Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Question About Firewall Security When Using Free Wifi


  • Please log in to reply
7 replies to this topic

#1 bloomcounty

bloomcounty

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 06 February 2008 - 03:59 PM

Hi,

I have a laptop with XP Home SP2, Zone Alarm 6.5.737 Free, AVG A/V Free, AVG Antispyware Free (no real-time function).

I normally use dial-up at home, and when I do the ShieldsUp! test, it passes everything 100%. But when I went to use the free wifi at my local library, I ran the test to to compare, and found that it failed certain parts.

GRC Port Authority Report created on UTC: 2008-02-06 at 19:49:24

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

Ping Reply: RECEIVED (FAILED) Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.


And then for the "All Service Ports" test:

Solicited TCP Packets: RECEIVED (FAILED) As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection. It is generally possible to increase your system's security by hiding it from the probes of potentially hostile hackers. Please see the details presented by the specific port links below, as well as the various resources on this site, and in our extremely helpful and active user community.

In the listing of all the ports, all were "green" (slealthed) except for Port 1 which was "blue" (closed).

1. What does this all mean?

2. Why is this the case with free wifi, but not with my dial-up at home?

3. Is there anything I need to or should do to better secure my laptop before using the free wifi? It says, "Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers." How can I do that when I use the free wifi?

Any help is appreciated -- thanks!
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

BC AdBot (Login to Remove)

 


#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:06:49 PM

Posted 06 February 2008 - 05:30 PM

Hi bloomcounty,
Did you put that free wifi in the trusted zone or internet zone? Public connection should be in the internet zone for ZA to block, as they aren't to be trusted, meaning permitting most communication over the common ports you've tested.

Reply to ping just tells hackers you're there as they scan one IP after another. They can't really do much. Your firewall and Antivirus wouldn't let much in unless you request it (stateful packet inspection).

#3 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:06:49 PM

Posted 06 February 2008 - 05:43 PM

Am I secure on WiFi HotSpot?
http://forums.zonelabs.org/zonelabs/board/...essage.id=18329

How to Use Public WiFi Safely
http://www.ehow.com/how_2109048_public-wif...safely-vpn.html

How to Secure Your wireless network
http://www.pcworld.com/article/id,130330/article.html

tork

#4 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 06 February 2008 - 06:23 PM

Did you put that free wifi in the trusted zone or internet zone? Public connection should be in the internet zone for ZA to block, as they aren't to be trusted, meaning permitting most communication over the common ports you've tested.


It was placed automatically in the internet zone. (I didn't have to add it myself, it was added automatically.)

I noticed in the properties somewhere for the library wifi (if you go to properties of the wireless in Network Connections, and when I'm connected to the library's wifi, you can choose the library's wifi and check the properties) that the encryption was set to none (though WPA was a choice). But since the library's wifi is unsecured, I'm thinking this is only for if I had my own wifi and wanted to secure it with a password so someone else couldn't use it. Is that correct? Or should I change this setting?

So why do the pings show up on the free wifi, but not when I use dial-up at home?

And what's up with "Solicited TCP Packets: RECEIVED (FAILED)" when on the wifi, but passing the test on the dial-up?

Thanks, folks!
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#5 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:06:49 PM

Posted 07 February 2008 - 02:51 PM

Another excellent link and reply to the grc diagnostics
http://forums.zonelabs.com/zonelabs/board/...essage.id=19060

You could ask there about the dial-up vs wifi difference.

If grc gave you a specific port number that answers, and if that port is consistent every time, you can close it up in ZA if ZA-free offers that fine level of control. I know the paid versions do.

#6 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 17 February 2008 - 12:17 PM

Thanks, tos. I think I'm through worrying about this stuff... :thumbsup: It sounds like everything is okay...

And thanks for the links, tork.
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#7 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:06:49 PM

Posted 20 February 2008 - 09:13 AM

bloomcounty - you're welcome :thumbsup: tork

#8 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:06:49 PM

Posted 20 February 2008 - 01:40 PM

bloomcounty, you're welcome and also thanks for posting back :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users