I have downloaded a lot of programs over the last few months, so
decided to retest my security. I started all the applications I run regularly and visited the sites below. My system was secure and undetectable, at least as far as the listed sites were concerned. I did find out that GFTP DOES make port 20 non stealthy anymore (stealth scan detected the port when gftp was running, regular scan did not). FTP service is not running, however, someone could exploit existing TCP/IP flaws to cause my computer grief.

Anyway, if you are reading this, and even if you have a firewall, all services shut down, etc try the sites below and see what/if hackers can learn a lot from your system. Note: When I turned off the firewall as sygate asked to verify the trojan scan was valid, I learned that without it, I was wide open to trojans.

Anyway, after visting the sites below, come on back and rank your security in the poll. Also, anyone with more sites to list, I would like to know. I am working on a firewall links and security testing NHF.

hlrguy

http://scan.sygate.com/
https://www.grc.com/x/ne.dll?bh0bkyd2
http://www.auditmypc.com/
Also has a test on how secure your email account is

...dont go to that grc.com one... thats a crock of crappe, and many a debate has been fought here about its 'authenticity'

My Linux box is debatable....cause I run a Web server on it.

My Windows XP Box and My Windows 2000 Server....You can't get into..........just not gonna happen. But that's because I've been a
server admin who is anal about security for the last 6 years...

My linux box probably needs some work. Although I did follow the NHF for securing a system. :D

Peace......

secuwhat? No, seriously I typically leave my box pretty open. If someone hacks me it's just an excuse to install a new distro, and so far that's never happened. Of course, I also haven't removed the key from the ignition of my truck in almost 4 months, with a cd player on the seat, and my drivers side door doesn't lock any more. Never had any problems there either. Also, right now I have the most secure linux box anywhere: for some reason I can't get on the net in linux because of a dns problem (I finally got my winmodem to succesfully connect, only to find that I can't look at anything without putting the absolute IP in :().

Originally posted by B4TMANN
My Windows XP Box and My Windows 2000 Server....You can't get into..........just not gonna happen. But that's because I've been a
server admin who is anal about security for the last 6 years...


Then you should know that there is no such thing as a secure computer.

Heh. According to that third site, my NAT'ed, private address is 141.219.84.94.

Problem is, that's not my NAT'ed private address, that's my public address.

:cool: iptables :cool:

;)

Also, "You have been to 1 site(s) in this session." Actually, no, it's closer to like 10. :cool: Mozilla, I think :cool:

Where's the e-mail scan page on that site? All I can find is an e-mail address lookup thingy...

grc is accurate, as far as I've ever seen. With their client thingy installed, I have no idea, but without, it's perfectly accurate.

I like how most of these sites say "PORT 80 IS OPEN!!!" or something like that, like it's automatically from a trojan horse or something. All but the first one you linked to don't even bother checking what's running on that port (it's Apache 2.0.43, in my case, with the non-vulnerable-to-Slapper OpenSSL version). The ssh port is also open, but none of these scanners detect it. Of course, that's because it's only open to campus machines. ;)

Originally posted by f'lar
find that I can't look at anything without putting the absolute IP in :().

pico /etc/resolv.conf

add DNS IPs there

a.b.c.d
h.i.j.k

save and exit.

hlrguy

Then you should know that there is no such thing as a secure computer.


You're somewhat right...



With Windows XP/NT/2000 if you give only one user account access to log on locally and then change the local policy to "access this computer from a network" to everyone (deny).... have a 30 character password, of stuff like "*&||7B@`~W=|" turn off these services: Server, Messenger, TCP/IP Netbios Helper, and also turn off File and print sharing, and computer browser, nobody but you can get into that box. I don't care if you have it plugged directly into the internet! I know this. Look at alt.2600 newsgroup. They can break into stuff that has sharing/webserving etc enabled. But if you just use the box to browse the web or do email and instant messaging....you'd be very hard pressed to get into a box set up as i described. In fact it would take you longer than it would be worth....

Pick up the newest issue of 2600 magazine. It shows in there that it would take almost 5 years to crack a good password!

...and without the server service running you pretty much can't even admin share into a machine!

...at best....you might be able to list a few contents.....


Assuming the physical location is secure...

Originally posted by B4TMANN
Pick up the newest issue of 2600 magazine. It shows in there that it would take almost 5 years to crack a good password!


Shame. Gone are the days when you could have an NT4 password cracked within a day. I remember 'needing' administrator rights to the machines in all the labs, all it took was a disk with NTFS4DOS on it to get the p/w file and then a copy of Lophtcrack to get the password of everyone that had logged on to that machine (including admins...) :D

Hey bugfix

You can still do exactly what you say.......but it is only easily done with junk passwords (like less than 15 characters using only numbers and letters)...

;)

My computer is pretty secure... It does have hard-drive-size issues, but we're working them out in therapy. :D

I'm not sure, and I'm not that concerned. It has the stock *nix firewall running in linux.
I really don't do anything important in linux, not many passwords, no credit cars #'s, etc. In windows, I run a pretty powerful firewall, so my system is relatively secure.

