06-12-2009 10:20 AM - edited 06-12-2009 10:24 AM
I use various method to test the security on my system and I noticed that TCP port 1025 is not being blocked by NIS2009.
When I went to www.grc.com and performed a ShieldsUP! Port test, it failed only on that one, indicating that the Port is open.
Under protocol and application, it shows "blackjack - network blackjack."
Normally, my system is very secure. Here is some additional info: http://www.grc.com/port_1025.htm
Solved! Go to Solution.
06-12-2009 10:26 AM
There have been several discussions on the ShieldsUp test here. Are you certain it was testing your network adapter and not your router or ISP switch / proxy? I run NIS2009 with default settings and all ports are closed / stealthed on ShieldsUp.
06-12-2009 10:39 AM - edited 06-12-2009 10:47 AM
The test shows me my IP Address, which is correct.
I am connected to the Internet right now without a router - directly to the broadband modem.
"Stealth Blocked Ports" setting in NIS 2009 is in the on position.
BTW, I am running XP, SP3.
06-12-2009 10:55 AM
And the address in the first page of the ShieldsUp (the one where you enter the site) site is exactly what your network card is in your computer? If your card / adapter in your system has IP 126.96.36.1990 assigned to it, this is exactly what shows up there on that page, no other words or URL adders, correct? I ask this because some people have tried this test before and did not understand this page or what it was telling them (not saying anything about you but if 188.8.131.520your.service.ISP is listed then this IS NOT your network adapter) .
Anyway you can test this out by making a manual rule that will block this port in the Internet Settings > Smart Firewall > Advanced Settings > General Rules.
Add a rule, set it to block the Local Port 1025 and when you finish the rule, move it all the way to the top of the list. Click Apply for the rule to take affect and then run the ShieldsUp test again.
Let us know the results please.
06-12-2009 11:07 AM
Correct. The IP address directly represents the NIC in the PC.
Let me create the manual rule, and get right back to you. I don't understand why NIS 2009 is not blocking it. Strange.
06-12-2009 11:19 AM - edited 06-12-2009 11:20 AM
I created the Manual Rule and it passed the GRC tests without incident.
Perhaps you can explain why NIS didn't stealth it in the first place.
That scares me.
06-12-2009 11:25 AM
06-12-2009 11:38 AM
If you look at my other post you replied to (History Logs) you will see that by deleting the Recent History also deleted the Firewall Logs.
However, in the past 10 minutes, I have not seen any suspicious activity.
Question for you...
If the port is now blocked, will NIS still report a "hit" in the History Logs?
06-12-2009 11:44 AM
06-12-2009 11:47 AM - edited 06-12-2009 11:49 AM
So you are saying that if I didn't check the tab, the History Logs wouldn't record it?
Am I correct?