Done a forum search for this site and although a few know of it, alchresearch first mentioned it 08/03, it is always embedded in a thread.

With so many folk asking about security I thought it warrented a thread of it's own.

The site is Gibson Reasearch and is respected.

Go here (http://www.grc.com/intro.htm) and run 'Shields Up'.

It will tell you if you are protected adaquatly.

There is other good stuff there too.

Post your results!

Sorry if this has been done before, but I don't think it has.

When I click on Shields Up, I get a News and Views page....what do I do then?

Sorry, but Steve Gibson (grc.com) is an idiot. The "Shields Up!" part of the site is useful, but the guy is a sensationalist fear-monger, who uses anything he THINKS is a problem to get him & his site more publicity.

By all means, use Shields Up to check your basic security, but if you read more into his site you can take most of what he says with a large pinch of salt...

And before anyone starts...

"Gibson takes his preferred route to getting the ink that he craves: technobabble and innuendo. He can't prove anything (technically, he hasn't got the chops), so he lurks in the gray area between fact and fiction, and generates torrents of fear, uncertainty, and doubt."

"Gibson has a bad track record: a history of latching onto arcane issues that he doesn't fully understand and can never prove, and converting his limited understanding into fodder for the next internet melt-down."

"The WMF backdoor very much in keeping with Gibson's history of getting security matters a bit wrong, filling the gaps in his understanding with technobabble, and hyping the actual matter out of all reasonable proportion in his neverending quest of ink."

- All quotes by Thomas C Greene (http://www.apress.com/author/authorDisplay.html?aID=254), I know who I'd listen to...

When I click on Shields Up, I get a News and Views page....what do I do then?
That site gets more and more difficult to navigate... Try here (https://www.grc.com/x/ne.dll?bh0bkyd2)

Sorry for suggesting it then:(

Sorry for suggesting it then

Not at all, as I said the Shields Up part IS useful, it's about the only thing I'd trust the guy with, seeing as though it's just a web front-end for something he didn't write :thumbsup:

I just didn't want people going "oooh what a good site" & automatically believing all the stuf he spouts, FUD-monger extraordinaire that he is... :hihi:

Well as I suspected my firewall is fully stealthed so nowt is getting in and from my PC!!

Agnitum Outpost PRO by the way friends.

At least my thread didn't get killed completly.

Thanx Angelus.

I gave up trying to navigate my way through that site. I got so far, and then didn't have a clue what to do next.

I don't seem to have any problems with Zone Alarm (free), so I think I'll just go with what I have, as it seems to be doing the job ok.

I gave up trying to navigate my way through that site. I got so far, and then didn't have a clue what to do next.


Ditto Ann, Ditto

FGS, it's not that hard.

Follow this link

https://www.grc.com/x/ne.dll?bh0bkyd2

scoll down a bit and hit 'proceed'

edit:

sorry for loosing my rag there. Yes, it's not the most logical site, but it does work. Give it another try. You need to test your ports.

Don't shout at me!

I've been there, then clicked proceed, and goodness knows what came next....load of gobbledegook about my IP address. Nothing, that I could see, to say whether my security was adequate or not. So I gave up....simple!

I don't think I'll bother with it again.

FGS, it's not hard.

Follow this link

https://www.grc.com/x/ne.dll?bh0bkyd2

and hit 'proceed'

Yes, not really hard to find :hihi:

Mine is working fine too.:thumbsup:

Sygate Personal firewall

after clicking proceed you should see the next page with the ports to test... just click on ports to test
Or try this site (http://scan.sygatetech.com/)

load of gobbledegook about my IP address

This will be your ip address and in my case my *reverse DNS*.
The end of the string is probably a domain name related to your ISP. This will be common to all customers of this ISP. But the beginning of the string uniquely identifies your Internet connection.
The ip address will change each time you connect to the internet unless it's static.

Your Internet port 139 does not appear to exist! One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.


after reading the above, i feel safe and secure enough to got to bed with sweet dreams. thanks GR :love:

This will be your ip address and in my case my *reverse DNS*.
The ip address will change each time you connect to the internet unless it's static.

I'm with a supplier that uses static ips, so it is always correct.

after clicking proceed you should see the next page with the ports to test... just click on ports to test
Or try this site (http://scan.sygatetech.com/)

Tried the Sygate site. Got my IP, OS and browser version but nothing else.

Don't shout at me!

Ann, I didn't shout at you. If I had, it would have been in caps. You know the rules;)

Apologies anyway. I just expressed frustation.

Soz...must have changed since i last used it Try here (http://scan.sygate.com:443/cgi-bin/probe/stealthscan.cgi )

Tried the Sygate site. Got my IP, OS and browser version but nothing else.

No Savannah, I meant it got my ip but no other info etc. A good test.

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

and
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

Windows 2000 pro on an old PIII 450 with lavasoft personal firewall.

No Savannah, I meant it got my ip but no other info etc. A good test.

Yes, the original link i posted use to list all the port tests.....it doesn't now
The second linky will test your ports...just takes a couple of mins.