what should i do to pass ping reply test on CFP 3.0.18.309 [RESOLVED]

[Guest]

[Matty_R]

When you did the test was it the one with the green boxes,if so which ports dont come up as stealth(ie not green but blue or red)

Matty

[ganda]

When you did the test was it the one with the green boxes,if so which ports dont come up as stealth(ie not green but blue or red)

Matty

right after i updated CFP.
all ports are stealh, i passed that test, but i failed the "ping reply" test. 

Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .



Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)



Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

[Vettetech]

My ping is blocked by my modem firewall.

[ganda]

My ping is blocked by my modem firewall.

but my modem has nothing to do with firewall, it's just a portable wireless modem
and, wait a sec....... AAARRGGHHH  now i have port 80 & 443 open 
what did i do wrong?
i used stealth port wizard yesterday==> block all incoming connection, but then i can't connect to my office LAN, so i added 3 new rules (rules no 3,4,5). is it wrong?

great, now failed ping reply test & port scanner test. 
oh, and this only happen when i use wireless modem, i pass the test using phone line connection


edit:
hmm, now i pass the ping reply test but failed the port scanner test. ( i think i messed with my global rules), suggestion anyone? 

Solicited TCP Packets: RECEIVED (FAILED) — As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection. It is generally possible to increase your system's security by hiding it from the probes of potentially hostile hackers. Please see the details presented by the specific port links below, as well as the various resources on this site, and in our extremely helpful and active user community.

Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)

Ping Echo: PASSED — Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests) from our server.

p.s i attached the wrong screenshot, this is my global rules

[Matty_R]

Hi Ganda,are you trying this test from your office(on a LAN) and when on your wireless modem?
If so you will get differant results as when doing at your office it test the office router(192.168.0.*)
When you do it from the Modem you are testing the PC direct.
Do you need to share files when in the office.What do you have in "My Network Zones"

Cheers Matty

[ganda]

Hi Ganda,are you trying this test from your office(on a LAN) and when on your wireless modem?
If so you will get differant results as when doing at your office it test the office router(192.168.0.*)
When you do it from the Modem you are testing the PC direct.
Do you need to share files when in the office.What do you have in "My Network Zones"

Cheers Matty

i just did the test again (i connect to internet only, using this modem). still got port 80 & 443 open.
yes, there's a software on my server and i need access to it from my laptop.
let's see... i have
*loopback zone

*Intel(R) PRO/100 VE Network coonection-packet scheduler miniport (i think this is the LAN)

*WAN (PPP/SLIP) interface

do i need to post the IP here?

[Matty_R]

Take a look at the FAQ section at GRC this tells about Ports 80 + 443 being open on servers.

Do not post your IP here.

Matty

[ganda]

Take a look at the FAQ section at GRC this tells about Ports 80 + 443 being open on servers.

Do not post your IP here.

Matty

A. Something to try: Open your web browser and browse to "http://127.0.0.1/" or "http://localhost/".

Q. What's that gonna do?
A. Those are synonyms for "this machine." Hopefully whatever's serving up web pages will serve one up to your browser and help you figure out what's going on.

Q. Nope, nothing but an error message.

A. Okay. Are you using the Linksys router that Steve and others speak so highly of?

Q. Why yes. Yes I am.
A. As you probably already know, the router is configured via a web interface from one of your local network computers. Apparently, models with older firmware revisions would also keep Port 80 open to the outside, as well as to machines on your LAN.

Q. Egads! What can I do about that?
A. Try upgrading your firmware. Go to http://www.linksys.com/support/solution/BEFSR.HTM#firmware. That should fix you.

Q. Okay, I'm not using the Linksys box, and none of your other suggestions have closed my Port 80.
A. You might want to ask this one in the newsgroup. There's too many possibilities to cover in this FAQ.

  didn't solve the problem.
i don't use any router except this "wireless modem", and the manufacturer said that they (only) sell a wireless  modem, so you can connect to internet wherever you are, so basically they're not responsible for this issue.

Hi Ganda,are you trying this test from your office(on a LAN) and when on your wireless modem?
If so you will get differant results as when doing at your office it test the office router(192.168.0.*)
When you do it from the Modem you are testing the PC direct.

oh the IP address tested on shield up was 222.124.198.***, not the LAN IP address

  maybe all i can do to secure this kind of connection is by configuring the "modem" and the modem maker don't know anything about it

[Blas]

Hi Ganda,

I'm pretty sure that its your modem. Btw if you want to log into your modem, don't type your external IP to the address bar of your browser (such as 222.124.198.***) instead try to type your internal LAN gateway address which should be something like 192.168.0.*.
To determine the correct IP you should try to connect, right-click on your connection icon in the taskbar, select something like "state" or "details" (my windows is not in English so Im just guessing, btw its usually the second option from the top) and on the window which pops up click on the "support" tab. There you should see something like "default gateway" with a corresponding IP address. Thats the one which is needed to be typed into the address bar of your browser.
But I have a feeling that your modem has no web interface, so in that case please discard the above written.

