Author Topic: scan.sygate.com gives me open ports ?!?  (Read 33010 times)

Offline max2

  • Comodo Family Member
  • ***
  • Posts: 87
Re: scan.sygate.com gives me open ports ?!?
« Reply #30 on: October 10, 2006, 11:47:12 PM »
BorderlineCrazy,

I have attached a screenshot of the Activity logs and connections to this posting.  From what I can tell, I don't see that the sygate scan was detected by CPF -- am I reading these logs correctly?  If this is true, what does this mean?

The cable modem I am using is an RCA,  model DCM425

Here's another bit of information that I found bizarre: the sygate scan lists the TCP/IP address that I assume is supposed to be mine.  I ran the cmd prompt and did ipconfig/all and the numbers sygate is showing as my IP address does NOT show up anywhere in the results of my query.  In other words, from what I can tell, Sygate is scanning an IP address that isn't mine.  How would this be possible?

In answer to an earlier question asked by Ewen, according to Lingo tech support I do not have a separate IP addresses for my Lingo router and computer; I only ever have one IP address which he said is ultimately determined by the Lingo router.

I'm hoping I can figure this whole mess out because it seems that this problem will most likely haunt me whatever firewall I choose to use.

Max



[attachment deleted by admin]
Intel Core 2 Quad Q8400, 4gb RAM: Win7 Ultimate (x64) SP1 - CISP v5.12.256249.2599,

Offline Shemp Howard

  • Comodo Loves me
  • ****
  • Posts: 174
Re: scan.sygate.com gives me open ports ?!?
« Reply #31 on: October 11, 2006, 06:16:34 AM »
Hi max, I did a google search on your modem and it appears to be a router also(with the addition of a hub or switch). This would explain why your ip address is different from what sygate says.Basicly your modem has assigned your computer a private ip address and these port scans only scan the ip that is seen on the net(your modem ip). I believe your safe since cpf doesn't show in it's logs.  I use a westell adsl modem/router from my isp and I fail some of these tests. Hope this helps.

Offline max2

  • Comodo Family Member
  • ***
  • Posts: 87
Re: scan.sygate.com gives me open ports ?!?
« Reply #32 on: October 11, 2006, 11:46:05 AM »
Thanks for the reply -- if what you say is true, my system essentially has two routers: one is the Lingo device and the other is my modem?  That notwithstanding, these firewall tests at grc.com and sygate are checking something on my computer.  If I can't verify my security measures in this manner, how would I ever be able to verify them?  Both Sygate and GRC tell me that my telnet is open, that this is very dangerous and should be closed.  SHould I take this seriously? 
Intel Core 2 Quad Q8400, 4gb RAM: Win7 Ultimate (x64) SP1 - CISP v5.12.256249.2599,

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: scan.sygate.com gives me open ports ?!?
« Reply #33 on: October 11, 2006, 05:28:10 PM »
Thanks for the reply -- if what you say is true, my system essentially has two routers: one is the Lingo device and the other is my modem?  That notwithstanding, these firewall tests at grc.com and sygate are checking something on my computer.  If I can't verify my security measures in this manner, how would I ever be able to verify them?  Both Sygate and GRC tell me that my telnet is open, that this is very dangerous and should be closed.  SHould I take this seriously? 

Telnet is often used as a way of connecting to a router. For updating and/or controlling them. It is always recommended that you change the default router system/admin password for this very reason. There is also probably something in your routers controls to shut that telnet port up.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline max2

  • Comodo Family Member
  • ***
  • Posts: 87
Re: scan.sygate.com gives me open ports ?!?
« Reply #34 on: October 11, 2006, 05:34:40 PM »
Kail,

Thanks for jumping in - I will pursue this Telnet issue based on your advice.  But of course the open Telnet is just the tip of core issue that I can't seem to get Comodo to stealth even half of my ports.  I would really appreciate guidance on that.  You can review my previous posts to see the dialogue that has already transpired.

