Ports Test at GRC.com

Learn about Computer Security Leak Testing/Attacks/Vulnerability Research
1

Would the un-stealthed ports shown on on the test at GRC possibly be the server my ISP Alltel wireless is using. The IP changes ever time I connect and re-run the test.

Port Authority Edition — Internet Vulnerability Profile
by Steve Gibson, Gibson Research Corporation.

This textual summary may be printed, or marked and copied
for subsequent pasting into any other application:
GRC Port Authority Report created on UTC: 2010-03-03 at 01:21:41
Results from scan of ports: 0-1055

0 Ports Open
2 Ports Closed

1054 Ports Stealth

1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be CLOSED were: 0, 1

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

2

Are you behind a router? What ports were reported closed?

3

No router, using high speed wireless data card for access. Ports 0 and 1 are shown closed but not stealth. The rest of the ports are stealth. Look at photo of test results on following post.

4

This is a capture of the test from GRC.

[attachment deleted by admin]

5

What is the name and model of your modem, it wouldnt happen to be a motorola modem that has an antenna on it would it?

6

USB Modem is a UTStarcom UM150 and it does have an antenna.

7

If you search around you’ll find that a closed port is no less secure than a stealthed one. GRC and it’s founder, Steve Gibson, have been shown to be spreading unnecessary paranoia for years.

8

I apologize for not reading your original post more carefully, this issues is out of your control, to answer your OP yes the un-stealthed ports is from your ISP connection. Your results would be the same even if you disabled the firewall.

9

Thanks for the info Futuretech! I am with part of the old Alltel wireless here in Georgia that did not sell to Verizon. Several of the customers here are trying to get them to bring the wireless system up to date. Doesn’t seem like that is going to happen and I maybe going to VZW.

10

Not sure.

Even if the fact that ports 0 and 1 appear as closed and not stealthed has no importance whatsoever (stealthing is a grc invention, i am eager to know what strealthed system would be inaccessible to protocols other then those used by grc…), some modem-routers are said to be specially sensible to this behavior (e.g. largely documented for D-Link), where the ISP would have no other responsibility then sometimes having provided the modem-router itself.

11

Stealth (as defined by grc) means there was no response to the request to connect to a port. It is as if there is no system at the IP address at all.

Closed means the system responded that the port isn’t open. This is a positive indication that there is something at the IP address.

Some firewalls (e.g. CIS) detect the “scan” of ports and will stop responding (stealth) after the first few connection attempts.

12

Jim I’m getting the same results no matter what firewall or configuration I run. Comodo is the firewall I normally use. The other firewalls I have tried are OA, Outpost, PC Tools, etc.
All show the same results.

13

I assume your computer is directly connected to the internet (i.e. no router). Is my assumption correct?

14

Yes your assumption is correct, no router, etc. My IP changes every time I connect. This is the reason I think the port scan results are based on a scan of a server at Alltel and not my computer.
Another thing I have noticed is that Alltel Servers allow reverse DNS which in my opinion is not a good thing. It’s like Futuretech stated in an earlier post there is not much I can do about this.