HAWKI

Firewall Stealth Question

Recommended Posts

Hi :-)

 

(I'm sorry, I believe I may have asked this question before, but if I did I forgot the answer and can not locate the thread if I did.)

 

 

I am on a "private" network. I have one PC in my home and I am not on any "Home Network" or any other network that I know of..

 

EMIS 9 only steaths about 7 of my Ports. All the others are just blocked. I umderstand that as long as Ports are blocked whether or not they are also stealthed, for practical purposes it does not make a big difference. Many solid firewals do not stealth.

 

My question is: Should EMIS 9 be making my Ports stealthed or is EMIS 9 working as intended?

Share this post


Link to post
Share on other sites

Hi Christian :-)

 

Thank you for the typical rapid response from Emisoft Support. You guys are the BEST! :-)

 

I do not use a router. My PC is directly connected to my cable modem with a cable.

Share this post


Link to post
Share on other sites

Hi Christian

 

What do you my by "press Return?"

 

I tried it twice. One time I clicked OK on the Run Screen and the second time I hit the "Enter" key. Both times I saw a dos type screen appear but it closed instantly.

 

I see nothing in any "Log" files.

Share this post


Link to post
Share on other sites

My Firewall Stealth issue is not resolved-all but a handfull of Ports are blocked, not stealthed. But I do not find this issue to be troubling. Should I be?

Share this post


Link to post
Share on other sites

Hello,

 

can you please send me the output from the ipconfig /all command via PM (Personal Message)?

 

Hi Christian :-) Thanks for your follow up, Frankly I got very busy rl and could not find the time to complete the info you asked for . Not sure it makes much diference if a port is blocked or staelthed, though I prefer stealthed.

 

I have temporarily switched to another suite. I may have copies of what you originally asked for. I had been going through them to assure that no personal ID info was in them.

 

lol - I once posted a a link to bitdefender for a deal offerring a free 9 month license. I did not realize it, but the by the link I posted,which I posted on Wilders, made it possible to easily ID my personal email LOL so been very careful since then.

 

If you need it to improve EMIS 10, I'll try to get it to you.

 

Though I do have as much higher  degree of confidence in EMIS 9, than the suites I have been using that give me full stealth, they are OK till I get more time or at least till my OS is borked by a major infection, all my personal data is stolen, and I need to get a loan for $500 USD to buy Bitcoins to uncrypt my files :-)

Share this post


Link to post
Share on other sites

I am not sure I understand.

 

I remember testing when I first started with EIS, and I just tested again with Build 5129  Full stealth test at GRC.com

 

There is no router involved.  The connection is to a Verizon Broadband connection, so it doesn't go thru the router.

 

Pete

Share this post


Link to post
Share on other sites

If I remember your other topic correctly, and I don't always, wasn't it mentioned that if you change your network to public that your ports would be stealthed?

Share this post


Link to post
Share on other sites

Several weeks ago, I got this result using EIS 9 Firewall at "Public" network trust level with a wired cable modem Internet connection to GRC's Shields Up site...

 

----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2015-03-18 at 02:41:52

Results from scan of ports: 0-1055

    1 Ports Open
 1034 Ports Closed
   21 Ports Stealth
---------------------
 1056 Ports Tested

The port found to be OPEN was: 80

Ports found to be STEALTH were: 9, 13, 17, 19, 113, 135, 136,
                                137, 138, 139, 389, 445, 593,
                                1002, 1024, 1025, 1026, 1027,
                                1028, 1029, 1030

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.
----------------------------------------------------------------------

 

Now, with EIS 10 Beta Firewall at "Public" network trust level with a wired cable modem Internet connection to GRC's Shields Up site, I get this result...

 

----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2015-04-13 at 22:22:15

Results from scan of ports: 0-1055

    0 Ports Open
    0 Ports Closed
 1056 Ports Stealth
---------------------
 1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.
----------------------------------------------------------------------

 

Additionally, PC Flank's test yields fully stealthed with EIS 10 Beta Firewall set at Public network trust level...

 

post-35543-0-11244500-1428965236_thumb.jpg
Download Image

 

Once again, "Thank You" to the Development Team for this EIS 10 Beta Firewall improvement.

Share this post


Link to post
Share on other sites

Hi :-)

 

Sorry I got behind on this thread. Got some serious rare infection and was in the hospital for almost 3-weeks and felt like cr&& for a couple more

 

Currently using a well known and popular security suite I have as much confidence in as using a paper towel umbrella.

 

Right now the network on my PC is "private."

 

Do I have to create a public network in Winows or just change the setting on EMIS 9 to public Network to be stealthed. I know nothing about networks.

Share this post


Link to post
Share on other sites

Hi Hawki

 

On my main desktops I'am behind a router and my networks are set to private.  On my laptop when I connect to my Verizon Broadband, the network is a Public Network.  Hope that helps.

 

Pete

 

PS.  When I go to GRC with the Broadband setup, I am completely stealthed.

Share this post


Link to post
Share on other sites

I'm wondering if any of the recent EIS 10.0.0.5165 Beta updates that required restarts might have involved changes to the Firewall component?

 

Just noticed that my laptop is back to showing only partially stealthed ports when using GRC's Shields Up port scan site...

 

----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2015-04-20 at 03:36:41

Results from scan of ports: 0-1055

    6 Ports Open
 1043 Ports Closed
    7 Ports Stealth
---------------------
 1056 Ports Tested

Ports found to be OPEN were: 80, 1025, 1026, 1027, 1028, 1029

Ports found to be STEALTH were: 135, 136, 137, 138, 139, 445,
                                593

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - A PING REPLY (ICMP Echo) WAS RECEIVED.
----------------------------------------------------------------------

Share this post


Link to post
Share on other sites

I was able to determine that my previously observed all-stealthed-ports condition was the result of Windows Firewall being turned on, even while the Windows Vista Security Center reported that the EIS Firewall is "on" and Windows Firewall is "off".

 

post-35543-0-17187400-1429538804_thumb.jpg
Download Image

 

Turning off Windows Firewall using its Settings window yields the limited stealthed ports shown in the below Shields Up report.

 

I withdraw my previously stated confidence in the Firewall component of EIS 10.0.0.5165 Beta -- I'm not feeling good about it anymore.

 

----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2015-04-20 at 14:02:16

Results from scan of ports: 0-1055

    6 Ports Open
 1043 Ports Closed
    7 Ports Stealth
---------------------
 1056 Ports Tested

Ports found to be OPEN were: 80, 1025, 1026, 1027, 1028, 1031

Ports found to be STEALTH were: 135, 136, 137, 138, 139, 445, 593

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - A PING REPLY (ICMP Echo) WAS RECEIVED.

----------------------------------------------------------------------

Share this post


Link to post
Share on other sites

Thanks for the update. We are currently unsure if we want to provide "Stealth" or not. Bottom line is, it only tells a potential attacker that you are running a firewall. It doesn't hide you at all. If your system were truly unreachable, the last router would send a proper message back to the sender. So no message at all, neither "port is closed" nor "host is unreachable" automatically means the system is there but running a firewall.

Share this post


Link to post
Share on other sites

Fabian: Thanks for your explanation of stealth, which is further amplified here.

 

I remain a satisfied Emsisoft customer after migrating back to using EAM with a stealth standalone firewall that provides traffic logging and connection blocking notifications.

 

I prefer seeing which ingoing & outgoing connection attempts are blocked.

 

Good luck!

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.