Be also sure that when you run the shields-up test or similar, no other network-enabled apps are running than your browser.

[Soyabeaner]

yes, there's a software on my server and i need access to it from my laptop.

You have your own server now in addition to that cigar? .  How can a big "man" not know what a router is?  I also agree with Blas.  Probably a modem router combo because I don't know (not that I know much, but anyway...) of a regular modem that contains wireless capabilities.  Also, would you magnify that picture? I can't read what the brand/modem number is It's a Venus VT-12 (desperate for the ladies now that you betrayed your own Mars planet? ).

Also thank you for posting your username and encrypted password for the world to see.  No wonder you have to use so many security programs.


Edit: I think I know what's going on; it could be a mix of lacking the additional global rule to block ICMP and bad timing when you switched between your modem and your laptop modem or whatever you called it.  Tell us what's your Application Rules and Global Rules and your present hardware setup. 

Also, googled returned some bizarre results on that modem because it looks like an electric shaver.
http://indonetwork.co.id/rajamodem/551645/venus-vt-12-usbcdma-freq-800mhzruim.htm:

[ganda]

Hi Ganda,

I'm pretty sure that its your modem. Btw if you want to log into your modem, don't type your external IP to the address bar of your browser (such as 222.124.198.***) instead try to type your internal LAN gateway address which should be something like 192.168.0.*.
To determine the correct IP you should try to connect, right-click on your connection icon in the taskbar, select something like "state" or "details" (my windows is not in English so Im just guessing, btw its usually the second option from the top) and on the window which pops up click on the "support" tab. There you should see something like "default gateway" with a corresponding IP address. Thats the one which is needed to be typed into the address bar of your browser.
But I have a feeling that your modem has no web interface, so in that case please discard the above written.

Be also sure that when you run the shields-up test or similar, no other network-enabled apps are running than your browser.

hi Blas  you mean this ip address? (attached), it's not working.

You have your own server now in addition to that cigar? .  How can a big "man" not know what a router is?  I also agree with Blas.  Probably a modem router combo because I don't know (not that I know much, but anyway...) of a regular modem that contains wireless capabilities.  Also, would you magnify that picture? I can't read what the brand/modem number is It's a Venus VT-12 (desperate for the ladies now that you betrayed your own Mars planet? ).

Also thank you for posting your username and encrypted password for the world to see.  No wonder you have to use so many security programs.


Edit: I think I know what's going on; it could be a mix of lacking the additional global rule to block ICMP and bad timing when you switched between your modem and your laptop modem or whatever you called it.  Tell us what's your Application Rules and Global Rules and your present hardware setup. 

Also, googled returned some bizarre results on that modem because it looks like an electric shaver.
http://indonetwork.co.id/rajamodem/551645/venus-vt-12-usbcdma-freq-800mhzruim.htm:

huh where did i post the password ? 

err, i think i use a wrong term server is a comp (XP SP2)
nothing special, and i connect my laptop to it.i'm gonna post the rules

[Soyabeaner]

I hope it's not as dangerous as I think it is, but we all may have missed out on your first blocking global rule:

Block & Log Ip In From IP Not In [192.168.0.1 - 192.168.0.9] To IP In [192.168.0.1-19...] --> What's the rest of it?

Add another Global Rule to block all incoming on the ICMP protocol from Any to Any. Place it above the other block rules so that it's at the top (for testing purpose).  Clear your browser cache and restart the test.

huh where did i post the password ? 

A pic in the previous page.  I would remove it even though it's encrypted.

[ganda]

I hope it's not as dangerous as I think it is, but we all may have missed out on your first blocking global rule:

Block & Log Ip In From IP Not In [192.168.0.1 - 192.168.0.9] To IP In [192.168.0.1-19...] --> What's the rest of it?

Add another Global Rule to block all incoming on the ICMP protocol from Any to Any. Place it above the other block rules so that it's at the top as a test.  Clear your browser cache and restart the test.

oh, it's "9", but i changed the rule to this. (192.168.0.255), CFP blocked the application from my server when i was using that rule

here's my current global rules :
i change it to 192.168.0.255

edit :
done! made an extra rule. i'll try the test once more 

[ganda]

still failed  i've tried to put that ICMP block rule at the top,clear browser cache, but still failed.

err, what's the worst that could happen if you know that username & password?    everybody here use the same username & password. it's default password given by the ISP and we can't change it

[Soyabeaner]

still failed  i've tried to put that ICMP block rule at the top,clear browser cache, but still failed.

It's
A) A corrupt/imperfect CFP installation (rare in this sense)
-or-
B) A misconfigured modem router

Does upgrading a CFP version change a router's config?  This also seems rather unlikely...

err, what's the worst that could happen if you know that username & password?    everybody here use the same username & password. it's default password given by the ISP and we can't change it

Your ISP must really hate you.  A default password that you can't even request them to change to your liking?

[Tags:]