7. Enyo

    Enyo Moderator

    Messages:
    1,338
    PC Cillin 2003, i just switched to it myself.

    Its great on system resourses and in the detection tests ive done its passed wonderfully :)
     
  8. Quezacotl

    Quezacotl Guest

    Ok great thanks

    Never tried that one yet...
    Gonna go install it

    Thanks for your help!

    - Quezacotl -