Greetings all,
I recently purchased OP2 after using the free version (1.0) for a while. First of all I must say the program really evolved. Much better installation with total guidance. Interface also improved quite al lot, but without losing its easy-of-use. So far so good, but 1 litte problem prompted. Today I surfed to pcflank for a security test, and to my surprise 2 closed (but visible) ports showed on my system. These are 1080 (socks) and 3128 (trojan horse port according to pcflank).
I have to mention I have some progs in my trusted-app zone. Internet Explorer is one of them, but with version 1.0 this never "unstealthed" any ports. Anyway, as port 1080 is probably related to this, I removed IE from trusted and implemented Outpost's standard ruleset. Unfortunately, pcflank suddenly went down so I cannot retest.
Anybody know why port 3128 is closed in stead of stealthed? I have KAV virusscanner and always updated, so the chance of actually having a trojan on my system is small.
[update]
Pcflank online again, tested with port scanner, but no dough. Both ports still visible.
@ Megahertz,
You are right, the supposed visible ports don't show in OP's open ports window. Quite strange. Could it be pcflanks test itself that is producing these strange results?
And I am (almost) always in block most mode. That is, if that round object in my systray with a horizontal line in it means block most. :D
[update]
The problem probably is the pcflank portscanner. I've just ran the sygate online scan as well as symantec scan. Both revealed no visible ports, everyting is stealthed.
The memory of Tiresias: intertextuality and film::
He is brought into being as a quote, as something that does not belong entirely to the space of the text and its narrative.
http://escholarship.org/editions/view?docId=ft4779n9q5&brand=ucpressHOME |
Bibliography for Plagiarism and Ellen G. White::
"The question is not, whether the materials which are used are entirely new, Whiteman, Bruce "High-Born Stealth and Other Readerly and Writely
http://dedication.www3.50megs.com/David/bibliography.htmlHOME |
False alarm I guess, sorry for the trouble and thanks to everyone who replied so swiftly.
Well, I have decided not to mess around with my router, since in the autumn, before I had the router, Outpost showed me in stealth mode, so with the router's firewall and Outpost, my system must be secure.
On another note, a lot better than version one, seems to work much better in XP. Pity there is not a free version at present, though, probably will take several months before that shows up, I suspect.
Petrovski,
Are you behind a router? Also when you open Outposts GUI and click on Open ports do you see those ports listed? If so which applications have them opened?
Originally posted by borago
I am unable to do the report at pcflank. period. It can never find my ip address, do i have bad setting in outpost that stops it getting this info?
I am on dial-up.
Steve
Nope you dont have a bad setting.It doesnt detect mine anymore either.It seems to be a freesere proxy thing ...in my case anyway as i use freeserve
me
I am using D-Link, although I am not that worried, as it probably means that I am doubly protected, it was just that it would have been nice to see the test result.
I am not sure where to block Wan, but know where the DMZ is and what IP I have.
yes ,,,thats the fellow muchod...my isp freeserve uses that too...lol im currently using the symeantc one.As long as you dont have user agent or referrers blocked it will correctly scan your ip.
me
Blocking WAN requests will be in the advanced settings in your router admin.
Chris
yes ..pcflank used to work but i think freeserve updated its servers or something of that nature and since then pc flank doesnt seem to work with uk users on freeserve.I did email pcflank about it ages ago but no reply back.
me
If you are behind a router shock wave it is the router being tested and not OP, and make sure you router is set to block WAN requests. I can test both my router and OP and get full stealth at all the scan sites. If your router has a DMZ you need to place your PC there before doing the scans and then OP will be tested. Also what type of router are you using?
Originally posted by Petrovski
Obviously they do Megahertz. I'm quite certain my system is secure now, but just to be sure I've requested a friend to do an nmap portscan. If that reveals nothing I can sleep peacefully tonight. :D Well I'll go out on a limb here and say sweet dreams then. :D
For some strange reason Petrovski PCFlank has problems with false positives from time to time. Glad you got it settled.
P.S. - I always confirm my scan results by running scans at multiple sites.
I am unable to do the report at pcflank. period. It can never find my ip address, do i have bad setting in outpost that stops it getting this info?
I am on dial-up.