I tend not to pay attention to it because nobody has ever touched my computer, not even a simple netstat or ping, no viruses. So I'm pretty indifferent as of now.

I don't know how secure my computer is because when I try to use the on-line scanners, they pick up the IP address of the web-proxy server that my connection is going through rather than my actual machine... But my uni has a setup where only port 80 goes through the proxy, everything else is a direct connection to the Internet.

Between my machine and the rest of the world, I have a machine running SmoothWall 2.0.0 beta... I really have no idea how much more secure this makes me, if any... I only set it up because I could. :p

Originally posted by bugfix
Shame. Gone are the days when you could have an NT4 password cracked within a day. I remember 'needing' administrator rights to the machines in all the labs, all it took was a disk with NTFS4DOS on it to get the p/w file and then a copy of Lophtcrack to get the password of everyone that had logged on to that machine (including admins...) :D

No, they aren't gone. I do admin work, and routinely break 2000 boxes that the user has forgotten their password. Nothing is immune to local access that I'm aware of. You don't bother solving the password, you just replace it.

That aside, but mine is about as tight as a pix can get.

Sygate (scan.sygate.com ) and Audit my pc (www.auditmypc.com ) worked like a charm.

ScRapZ_1,

That GRC site really is a crock of crappe- visit GRCSucks.com (http://www.grcsucks.com) and you'll find one of the many debates.

Do you of more sites. I like to collect as many good ones as I can. I have heard from others that the one you mentioned isn't good, however, it did detect when I opened specific ports to test my firewall. Anyway, hope this was useful. I still want to create a security library paper.

hlrguy

Originally posted by my2cents
That GRC site really is a crock of crappe- visit GRCSucks.com (http://www.grcsucks.com) and you'll find one of the many debates. Funny, I get "connection refused" on grcsucks.com. What's the substance of this debate now?

I run tons of network stuff and I always have. I'm even on a pretty popular netblock (Code Red and Nimda hits galore). Haven't been hacked at all, and it's been up for a good 2 years or so. I even login remotely all the time.

I keep my systems updated and patched, and I close off anything that I don't think they deserve access to, and if anyone gets physical access to the machine, my data will be one of the last things I worry about :)

I've got apache, sendmail, pop3, ssh, and ssl running on my machine.

I have my iptables firewall, sendmail is NOT an open relay. I have a spam filter running anyway.

I also have tripwire running.

Any of you admins have some pointers for more stuff to help lock me down???

I use the scan at Blackcode.com and the tricks at Lockdown. I also had a 1337 IRC buddy try to crack me for two hours and even when I gave him my r00t password, he failed.

Fort Knox :D

i just checked mine with a couple that i've found. 2/3 say that telnet is open, but they give me the wronf address, compaired against ssh. i'm running shorewall and like it, but i just looked at trying to shut down that port and don't see it.

could someone drop a quick line on how to. thanks.

GRCsucks.com (http://www.grcsucks.com) seems to work fine. As for the substance, the site and its link to similar sites should explain it all. Also – if you continue to have problems, you can always visit the WayBackMachine (http://web.archive.org/web/*/http://grcsucks.com).

I think the real key to securing your own system is understanding how modern exploits work. Understanding networking, privilege systems, what a buffer overflow means, etc. Once you understand all these things, securing your computer is a matter of applying common sense from what you have already learned and translating it into actions for what you decide to run and not run and how you choose to run that which you do end up running.

Webserver - Probably not very secure :D, although it's only online when I'm working on it.

SLOWLY Trying to learn how to get my Apache/PHP/MySQL/phpBB2/Squirrelmail installations to work flawlessly.

After that, I'll try to secure it up. Well, either that, or take a baseball bat to all my computers :eek: :D (currently a love/hate thing...)

Here's another........................................
http://www.pcflank.com/scanner1s.htm

I've used firewalls in the recent past, but at my level of operation I find it more advantageous just to turn services off and close ports, versus running in "stealth" mode. Keeping up with latest stack vulnerabilities helps also.

Originally posted by JohnT
Here's another........................................
http://www.pcflank.com/scanner1s.htm

Thanks for the link :)

Just confirmed - Fort Knox ;)

http://www3.telus.net/small_business/Geek/snapshot1.png

Originally posted by emetib
i just checked mine with a couple that i've found. 2/3 say that telnet is open, but they give me the wronf address, compaired against ssh. i'm running shorewall and like it, but i just looked at trying to shut down that port and don't see it.

could someone drop a quick line on how to. thanks.

Look in /etc/inetd.conf and comment out.

Those scanners are pretty worthless if you ask me. Well, they'll point out a bad system fairly easy, but they most certainly don't certify your system as Secure(tm) just because everything comes up as "Stealth" or closed on the scan.

They don't on mine. None come up as all stealth, as I'm not using any firewall. One comes up as all closed, one as all closed with two stealthed ports, another two as "The test has found that the IP address used by your computer cannot be scanned. This commonly occurs because of a firewall program on your computer and/or you are connected to the Internet through a proxy-server or your ISP uses Network Address Translation (NAT) to share IP addresses.
This means the test cannot check your system as the results of the testing would be incorrect".