Re: Best free firewall software

From: zzy <anon@xxxxxxxxxxx>
Date: Fri, 26 May 2006 17:06:10 -0700

Sebastian Gottschalk wrote:

zzy wrote:
Al Dykes wrote:
. . .
There are a bunch of internet port scanner services that can test you
from the outside. They'll tell you if you have any ports open.
Can you recommend a couple? I mentioned grc.com a couple of days ago and
got only a long list of diatribes against the site and its author, but
no suggestions for alternates.

I know, Usenet is asynchronous, but in
<news:4docbcF1aj3joU1@xxxxxxxxxxxxxx> I already suggested Nmap on
linux-sec.net

Thanks! I've downloaded, installed, and tried it. But I see that it'll take much more than the hour or so I spent before I'm able to make any use of it. There seems to be a large amount of information about how to set the many options, but almost nothing about how to interpret the results. Here's what it reported for both my main computer and laptop, each of which has a software firewall, but different kinds (with switches -A -sT -P0):

-----------

Starting Nmap 4.03 ( http://www.insecure.org/nmap ) at 2006-05-26 16:01 Pacific Daylight Time
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Interesting ports on 192.168.1.102:
(The 1672 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
4444/tcp open tcpwrapped
5190/tcp open tcpwrapped
MAC Address: [shown] (Askey Computer)
Too many fingerprints match this host to give specific OS details

Nmap finished: 1 IP address (1 host up) scanned in 102.813 seconds

------------

Looks like I have a problem in that two ports are open. (A google search on "tcpwrapped" didn't bring up anything which explained its meaning and significance in this context, so I don't know whether it's a Good Thing or Bad Thing.) So far I haven't been able to get the firewalls to close them, but I'll work on it. Is this just more proof that the personal firewall is indeed useless as you've said?

If GRC is unable to tell me I'm secure from port scans,

There is no way to be secure from port scans, as port scans do not
reduce security. Or is your house less safe if I knock against the door?

Or is there some other advantage to IPCop?

Eh... it works? It's not broken? It's way more flexible? netfilter has
lots of layer 7 NAT helper modules?

Hm, I was under the impression that my router works and isn't broken. So how would working and not being broken be an advantage?

Flexibility can surely be an advantage, but only to those who are knowledgeable enough to take advantage of it, and in circumstances which require it. Otherwise, especially if it doesn't default to some reasonable settings, it can be a distinct disadvantage. Would manual adjustments for RPM, torque, acceleration, and speed for each gearshift point; spark timing adjustment; valve timing adjustment; gas mixture adjustment; and so forth be an advantage to the average driver? If all cars came out of the factory with all adjustments set to one extreme, it would definitely be a disadvantage.

Sorry, but I'm too ignorant to appreciate the benefits of having lots of layer 7 NAT helper modules. Apparently this is something my router doesn't have and something that enhances security. Is it important for us "Joe Average" users, or just for the folks who need exceptional security? Do I need lots of layer 7 NAT helper modules?

I'm willing to learn about some of these issues, but only to the extent that they'll be useful to me. I've already got other hobbies and have plenty of other things to do.
.

Follow-Ups:
- Re: Best free firewall software
  - From: Volker Birk
- Re: Best free firewall software
  - From: Sebastian Gottschalk

References:
- Best free firewall software
  - From: Stewart
- Re: Best free firewall software
  - From: Sebastian Gottschalk
- Re: Best free firewall software
  - From: Al Dykes
- Re: Best free firewall software
  - From: zzy
- Re: Best free firewall software
  - From: Sebastian Gottschalk

Prev by Date: Re: Best free firewall software
Next by Date: Re: The Coalition against Personal Firewalls
Previous by thread: Re: Best free firewall software
Next by thread: Re: Best free firewall software
Index(es):
- Date
- Thread

Relevant Pages

Re: Port scan
... the response should be: threads - just start more threads that ... great number of ports at the same time)... ... >make a simple port scanner using Fpiette components, ...
(alt.comp.lang.borland-delphi)
Re: Port scanner
... > I made a port scanner that checks for open ports ... > does it need ports added or a better discription please let me know ... scanning results (plus an animation or something to show it is scanning, ...
(alt.computer.security)
Re: Shields Up!!
... Basically, if you are not running servers, no ports need to be open. ... >>It is just a port scanner. ... >>Mark Dormer ...
(microsoft.public.windowsxp.security_admin)
Port scanner
... I made a port scanner that checks for open ports ... scanner url: http://chucky.ath.cx/projects/portscanner/scanning.php ...
(alt.computer.security)