Software Farmer
BT Rep: +15
@Izagaia, good one . I go as far as removing liveupdate and livereg aswell. Wish I would of followed my own advice , I'm getting lazy.. I installed the new Antivirus 10.0.0.359 over my old one now getting errors at shut down. Oh well easy fix, but time consuming .
Her angel of darkness
Since my last reformat in mid 2004, I have had NIS and NSW2005 installed. Then I had decided to switch back to Symantec Client Security v2.0.3 and then finally switching to SCS v3.0. In each instance, I did the above steps I described. As a result, I have had no errors of any sort. Thank goodness. It is a pain in the arse and time-consuming, I agree however, I have always known Symantec to never have an "easy uninstall" for any of it's products. It just sort of "goes with the territory" for them. Just one of things one has to put up with if you want to utilize their applications.
At any rate, my only gripe with SCS v3.0 (if you do not mind me changing the subject here alittle) is that the client firewall, like it's Norton 2005 brand retail consumer version, has the port for "IMCP ping" open by default. At least this port is listed that way according to Symantec's security response center when you use their system to scan yours for vulnerabilities. I was always under the impression that having all your ports "stealthed" is the best practice. Now I see that Symantec has somewhat changed this rule for NPF2005, NIS2005 and the new Client Firewall v8.6.0.8.
How can I change this in the firewall's settings to stealth this port? Or is this port relatively safe to keep open as per the client firewall's default settings? Actually I do not know what to make of this change or what it means. Hopefully I am just being overly cautious in dealing with this open port.
Last edited by Izagaia; 04-30-2005 at 09:20 PM.
---
All ports are stealthed, whether they are in use or not.
If you visit a security testing website you will see.
for example "shields Up"
https://grc.com/x/ne.dll?bh0bkyd2
Last edited by AndrewBarker; 04-30-2005 at 10:00 PM.
---
Quote from "Shields Up"
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
Her angel of darkness
I did see and unfortunately "Shields Up" states the exact same results as did Symantec's Security Response has...Originally Posted by AndrewBarker
How can I correct this inconvenience?
----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2005-05-01 at 01:03:21
Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000
0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.
----------------------------------------------------------------------
Posting Permissions
Reply With Quote
Bookmarks