kakku
Max Output Level: -59 dBFS
- Total Posts : 1646
- Joined: 2014/08/31 21:37:39
- Location: Finland
- Status: offline
Attention all computer savvy people!
I have now gotten an internet connection thingy from my isp and am a bit in a need of help. I have a Cisco EPC 3828D cable modem and in it there is a integrated nat router(firewall). I also have the Comodo Internet security premium software. I made a couple of stealth tests in Grc.com and according to them(I also made a test in pcflank.com and it said about the same thing) not all of my computer's tcp/udp ports are stealthed. 25, 135,137,138,139,445 and 593 are closed but visible. Should I be worried? I have tried to investigate why this is and how to close them but have not succeeded. If someone has good ideas how to stealth them I would be grateful. I called my ISP customer service but they were totally confused about my questions. The technical help costs 2 Euros per minute so I thought I try to get some help from here first. I changed the modem's password to be a bit safer although it does not help my primary concern which is stealthiness.
Sonar X1 Studio, Duo-capture and Steinberg's UR22 mk2 interfaces, super fast (read snail like) dual core computers, Arturia the Player 25 and Goldstar midi keyboards, Samsung Galaxy Ace 2 phone kakku
|
Karyn
Ma-Ma
- Total Posts : 9200
- Joined: 2009/01/30 08:03:10
- Location: Lincoln, England.
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 12:05:51
(permalink)
Is this a tinfoil hat thing or is there a genuine issue the world should know about? Stealthiness?
Mekashi Futo. Get 10% off all Waves plugins.Current DAW. i7-950, Gigabyte EX58-UD5, 12Gb RAM, 1Tb SSD, 2x2Tb HDD, nVidia GTX 260, Antec 1000W psu, Win7 64bit, Studio 192, Digimax FS, KRK RP8G2, Sonar Platinum
|
ston
Max Output Level: -71 dBFS
- Total Posts : 965
- Joined: 2008/03/04 12:28:40
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 12:13:28
(permalink)
A NAT firewall's default configuration is: "Allow NO incoming connections". So it doesn't matter if the ports are 'stealthed' or otherwise, nothing from the outside is going to be allowed to initiate and establish a connection with any of your computer's ports.
Aside: I've been an embedded software engineer for nigh on 20 years now and have never heard of the term. I asked a couple of the guys here just now and just got blank looks (even blanker than usual!) :-)
|
Beepster
Max Output Level: 0 dBFS
- Total Posts : 18001
- Joined: 2012/05/11 19:11:24
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 12:35:26
(permalink)
*kablooie*
post edited by Beepster - 2015/03/23 14:08:46
|
drewfx1
Max Output Level: -9.5 dBFS
- Total Posts : 6585
- Joined: 2008/08/04 16:19:11
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 13:03:17
(permalink)
kakku
not all of my computer's tcp/udp ports are stealthed. 25, 135,137,138,139,445 and 593 are closed but visible. Should I be worried?
The fact that they're closed means there is no danger other than information being collected from outside. This information could be used maliciously if hackers controlled another machine on your network that is behind your firewall. Otherwise it's just information. Do you know what is listening on those ports? You can look up the standard port id's: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers You can also open command prompt, and issue the following command: netstat -a -o -n Find the section in the results with the word "LISTENING" and you will see the process ID #'s on the right. If it's not a system process and you don't use/need it then shut it down.
 In order, then, to discover the limit of deepest tones, it is necessary not only to produce very violent agitations in the air but to give these the form of simple pendular vibrations. - Hermann von Helmholtz, predicting the role of the electric bassist in 1877.
|
slartabartfast
Max Output Level: -22.5 dBFS
- Total Posts : 5289
- Joined: 2005/10/30 01:38:34
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 13:44:53
(permalink)
A "stealthed" or "stealth mode" port will not reply to any inquiry. A closed port will respond to an inquiry but not initiate and continue a data transfer. The Shields Up site author claims to have coined the term: "'Stealthed' ports are a, strictly speaking, a violation of proper TCP/IP rules of conduct. Proper conduct requires a closed port to respond with a message indicating that the open request was received, but has been denied. This lets the sending system know that its open request was received so that it doesn't need to keep retrying. But, of course, this "affirmative denial" also lets the sending system know that a system actually exists on the receiving end . . . which is what we want to avoid in the case of malicious hackers attempting to probe our systems.  I coined the term 'Stealth' when I developed this site's port probing technology to describe a closed port that chooses to remain completely hidden by sending nothing back to its attempted opener, preferring instead to appear not to exist at all. Since 'Stealthing' is non-standard behavior for Internet systems, it is behavior which must be created and enforced by means of a firewall security system of some sort. The native TCP/IP interface software used by personal computers will ALWAYS reply that a port is closed. Therefore, some additional software or hardware, in the form of a 'stealth capable firewall' must be added to the computer system in order to squelch its "closed port" replies. " https://www.grc.com/faq-shieldsup.htm#STEALTH But it has been used by others: https://technet.microsoft.com/en-us/library/dd448557(v=ws.10).aspx
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 15:55:26
(permalink)
Time for all of you to head over to Beyond My DAW!
|
bitflipper
01100010 01101001 01110100 01100110 01101100 01101
- Total Posts : 26036
- Joined: 2006/09/17 11:23:23
- Location: Everett, WA USA
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 17:05:26
(permalink)
Yes, Karyn, it's tinfoil-hat territory. All it means is that someone can determine that your computer exists.
 All else is in doubt, so this is the truth I cling to. My Stuff
|
Karyn
Ma-Ma
- Total Posts : 9200
- Joined: 2009/01/30 08:03:10
- Location: Lincoln, England.
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 17:11:39
(permalink)
But I already know my computer exists...
Mekashi Futo. Get 10% off all Waves plugins.Current DAW. i7-950, Gigabyte EX58-UD5, 12Gb RAM, 1Tb SSD, 2x2Tb HDD, nVidia GTX 260, Antec 1000W psu, Win7 64bit, Studio 192, Digimax FS, KRK RP8G2, Sonar Platinum
|
Beepster
Max Output Level: 0 dBFS
- Total Posts : 18001
- Joined: 2012/05/11 19:11:24
- Status: offline
Re: Attention all computer savvy people!
2015/03/23 17:18:48
(permalink)
Computers pondering their own existence is the first step toward the rise of the machines.
I personally hope the cyborg that enslaves/kills me is the tiny, cute girl type. Not the roided up Austrian type.
Although I guess the melty kind would be kind of cool to look at in the few remaining moments I have left.
|
kakku
Max Output Level: -59 dBFS
- Total Posts : 1646
- Joined: 2014/08/31 21:37:39
- Location: Finland
- Status: offline
Re: Attention all computer savvy people!
2015/03/25 13:00:43
(permalink)
Thank you guys for the funny and some helpful comments:) I have not done much to help myself in this matter as it seems a bit more difficult than I first thought it would be. I will however at some point do some more digging and find out what all the netstat -a -b -n -o command reveals. There is a lot stuff there and I wish I was more computer savvy than I am.
Sonar X1 Studio, Duo-capture and Steinberg's UR22 mk2 interfaces, super fast (read snail like) dual core computers, Arturia the Player 25 and Goldstar midi keyboards, Samsung Galaxy Ace 2 phone kakku
|