Solved Is Your PC Secure from Inbound Attacks?

Take the Shields Up Test and find out if your ports are secure:

https://www.grc.com/default.htm

View attachment 24493

JustATest said:

Take the Shields Up Test and find out if your ports are secure:

https://www.grc.com/default.htm

Click to expand...

That test can provide a false sense of being secured for systems behind a firewall; for example a laptop behind a broadband router at home. The result might be "stealth", but that does not necessarily mean the laptop will perform the same, when it is accessing wifi hotspots.

Cr00zng said:

JustATest said:

Take the Shields Up Test and find out if your ports are secure:

https://www.grc.com/default.htm

Click to expand...

That test can provide a false sense of being secured for systems behind a firewall; for example a laptop behind a broadband router at home. The result might be "stealth", but that does not necessarily mean the laptop will perform the same, when it is accessing wifi hotspots.

Click to expand...

So, are you saying that specific ports are required to be open to maximize hot spot connectivity? And, what specifically do you mean by "false sense" of security? This test is designed specifically to test whether or not you PC is vulnerable to attack from someone probing IP addresses (and specific ports) from the internet. So, one must understand the intent of the test to understand the extent of the secure feeling it is intended to provide. So, please elaborate on your original post and please give more us detail to support you brief original post. Thank you for responding.

JustATest said:

So, are you saying that specific ports are required to be open to maximize hot spot connectivity? And, what specifically do you mean by "false sense" of security? This test is designed specifically to test whether or not you PC is vulnerable to attack from someone probing IP addresses (and specific ports) from the internet. So, one must understand the intent of the test to understand the extent of the secure feeling it is intended to provide. So, please elaborate on your original post and please give more us detail to support you brief original post. Thank you for responding.

Click to expand...

No, that's not what I am saying and I apologize for the misunderstanding...

Shields up will run a probe of the public IP address that may or may not be the same as the computer's IP address. For example, the broadband routers has DHCP assigned IPs for the internal network, usually in the 192.168.1.0/24 range. If the broadband router blocks outbound "chatty" protocols, such as MSRPC, UPnP, etc., Shields Up will not detect them, despite the fact that these ports might be detected by nMap internally.

The Shields UP scan resulted in stealth mode for my Windows 8.1 laptop; however, this is what nMap scan shows internally:



Take this laptop to a wifi hotspot, or directly to the Internet, where these ports could be exploited, if there's a remote exploit for these services.

The Windows firewall is generally configured as allowing the outbound chatty protocols (ports) for private networks. The wifi hotspot also uses private DHCP assigned IPs that could even be the same as the home network defined by the broadband router. As such, if the wifi hotspot's firewall does not block the outbound chatty protocol, they could be discovered on the Internet. Even if the wifi hotspot blocks these protocols going out to the public network, any other wifi hotspot users could discover and exploit these ports open.

I hope this is clearer...

Yes, I think your concern is a bit more clear now. However, remeber that the Shields Up Test is only designed to test for vulnerabilities that are "uninvited." However, it appears that you are primarily concerned with outbound vulnerabilities in high-risk areas; yes? If so, then I agree that one has to understand the intent of the Shields Up Test and one should not get a "false feeling of comfort" that "all is well everywhere" just because they got a stealth rating. However, it is very easy to "invite" malware into your PC by simply clicking (unsuspectingly) on a link to a malware download and I have found that the best defense for this is an "early warning flag" from a good 3rd party AV or malware software that gives you a chance to abort the connection before the malware is fully downloaded and can start running on your PC. Anyway, congrats on a nice response and the clarity of your issue.

You are correct that one would need an AV and other security measures to protect against malware, but...

AV will stop known malware, but pretty much useless against unknown ones and as such, the AV definition update is critical for the detection. It is also important to keep the system/applications security patches up to date, don't logon with the admin account, and use additional security protection such as MS EMET, Winpatrol, etc., to keep the malware off of a system.

Shields Up only sees ports that allow inbound connection from any IP address when it scans for open ports, or services, and it cannot scan for "uninvited vulnerabilities".

This is due to how these uninvited programs work. Once the malware establishes itself on a system, it contacts the command and control center, or CCC, for instruction on a periodic basis. The connection initiated by the host can be on any ports, that does not really matter. What matters is that the destination of this connection is defined within the malware code. It's pretty much a point-to-point connection that does not show up in the port scan, even in nMap, as an open port.

In theory, my Windows 8.1 could have malware running it; the nMap scan posted earlier cannot determine the existence of the malware and there's no easy way to see, if the system is infected with just a port scan. One would need to analyze running processes, established outbound network connections, and capture the network traffic on a switch/router to reasonably determine the existence of malware. That is especially true with the "industrialized/modern" malware that is hard to detect.

PS: Thanks for "thumbs-up"!

Cr00zng said:

Shields Up only sees ports that allow inbound connection from any IP address when it scans for open ports, or services, and it cannot scan for "uninvited vulnerabilities".

Click to expand...

OK, thanks for that; however, let me just be very specific about the intent of this thread and the Shields Up Test. Specifically, the test is not intended to "scan" for uninvited vulnerabilities. It is; however, intended to "create" an uninvited vulnerability and try to "exploit" any of the open (most commonly used) ports connections and that is all it is intended to do. Thank you.