Failing GRC Tests, Please Help.

These are my results from grc.com which was an “All Service Ports scan”

GRC Port Authority Report created on UTC: 2007-08-30 at 04:03:56

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed

1056 Ports Stealth

1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

This one is from the “Common Ports” scan.

GRC Port Authority Report created on UTC: 2007-08-30 at 04:08:38

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed

26 Ports Stealth

26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

Why is my ping replying?

How can I configure the firewall to correct this.

Do you connect to the internet through a router?

If so, the response you’re seeing is coming from the router, not from your PC (unless you have forwarded all 1056 ports). This can be verified by comparing the IP address SghieldsUp says it’s testing against the IP address currently assigned to your PC’s network card.

Cheers,
Ewen :-0

I guess you I can say that I am connected to a router. I’m connected to a Westell 6100 DSL modem which [b]IS[b] a router also.ShieldsUp is scaning my WAN IP Address which is 74.XXX.XXX.XXX. My PC’s IP Address is 192.XXX.X.XX. I’ve tried PCFlank also and they too scan my WAN IP Address. Why is it scanning my WAN IP Address and not my IP Address like it should be. What can I do to correct this. Am I protected or what?

The only way you can get ShieldsUp to directly test your PC’s firewall is to forward all ports of the Westell router to the IP address of your PC. Until you forward the ports, the router is the first “respond-capable” device on the return path from www.grc.com and, as such, it will respond. Once the ports are forwarded, the router will pass the incoming request to the IP address fo your PC, where your firewall will respond by either replying or dropping the request.

Are you protected? Rest easy, your pretty well covered.

Ewen :slight_smile:

Ok so how do I forward my ports. And also is it necessary? One more thing, when I try to do a port scan though PCFlank it lists my IP Address and asks if it is my TRUE IP Address or not. Example:

[b]"IP Address test

The test has determined your IP address to be:
74.XXX.XXX.XXX

Please verify that this is your true IP address.

If the IP address determined by the test is not your true IP address please cancel the test as further results of the test would be incorrect. Commonly the test fails to determine your true IP address because of you are connected to the Internet through a proxy-server or your ISP uses Network Address Translation (NAT) to share IP addresses.

If this is your true IP address click on “Continue” to determine the settings of the test. "[/b]

This is my WAN IP Address as I said before so I’m guessing this is not my TRUE IP Address.

I’m so confused. (:AGY)

Hey Jack,

It’s OK to be confused - we all started there! :wink:

If you have a look at

http://www.portforward.com/english/routers/port_forwarding/Westell/Westell6100/default.htm

it clearly lays out how to forward ports on the Westell6100 modem/router.

A word of advice on the PCFlank test - if you download it, physically disconnect your PC from the router (so you CANNOT access the internet) and then run the test, surprisingly, it will still report that your details have leaked. Since there is no connection to the internet, it simply cannot leak. There are serious problems with this leaktest.

Chdeers,
Ewen :slight_smile:

I’m not using their leak test I’m using their stealth, trojan, advanced port scanner and exploit test. However I can’t do this because I don’t know if 74.XXX.XXX.XXX is my true IP Address or not. I’m pretty sure it’s not since comodo says otherwise. Also what does port forwarding actually do?

G’day Jack,

74.X.X.X will be the IP address of your router and it is used to transfer data from you to your ISP and vice versa.

Your PC will have an address like 192.168.X.X, or 172.16.X.X or 10.X.X.X, as these are private non-routable addresses.

In laymans terms, your router “sort of” has two network cards - one facing inwards to your LAN/PC and the other facing outwards towards your ISP. The inwards facing one will have a private address that is similar (on the same subnet) as the IP address of your PC.

What is port forwarding?

Assume the following;
Your PC has an address of 192.168.1.1
Your router has an external IP address of 72.1.1.1
Port 21 is used for FTP inbound requests

As you are set up at the moment, if someone on the internet probes port 21 on your public IP (your router) the firewall on the router responds according to it’s rule set. The firewall on the PC doesn’t even know anything is happening as the traffic is interacting with the router.

If, on the router, we forward port 21 from 72.1.1.1 to 192.168.1.1, then any subsequent probes on port 21 received on 72.1.1.1 (the router) are forwarded transparently to 192.168.1.1 (your PC). Now, the firewall on the PC will have to deal with the incoming traffic, as the router is forwarding traffic on the designated port to the designated internal address.

To get ShieldsUp to test your PCs firewall (as opposed to your routers firewall), you will need to port forward ALL ports from 0 to 1056 (the port range tested by ShieldsUp).

Ok so bottom line with or without port forwarding is my PC’s IP Address being protected or not.

I’ve had this same issue but belive me it’s being protected :slight_smile: took me awhile to find out for sure but i’m sure you are protected so. No need to worry :slight_smile: (V)

You’re protected! CFP stealths all ports on the PC it’s running on by default.

Ewen :slight_smile: