Concerned about security

[gemigene]

Hi,

I ran an online "Shields Up" test from Gibson Research Corp. and was quite taken aback by the results, all except for 5 ports are closed and not stealth.

Hardware:

iMac aluminum 24" running Leopard 1.51
Airport Extreme base station router set with WPA2 security, DSL modem using PPoE.

Any ideas?
Gene

 

[PerryLynch]

This is not a bad thing, really. As it explains on Steve's site, 'Stealth' indicates that your ISP is blocking the port, and not your router/firewall. This tells me that your ISP doesn't permit inbound access on those 5 ports, as a means of preventing people from running their own servers.

'Closed' is the optimal setting. While that will not stop a determined hacker from trying to get at your information, it will prevent possibly 90 - 95% of the skript kiddies and lesser-skilled types from doing anything.

Think of it as double-protection on those 5 ports: If the hacker DOES get past your ISPs filter, he still has to get past your firewall, too.

Perry

 

[gemigene]

This is not a bad thing, really. As it explains on Steve's site, 'Stealth' indicates that your ISP is blocking the port, and not your router/firewall. This tells me that your ISP doesn't permit inbound access on those 5 ports, as a means of preventing people from running their own servers.

'Closed' is the optimal setting. While that will not stop a determined hacker from trying to get at your information, it will prevent possibly 90 - 95% of the skript kiddies and lesser-skilled types from doing anything.

Think of it as double-protection on those 5 ports: If the hacker DOES get past your ISPs filter, he still has to get past your firewall, too.

Perry

Thanks for the reassurance, perry, I was really worried about this. When I had a Winbox with a firewall, I ran that same test and all ports were "stealth" so I was expecting the same with the iMac.

Now, it shows ports 25, 136, 137, 137, 138, 139 and 445 as being stealth and the rest as closed (for some strange reason, I ran the test again and now have 7 instead of 5).

Cheers,
Gene

 

[kuchiki]

you may want to try out another popular port scanner which is pcflank.com

however, I wouldn't worry too much about the ports as long as they are closed.

 

[PerryLynch]

Well, port 25 is mail, and the others are all related to various Windows networking protocols that should not be allowed outside of your network anyway. So I'm going to guess you've got an ISP that does not allow you to run your own mail server, and they are taking precautions against people being dumb enough to connect a windows machine directly to the network without a firewall.

You're good to go, unless you actually want to run a mail server at home.