Thanks,
Max
Intel Core 2 Quad Q8400, 4gb RAM: Win7 Ultimate (x64) SP1 - CISP v5.12.256249.2599,

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: scan.sygate.com gives me open ports ?!?
« Reply #35 on: October 11, 2006, 06:21:12 PM »
Kail,

Thanks for jumping in - I will pursue this Telnet issue based on your advice.  But of course the open Telnet is just the tip of core issue that I can't seem to get Comodo to stealth even half of my ports.  I would really appreciate guidance on that.  You can review my previous posts to see the dialogue that has already transpired.

Thanks,
Max

I see. On examining your previous posts, I think it is likely that you are behind a proxy. If you're not aware of this, then it has probably been implemented by your ISP either in an effort to give you additional protection or to filter things.. or both.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline max2

  • Comodo Family Member
  • ***
  • Posts: 87
Re: scan.sygate.com gives me open ports ?!?
« Reply #36 on: October 11, 2006, 07:00:10 PM »
Kail,

I was beginning to lose hope on this and now you've given me a light at the end of the tunnel.

Can you tell me how I can confirm if I am behind a proxy or not?  Must I call my ISP or can I check on my local machine or do both?

If I determine that I am behind a proxy, is this a good thing?  Does it mean that I can rest easy and ignore the poor port scan results that I am getting?  If being behind a proxy is not a good thing, how can I get out from behind it?

Thanks so much for your help,
Max (:CLP)

Intel Core 2 Quad Q8400, 4gb RAM: Win7 Ultimate (x64) SP1 - CISP v5.12.256249.2599,

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: scan.sygate.com gives me open ports ?!?
« Reply #37 on: October 11, 2006, 10:10:41 PM »
Kail,

I was beginning to lose hope on this and now you've given me a light at the end of the tunnel.

Can you tell me how I can confirm if I am behind a proxy or not?  Must I call my ISP or can I check on my local machine or do both?

Well, you have the obvious signs. Sites that are meant to know your IP address, display an IP which you don't think is your IP. Try accessing DNS Stuff, they are notorious for hating, identifying & banning proxies. If you can only reach DNS Stuff via this URL, then you are behind a proxy. The 8080 port assignment on the URL circumvents the proxy. But, it's not supported by every site.

Quote
If I determine that I am behind a proxy, is this a good thing?  Does it mean that I can rest easy and ignore the poor port scan results that I am getting?  If being behind a proxy is not a good thing, how can I get out from behind it?

Good thing? Yes, it makes it very hard for the bad things outside your own subnet from hitting on you. But, you are still vulnerable to attacks from people within your own subnet (ie. on the same side of the proxy as you). In fact, depending on your ISPs set-up you might even get hits from what appear to be internal IP addresses. Get around the proxy? Well 8080 is one way. The other.. this will make you snort.. use another proxy. It's also much easier for you to report attacks to your provider, since the attacker is using the same provider.

But, it does have it's down-side. Your proxy can get a bad name, because a few unscrupulous users abuse the fact they're behind a proxy to mask who they are & perform bad acts (spamming, phishing, hacking, etc..). Case in point, DNS Stuff.. they don't like bots stripping data off their site. People hide behind proxies to avoid getting a direct ban & an official complaint from DNS Stuff to their provider (which they do).

Quote
Thanks so much for your help,
Max (:CLP)

No problem. Glad I could help.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline max2

  • Comodo Family Member
  • ***
  • Posts: 87
Re: scan.sygate.com gives me open ports ?!?
« Reply #38 on: October 12, 2006, 07:51:52 PM »
Kail,

I tried DNSstuff and it let me through - I don't know if this means I am definitely NOT behind a proxy or if means that I just got lucky.  When I go to the firewall test sites I still see an IP address that does not appear when I run ipconfig/all.

Lets say for a moment that I am definitely behind a firewall, when I receive the scan results from sygate or grc, are these the ports of the proxy computer that it scanned?

Sorry to be so ignorant but when you say 8080 is one way to get around the proxy, how do I do that exactly?

