Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to interpret ShieldsUp! scan results


  • Please log in to reply
13 replies to this topic

#1 weybrew

weybrew

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 27 June 2018 - 01:43 PM

Following the advice in Bob Rankin's recent column about blocking open ports, I ran ShieldsUP! and it showing 4 open ports. Using his instructions I created 4 new port blocking rules for Win 10 Firewall. After rebooting, all the new rules were showing but only 2 were working! What's up? I also found some other test result comments that are beyond my skill level. Could someone help me here? Retesting showed all 4 original ports still OPEN!

Attached Files



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:06 AM

Posted 27 June 2018 - 07:36 PM

Which ports are actually still open?

I can't see if from your screenshots.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 weybrew

weybrew
  • Topic Starter

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 28 June 2018 - 02:03 PM

Ports 22, 80, 110, and 443. And what do the icons to the left of each of these entries indicate? I have add'l screeshots but can't figure out how to attach them... In fact, I can't figure out how I got them onto my origianl post.



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:06 AM

Posted 28 June 2018 - 06:04 PM

You said that you closed two of them. Which ones are still open?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 weybrew

weybrew
  • Topic Starter

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 28 June 2018 - 07:59 PM

I'm not sure how to tell. A fresh scan showed all 4 still open, but the firewall settings page shows differently. I have steps recoder zip file also. Show me how to attach, please.

org.JPG

 


Edited by weybrew, 28 June 2018 - 08:00 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:06 AM

Posted 28 June 2018 - 08:42 PM

There is no attach option here but...

 

Upload the file(s) here: http://www.sendspace.com/
Click on Browse button and navigate to the file you want to upload.
Click on Upload button.
Click on FIRST Copy Link button and paste the link in your next reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 weybrew

weybrew
  • Topic Starter

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 28 June 2018 - 10:43 PM

Thanks... Hope this works.

 

https://www.sendspace.com/filegroup/S771uF8sf8NJ%2FF8aSKLzjObmF5Thjs9E



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:06 AM

Posted 30 June 2018 - 11:34 AM

Do you run any kind of server on your machine?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 weybrew

weybrew
  • Topic Starter

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 30 June 2018 - 12:59 PM

I'm not sure I understand, but I am using PLEX. Isn't that a media server?



#10 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 08 July 2018 - 06:49 AM

According to ip2location, your IP address is owned by a hosting company in Atlanta, Georgia and it is a VPN.

 

Are you using a VPN?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#11 weybrew

weybrew
  • Topic Starter

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 08 July 2018 - 01:44 PM

Yes...



#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 09 July 2018 - 11:13 AM

Then Shields up is scanning the VPN server that is your exit point to the Internet. It's not scanning your Windows 10 machine, neither your modem/router.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#13 weybrew

weybrew
  • Topic Starter

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 09 July 2018 - 12:25 PM

I never thought about that, thank you. I'll scan again without VPN running.



#14 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 09 July 2018 - 01:11 PM

No problem.

 

FYI: many ISPs give a public IP address to your modem/router, and after the modem/router, they use private IP addresses.

This makes that when you do a network scan from the Internet, it's your modem/router that is scanned, not your Windows machine.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users