Steve
Hi,
I also cannot use PC Flank anymore...a message regarding cannot scan my IP..shame it was quite a good site. I have been using the new GRC scan it is usful if u want to check basic ports or just some specific ones. Best of all it detects my IP address accurately..unlike most which get my ISPs proxy.
the link is: http://nanoprobe.grc.com/intro.htm
if u haven't already got it.
Megahertz,
No I am not behind a router or even a proxy. Direct internet connection.
The open ports on my system are:
svchost.exe 0.0.0.0 1319 UDP 25-5-2003 15:24:42 1 hour(s) 43 min(s) 38 sec(s)
msmsgs.exe 127.0.0.1 1046 UDP 25-5-2003 15:24:42 1 hour(s) 43 min(s) 50 sec(s)
svchost.exe 0.0.0.0 1040 UDP 25-5-2003 15:24:42 1 hour(s) 43 min(s) 58 sec(s)
msmsgs.exe 217.122.153.37 10036 TCP 25-5-2003 15:24:42 1 hour(s) 44 min(s) 05 sec(s)
msmsgs.exe 217.122.153.37 8890 UDP 25-5-2003 15:24:42 1 hour(s) 44 min(s) 12 sec(s)
msmsgs.exe 0.0.0.0 1029 UDP 25-5-2003 15:24:42 1 hour(s) 44 min(s) 19 sec(s)
system 0.0.0.0 12032 GRE 25-5-2003 15:24:42 1 hour(s) 44 min(s) 26 sec(s)
system 0.0.0.0 0 RAWSOCKET 25-5-2003 15:24:42 1 hour(s) 44 min(s) 35 sec(s)
system 0.0.0.0 1028 TCP 25-5-2003 15:24:42 1 hour(s) 44 min(s) 43 sec(s)
svchost.exe 0.0.0.0 1026 UDP 25-5-2003 15:24:42 1 hour(s) 44 min(s) 51 sec(s)
svchost.exe 127.0.0.1 123 UDP 25-5-2003 15:24:42 1 hour(s) 45 min(s) 00 sec(s)
svchost.exe 217.122.153.37 123 UDP 25-5-2003 15:24:42 1 hour(s) 45 min(s) 07 sec(s)
lsass.exe 0.0.0.0 0 protocol 255 25-5-2003 15:24:42 1 hour(s) 45 min(s) 13 sec(s)
lsass.exe 0.0.0.0 500 UDP 25-5-2003 15:24:42 1 hour(s) 45 min(s) 21 sec(s)
svchost.exe 0.0.0.0 1025 TCP 25-5-2003 15:24:42 1 hour(s) 45 min(s) 26 sec(s)
svchost.exe 0.0.0.0 DCOM TCP 25-5-2003 15:24:42 1 hour(s) 45 min(s) 32 sec(s)
iexplore.exe 127.0.0.1 3803 UDP 25-5-2003 16:45:29 24 min(s) 52 sec(s)
iexplore.exe 127.0.0.1 4122 UDP 25-5-2003 16:49:00 21 min(s) 27 sec(s)
Obviously they do Megahertz. I'm quite certain my system is secure now, but just to be sure I've requested a friend to do an nmap portscan. If that reveals nothing I can sleep peacefully tonight. :D
My ISP uses a 'transparent' proxy and PCFlank is unable to get the correct ip (although they can get it from http headers Client-ip or X-Forwarded-For). I email them but as you no answer...
Regards,
I cannot do the test either as I have a router and it gives a different IP address to the one on my PC. It shows some of the ports as closed and others as stealth. It would be nice to be able to do the test and get a result with stealth, which I know I had before I had the router.
Originally posted by bassbag
Nope you dont have a bad setting.It doesnt detect mine anymore either.It seems to be a freesere proxy thing ...in my case anyway as i use freeserve
me
I realised that you could be right but as Falcon_4 says I grc.com gets my IP address correctly and will scan... but no PCFlank
Steve
Originally posted by borago
I am unable to do the report at pcflank. period. It can never find my ip address, do i have bad setting in outpost that stops it getting this info?
I am on dial-up.
Steve Do you know if your ISP uses a proxy? Do you also have the same problems at other scan sites? A porxy can often cause that problem at scan sites.
Petrovski I do not even see those two ports listed. What mode were you in while running the scan? Please rerun the scan using Block Most mode and let us know he results.
 Red Hat's Rough Recovery From CFO Exit
 Windows Live Finds a New, Pre-installed Home
|
PRINT
Add to favorites