My goal is to make sure that I my computer is protected if not by a proxy then at least by a good firewall.  Comodo seems to be it but how can I be sure if I can't put it through a test?
Intel Core 2 Quad Q8400, 4gb RAM: Win7 Ultimate (x64) SP1 - CISP v5.12.256249.2599,

Offline panic

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11825
  • Linux is free only if your time is worthless.;-)
Re: scan.sygate.com gives me open ports ?!?
« Reply #39 on: October 13, 2006, 01:46:36 AM »
Kail,

I tried DNSstuff and it let me through - I don't know if this means I am definitely NOT behind a proxy or if means that I just got lucky.  When I go to the firewall test sites I still see an IP address that does not appear when I run ipconfig/all.

Lets say for a moment that I am definitely behind a firewall, when I receive the scan results from sygate or grc, are these the ports of the proxy computer that it scanned?

Sorry to be so ignorant but when you say 8080 is one way to get around the proxy, how do I do that exactly?

My goal is to make sure that I my computer is protected if not by a proxy then at least by a good firewall.  Comodo seems to be it but how can I be sure if I can't put it through a test?

The port scan results from Shields Up are from the FIRST responding device that Shields Up finds on the return path to your PC. This could be a proxy at your ISP, a router at your ISP, a router on the perimeter of your LAN or your actual PC - whatever responds first is what Shields Up reports.

Hope this helps,
Ewen :-)
As your mums would say, "If you can't play nice with all the other kiddies, go home".
All users are asked to please read and abide by the  Comodo Forum Policy.
If you can't conform, don't use the forum.

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: scan.sygate.com gives me open ports ?!?
« Reply #40 on: October 13, 2006, 01:58:51 AM »
Re: 8080 usage. Check the "this" URL in my previous post to see how to apply the 8080 port number.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline max2

  • Comodo Family Member
  • ***
  • Posts: 87
Re: scan.sygate.com gives me open ports ?!?
« Reply #41 on: October 13, 2006, 02:06:12 AM »
Hello Again Ewen,

Yes it helped.  It confirms that I am behind a proxy and that the scan tests were never reaching me.  What also really helped is when I disconnected my voIP router, plugged my cable modem directly into my computer and ran the grc shields up test and you know what happened?

IT PASSED WITH FLYING COLORS!!!

All ports were stealthed, my system totally locked down.  I passed every test.  I will say it was a pleasure to see it!

So now I have only one more question which I think I know the answer to:  Since I cannot test my firewall protection once I reinstall my router and go back behind the proxy, is it safe to assume that my ports still have the same great protection even though I am behind the proxy at an alternate IP?  My guess would be yes since being behind a proxy should have nothing to do with CPFs ability to stealth my ports and otherwise protect my system.

Am I right?
Intel Core 2 Quad Q8400, 4gb RAM: Win7 Ultimate (x64) SP1 - CISP v5.12.256249.2599,

Offline panic

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11825
  • Linux is free only if your time is worthless.;-)
Re: scan.sygate.com gives me open ports ?!?
« Reply #42 on: October 13, 2006, 07:11:36 AM »
Hello Again Ewen,

Yes it helped.  It confirms that I am behind a proxy and that the scan tests were never reaching me.  What also really helped is when I disconnected my voIP router, plugged my cable modem directly into my computer and ran the grc shields up test and you know what happened?

IT PASSED WITH FLYING COLORS!!!

All ports were stealthed, my system totally locked down.  I passed every test.  I will say it was a pleasure to see it!

So now I have only one more question which I think I know the answer to:  Since I cannot test my firewall protection once I reinstall my router and go back behind the proxy, is it safe to assume that my ports still have the same great protection even though I am behind the proxy at an alternate IP?  My guess would be yes since being behind a proxy should have nothing to do with CPFs ability to stealth my ports and otherwise protect my system.

Am I right?

Right on the money Max! CPF doesn't care if it's behind the clock in Annie's room, let alone behind a router - it will stealth the PC it is running on!

Ewen :-)
As your mums would say, "If you can't play nice with all the other kiddies, go home".
All users are asked to please read and abide by the  Comodo Forum Policy.
If you can't conform, don't use the forum.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek