Security testing

I ran various tests on my firewall and tests showed 4 ports open but the thing that concerned me the most was that the firewall, BitDefender, failed the leak test.

I went to another site to test and it asked if the IP address they had was correct. It was the same IP address as was shown on the first site. I decided to check that out and discovered that the IP address is not correct.

Does this mean, then, that the failed leak test is meaningless since that wasn't the right IP address they had?

Might be a real dumb question but when it comes to technical issues on computers I'm kinda dumb.

 

the ip they had was probably your public ip. how did you find out it wasnt correct?

 

I went to Network and Sharing, then clicked on View Status to the right of Connection, then clicked on Details to find it.

So my question still remains. If they have the public IP, as you say, then were the leak test results legitimate?

 

if you found that the public ip they had was correct, then yes. i would assume that the test was legit. given of course that the website you were on is legit...

 

I googled it and the public IP was correct. I went to the site pcflank and ran a bunch of their tests.

I did not pass the browser test due to cookie handling. It did not pass the port test showing 21, 23 and 80 open. It passed the stealth and exploit tests. Is there a way within a firewall program that you can make these 3 ports stealth, invisible?

I tried changing the cookie handling but got sick of having to click on pop ups 20 times every time I went to a site to allow or block cookies so basically put it back the way it was.

If you have advice to offer I'd like to hear it.

Thanks

 

well port 21 is for FTP, 23 is for Telnet, and 80 is your web browser. you can block 21 and 23 if you want to, but leave 80 open or youll have problems. having these ports open doesnt necessarily make you a target. if youre smart about what you do on the internet and use your standard pc cleaning procedures youre fine. People actually hacking you i dont believe is really as common as getting malware from various sources online which can easily be avoided by using said safety and cleaning.

 

Thanks! Your input makes me feel better about this.

There is one thing I forgot to mention in the last post; pcflank has a new leak test. When I tried to take that one BitDefender said there was a virus in the file so I didn't go ahead with it. Is this just something firewalls do to keep you from knowing they have leaks?

As I mentioned, it had already flunked 2 other leak tests, but didn't attempt to try and keep me from taking them.

 

Bottom line is this. A leak technique can only work as good as the users bad judgment. Meaning if you're downloading everything, running every program and script you can find on the internet, downloading every free song/video/porno you can find on shady "free download" sites, you will get some malware. its the malware, trojans specifically, that take advantage of the leaks on firewalls. a firewall leak is simply an exploit used by these trojans. http://www.personalfirewall.comodo.com/leaktest.html that is just one of many sites you can read a little bit about what a firewall leak actually is.

my suggestion is to not worry yourself about your firewall leaks. most of the software firewalls out there dont pass every leak test. comodo personal firewall pro apparently has 100% leak test success as stated in the link. as i said, safe surfing, good judgment, and routine cleaning of your pc will help you stay protected. and if for some reason you do get some malware, the guys in the malware section of this forum are extremely helpful and will guide you through getting rid of it.

 

Thanks for all the info. I feel pretty safe now.

 

I am not sure how valid the site is.
I ran the tests and my firewall failed as well (i know it's OK) plus they got the wrong IP,so i would rest easy

 

They didn't get the wrong ip, they had the public ip, not the interal network ip, which due to useing a router, will never show as a public ip for anyone using a home router anyhow. The internal ip is assigned by the router, public ip by the isp.

 

Hi C Man where ya bin hidin
I see what you are saying but i am on LAN and the IP was not from my isp.

my system has the phones/TV/PCs all interactive on one net.

I can phone from the PC or read my E-Mails on the TV

 

Eah, been hiding around and busy with work. But it doesn't matter, any thing from any device on your lan has an internal ip, used to address the other devices inside your lan, will be usually addressed by an ip likw 192.168.x.x, an internal ip. Any time a device connects out to the web, it gets one ip, your wan or isp ip address. Any leak test will show your external ip, where as ipconfig or network connections on a pc or device will all show an internal ip. For more info if you google, nat = network address translation should give you more info on how this works.

 

Ok thanks for the advice, i understand a little better now.

 

no worries, sometimes its hard for me to explain myself and thoughts to the average user.