"Shields Up" test results question.

Has anyone used Shields Up to do a full port scan of their machine?? I used it, and all ports tested as "stealthed", with the exception of ports #0 and #1, which tested as "closed". Anyone have any insight on this? Ok, or not ? I tried entering port 0 in my firewall, as a port to monitor, and it said "not a valid port number ". I was able to enter port 1 to monitor, and allegedly my firewall is to stealth all closed and unused ports, but retest came back with the same results. Anything I should dig deeper into ????
Brian

 

Well... if you are really concerned, I could port scan you with your permission As for port 0, I don't think such a thing exists... to the best of my knowledge. I've used Norton's online port scanner, and never seen any details for a port 0. I think the "Shields Up" test needs to reprogram their scanner.

 

From GRC.com


Name:
<nil>

Purpose:
Not a valid port number.

Description:
"Port Zero" does not officially exist. It is defined as an invalid port number. But valid Internet packets can be formed and sent "over the wire" to and from "port 0" just as with any other ports.

Related Ports:
-




Background and Additional Information:


The designers of the original Berkeley UNIX "Sockets" interface, upon which much of the technology and practice we use today is based, set aside the specification of "port 0" to be used as a sort of "wild card" port. When programming the Sockets interface, the provision of a zero value is generally taken to mean "let the system choose one for me". Programmers who specify "port 0" know that it is an invalid port. They are asking the operating system to pick and assign whatever non-zero port is available and appropriate for their purpose.
As a result of this programming convention, there has traditionally been no way for Internet Sockets programmers to generate or receive "port 0" Internet traffic. So port zero was set aside and never defined or used. Although times and technology have changed dramatically, port zero has remained something of an unexplored "no mans's land".

However, with the widespread and growing availability of operating systems offering the "Raw Socket" programming interface — which provides the means for deliberately generating port zero packets — the presence and security of "port zero" is of growing importance.

The "Port Authority" revision to GRC's ShieldsUP! services and NanoProbe technology offers the generation of port zero probes to enable users to verify, secure, and stealth their system's handling of these potentially troublesome Internet packets

 

Use another test, Shields up is over rated and is HORRIBLE There are many free port scanners that don't suck that much, I would look for one, port 0 is usually symbolic for IP, it's not a thing to worry about but why any port scanner picks up any ports is, you should be using a firewall/router...

Gibson is stupid and doesn't understand anything about raw sockets, so if you read anything by him that even MENTIONS raw sockets, just don't even listen...

http://grcsucks.com/shieldsup.html
http://grcsucks.com/grcdosreply.htm

 

Links or suggestions?

 

I personally like port scanning myself and running pen-tests on myself but that's a bit advanced for some people so I'd recommend:

http://www.dslreports.com/secureme_go
Good stuff because of the OS choice mostly

 

Thanks for all the input everyone. I did read that bit about port 0 at the site. I had run a few other tests, from other sites, and they reported back that I was "invisible". Including the one from Symantec. I am running a good firewall, and am a stickler about keeping it properly configured. It was just that the test at Shields Up was very detailed. And being an alarmist...................well.....ya know.
Thanks fellow geekers