A "Stealth" port is one that completely ignores and simply "drops" any incoming packets without telling the sender whether the port is "Open" or "Closed" for business. When all of your system's ports are stealth (and assuming that your personal firewall security system doesn't make the mistake of "counter-probing" the prober), your system will be completely opaque and invisible to the random scans which continually sweep through the Internet. Even if this machine had previously been scanned and logged by a would-be intruder, a methodical return to this IP address will lead any attacker to believe that your machine is turned off, disconnected, or no longer exists. You couldn't ask for anything better. Your personal firewall or NAT router protected system is acting like a black hole for TCP/IP packets. That's very cool. If your system did NOT show up as Stealth, but you would like it to, you will need to use one of the many free or inexpensive personal firewalls that are now widely available. Of the many firewalls on that list, we recommend (in alphabetical order) firewalls from Agnitum, Kerio, Norton, Sygate, Tiny, and ZoneLabs. I describe the operation of personal firewalls on this page. |
"Closed" is the best you can hope for without a stealth firewall or NAT router in place. At least the port is not "Open" for business and accepting connections from the probes which are continually sweeping the Internet searching for exploitable systems. Anyone scanning past your IP address will detect your PC, but "closed" ports will quickly refuse connection attempts. Since it's much faster for a scanner to re-scan a machine that's known to exist, the presence of your machine might be logged for further scrutiny at a later time for example, when a new operating system vulnerability is discovered and before the potential for exploitation has been repaired. For this reason it is important for you to stay current with updates from your operating system vendor since new potential vulnerabilities are discovered frequently. AS NOTED ABOVE: If your system did NOT show up as Stealth, but you would like it to, you will need to use one of the many free or inexpensive personal firewalls that are now widely available. Of the many firewalls on that list, we recommend (in alphabetical order) firewalls from Agnitum, Kerio, Norton, Sygate, Tiny, and ZoneLabs. I describe the operation of personal firewalls on this page. |
If our tests have shown one or more of your ports to be OPEN!, then Internet packets requesting a connection with your machine are being accepted and connections are being created. If this is NOT what you intend, if you are not deliberately operating Internet servers and offering services to the public, then you should work to determine the source of the open port(s) and take measures to close them.
Why might ports be open? There are a number of sources of open ports:
Windows Default Configuration Since even Microsoft's own built-in Internet Connection Firewall (ICF) leaves ports open that might be vulnerable to external attack, the only safe practice is to place and Windows systems behind a NAT router, and/or to run personal firewall software on every Windows machine. By doing so it is possible to attain a 100% "TruStealth" rating and for your computer or network to be completely invisible while it is operating on the Internet.
Poorly Secured NAT Routers
Deliberate Operation of Internet Servers For specific information about individual ports, you may access our ports database by clicking on the port numbers appearing in our various online tests.
|
Gibson Research Corporation is owned and operated by Steve Gibson. The contents of this page are Copyright (c) 2024 Gibson Research Corporation. SpinRite, ShieldsUP, NanoProbe, and any other indicated trademarks are registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy. |
Last Edit: Aug 07, 2006 at 20:42 (6,663.39 days ago) | Viewed 17 times per day |