Page 1 of 2 12 LastLast
Results 1 to 15 of 16

Thread: How To Have The Best Of Both Worlds

  1. #1
    Junior Member
    Join Date
    Aug 2004
    Posts
    37

    How To Have The Best Of Both Worlds

    Hi,

    I am at a lost itrying to use Kapersky AV with any of the Firewall >> Sygatae Pro V5.6 2808, Mcafee Personal Firewall Plus V6.004, Outpost , Zone Alarm, Tiny , Kerio, Black Ice, Armor2Net,....... ( Windows XP, SP2 )

    All the Firewalls shows result of "Stealth" , with the Independent testing Facilicity like : Grc.com, sygate Security Testing, Hackerwatch , PCflank ...

    But one place AuditMYPC .com with the FirewallTest2 , that scans Network starting from Ports 2 - 65,535 , Ports 1125, 1100 are always "OPEN" when using Kapersky AV.
    The moment I Disable Kapersky, my Firewall achieves a perfect "Stealth".

    I really don't know how to configure the Firewalls mention to accomodate using Kapersky AV to work with any of the firewalls to achieve a perfect "Stealth " ???
    I am kind of "Sold " on Kapersky AV.
    Please help.......

  2. #2
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    If you are behind a router the test is not accurate - you need to bypass router (DMZ) or disconnect it to get a true reading. Here is a guide: http://www.outpostfirewall.com/forum...ead.php?t=9992


    To scan your PC (and Outpost) you will need to either:

    * Reconfigure your router (temporarily!) to pass all incoming packets to your computer - this may be refered to as creating a DMZ, DeMilitarized Zone, or Port Forwarding (for all ports) or;
    * Disconnect from your router and use a dial-up connection for the duration of the test only.

  3. #3
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    Quote Originally Posted by lynchknot
    If you are behind a router the test is not accurate - you need to bypass router (DMZ) or disconnect it to get a true reading. Here is a guide: http://www.outpostfirewall.com/forum...ead.php?t=9992
    I think that for GRC, having a router is an issue but I tried his test site AuditMYPC.com and I came up full stealth and I'm behind a router.

  4. #4
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    From what I gather, it is reading your router instead of software firewall settings. As they say, the internet sees you router, not your computer. If you want to test your software firewall you must bypass router or allow full access by DMZ.
    Last edited by lynchknot; November 1st, 2004 at 02:31 AM.

  5. #5
    all bets are off... TZ Veteran SupaStar's Avatar
    Join Date
    Jul 2002
    Location
    Australia
    Posts
    1,680
    Quote Originally Posted by lynchknot
    From what I gather, it is reading your router instead of software firewall settings. As they say, the internet sees you router, not your computer. If you want to test your software firewall you must bypass router or allow full access by DMZ.
    From what I understand, this is true.

  6. #6
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    Quote Originally Posted by lynchknot
    From what I gather, it is reading your router instead of software firewall settings. As they say, the internet sees you router, not your computer. If you want to test your software firewall you must bypass router or allow full access by DMZ.
    Yes this is true as pointed out by Supa, however, sometimes I wonder, if you are going to be using the computer behind a router all the time, why do a DMZ or direct connection - as you want to test the strength and stealth of the router

    --- 0wN3D by 3gG ---

  7. #7
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    Well, sure but don't you want to test the outgoing settings of your software firewall as well? - the only way is to allow scanners to see your computer not your router. They say a router is for filtering incoming - a soft-firewall is to control/filter outgoing.

  8. #8
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    Quote Originally Posted by lynchknot
    Well, sure but don't you want to test the outgoing settings of your software firewall as well? - the only way is to allow scanners to see your computer not your router. They say a router is for filtering incoming - a soft-firewall is to control/filter outgoing.
    Yeah, the outgoing check is a good point Lynch. Probably most 'cheap' routers have UPnP or something similar to allow all outgoing connections through the router bad, but very user-friendly However, the big name and more expensive routers, also filter outgoing connections and require rules/port forwarding...

    However, as you've rightly pointed out, software firewall is probably better for detecting and blocking outgoing connection, and hence would want GRC.com to scan your PC for those holes

    --- 0wN3D by 3gG ---

  9. #9
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    I have el cheapo D-link 614

  10. #10
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    Im sure it works good Lynchie, better than ICS

    --- 0wN3D by 3gG ---

  11. #11
    all bets are off... TZ Veteran SupaStar's Avatar
    Join Date
    Jul 2002
    Location
    Australia
    Posts
    1,680
    Quote Originally Posted by lynchknot
    I have el cheapo D-link 614
    Mine's just a 504 but it seems to do the job. I am serious when I tell you that I once ran a fresh pre-SP1 XP install without patches and antivirus for a number of weeks without any problems. Installed AV and patches a few weeks later a full scan showed that I had no virii!

    Is router, is good.

  12. #12
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    NAT should protect you from a lot of virus since all incoming

    Just one note, do not get/use a D-LINK dsl-200 USB ADSL modem!! They arent the best buy, even if you get them for free dont use it.... it seems it draws too much power from the USB bus, so you cant use any other device on the same USB root you get BSOD in windows SP1 and SP2...

    In saying this, I think a decent buget could be spent on a good router perhaps with SPI and ipsec filtering... good security!

    --- 0wN3D by 3gG ---

  13. #13
    Junior Member Content's Avatar
    Join Date
    Oct 2004
    Posts
    27
    I have the following things...

    Sygate Firewall 5.5
    Norton Antivirus Professional 2005
    Tune Up Utilities 2004
    Spybot Search & Destroy
    Spyware doctor 2.1
    Peerguardian 1.99
    Crap Cleaner

    If you were to add a second antivirus or change/add anything
    to this list what you you do/recommend that would be helpful?

  14. #14
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,546
    I have the d-link 604 and i get the message "ident port is closed and not stealth" at grc.com.

    I am living with that fact.




    off topic

    Quote Originally Posted by Content
    I have the following things...

    Sygate Firewall 5.5
    Norton Antivirus Professional 2005
    Tune Up Utilities 2004
    Spybot Search & Destroy
    Spyware doctor 2.1
    Peerguardian 1.99
    Crap Cleaner

    If you were to add a second antivirus or change/add anything
    to this list what you you do/recommend that would be helpful?
    You are missing prevx,
    http://www.prevx.com/

    with all those programs running, how do you find the time to install new software and windows update? You must get a million alerts?
    Last edited by egghead; November 15th, 2004 at 13:25 PM.
    ------------------------------------------------------------



  15. #15
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    Quote Originally Posted by egghead
    You are missing prevx,
    And you are missing, and this is s biggie: process guard - paid version is best of course but even the free version is a must

    SUMMARY
    ProcessGuard is a powerful new cutting-edge program that greatly increases
    the security of your computer by preventing processes from being able to attack
    each other. It is considered by experts to be a must-have program for all users
    of Windows, and is the only program available that can actually prevent the
    installation and infection of all known rootkit stealth trojans.

    Now THAT'S a powerful defence in itself! But there's much more ...

    WHAT IS PROCESSGUARD? ...
    Introduction - Why ProcessGuard is the most important security layer on your PC

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •