01-14-05 12:51 PM
In article <49B13DED-C253-4936-BE56-42AE5F13CE65@microsoft.com>, =?Utf-8?B?
TWFyayBH?= says...
> I ran the 'ShieldsUp!' firewall test from www.grc.com. How can I tell if t
he
> test has reached my PC's ports itself but my ISP? I'm connected to interne
t
> via Zyxel adsl router. Test performed show most ports as 'closed' state,
> three ports as 'stealth', HTTP and FTP ports are 'open'.
> Using XP SP2 Home Ed. since 2002, Win Firewall enabled. No trojan or virus
> infection before. Thanks.
There are two steps to take. Step one is to check your Zyxel configuration
page to see what IP address it is getting from your ISP. Step two is to
check the GRC web page when you run the test; what IP address does it say
that it is testing? If the two are the same, Shields Up! is testing your
router.
If your router is being tested, you want to double check the remote
administration setting. That should be disabled in most cases; that HTTP and
FTP are showing open suggests that your Zyxel is open to configuration from
the Internet side of the router (if, indeed, it is the router that Shields
Up! has probed). But those could also be the result of your ISP running a
caching proxy; so do the checks to see which IP address is being probed.
The GRC site operates news groups similar to this one; but you can't access
them with a web browser, as you have done here. How do I know you used a
browser? By checking your posting headers:
X-Newsreader: Microsoft CDO for Windows 2000
For GRC, fire up MS Outlook Express (unless you have a preferred news
client; I prefer Super Gravity) and set up an account. Use "news. grc.com"
for the server name. For the user name and password, use the exact same
string, preferably 12 characters, or more. Alphanumeric mix; something like:
User Name: xYzZy1zN7Aw0R6
Password: xYzZy1zN7Aw0R6
There is a reason for that, as explained here:
http://www.imilly.com/noregrets.htm
After your client connects to the server, you will be presented with a list
of groups. For this problem you should choose, "grc.shieldsup". You will
find a lot of helpful people on that site, and most will be more
knowledgeable than the average in this group.
Also, did you know that you can access these groups with a news client? Just
set the server name as, "msnews.microsoft.com". No user name and password
combination is needed on the MSFT NNTP servers. Once connected you will be
presented with a humongous list of groups. For this group you would
subscribe, "microsoft.public.security".
You can have multiple NNTP server accounts in most news clients; even in MS
Outlook Express.
It is recommended that you not use your normal email address for the email
address entry for news posts; spammers and viruses scan posting headers to
pull email addresses for their own ends. I recommend something with an RFC
2606 reserved domain, such as: <don't.spam@me.invalid>. For the MSFT groups
I just use the same default that MSFT puts in place on the web site. If you
like, you can set a "Reply-To:" email address, but even there, use a
disposable email account, not your main email account. You can test mine by
using the "Reply to author" button (or whatever it may be labeled). Oh, and
mine is not to be altered; what you see works, making any changes breaks it.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
[ Post a follow-up to this message ]
| 
