Regular Member
加入日期: Dec 2004
文章: 66
|
裝了兩個防火牆軟體
測試結果當然是通通blocked摟 |
|||||||
2005-12-25, 09:37 PM
#51
|
Amateur Member
加入日期: Feb 2004 您的住址: taiwan taipei
文章: 40
|
用億聯光纖連線, 用m0n0wall 做ip分享+防火牆
測試一 All blocked 測試二 All stealthed |
||
2005-12-27, 12:38 AM
#52
|
Junior Member
加入日期: Apr 2000
文章: 761
|
後來發現,用防火牆來單純的管理網路的輸出輸入大都可以擋掉該擋的...
不過現在的惡意軟體沒那麼簡單,會用其他的方式來突破, 例如從thread以及memory的區塊下手,先複製Firewall認可的合法程式thread一份, 在thread配置記憶體後還沒載入程式前,直接對配置的記憶體區塊修改成惡意的程式碼, 如此委裝成防火牆認可的程式,然後對外連線...,這樣一來,就破功了! 因為防火牆還是依照他"死的"rule來過濾... 參考資料如下: http://www.firewallleaktester.com/leaktest7.htm 詳見:Leaktest Description,內有解釋六種測試的原理... 此文章於 2006-01-19 04:08 PM 被 Marty 編輯. |
2006-01-19, 04:04 PM
#53
|
Elite Member
加入日期: Jul 2000 您的住址: R.O.C
文章: 5,635
|
我測Sys gate
有裝BlockICE 除了ICMP以外其餘都是closed |
2006-06-19, 04:34 PM
#54
|
Elite Member
加入日期: Jul 2000 您的住址: R.O.C
文章: 5,635
|
引用:
呃...是BLOCKED... 打錯 |
|
2006-06-19, 04:51 PM
#55
|
Major Member
加入日期: Jul 2005 您的住址: 福爾摩沙
文章: 144
|
結果是......................?
Sygate Online service: Service Ports Status Additional Information FTP DATA 20 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. FTP 21 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. SSH 22 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. TELNET 23 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. SMTP 25 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. DNS 53 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. DCC 59 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. FINGER 79 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. WEB 80 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. POP3 110 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. IDENT 113 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Location Service 135 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. NetBIOS 139 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. HTTPS 443 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Server Message Block 445 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. SOCKS PROXY 1080 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. UPnP 5000 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. WEB PROXY 8080 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Results from scan of commonly used trojans at TCP/IP address: XXXXXXXXX Service Ports Status Possible Trojans Trojan 1243 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 1999 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 6776 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 7789 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 12345 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 31337 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 54320 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Trojan 54321 BLOCKED This port has not responded to any of our probes. It appears to be completely stealthed. Results from scan of ICMP at TCP/IP address: XXXXXXXXXXX Protocol Type Status Additional Information ICMP 8 BLOCKED An ICMP ping request is usually used to test Internet access. However, an attacker can use it to determine if your computer is available and what OS you are running. This gives him valuable information when he is determining what type of attack to use against you. You have blocked all of our probes! We still recommend running this test both with and without Sygate Personal Firewall enabled... so turn it off and try the test again. ......................................................................................................... The results of Stealth Test We have sent following packets to TCP:1 port of your machine: • TCP ping packet • TCP NULL packet • TCP FIN packet • TCP XMAS packet • UDP packet Here is the description of possible results on each sent packet: "Stealthed" - Means that your system (firewall) has successfuly passed the test by not responding to the packet we have sent to it. "Non-stealthed" - Means that your system (firewall) responded to the packet we have sent to it. What is more important, is that it also means that your computer is visible to others on the Internet that can be potentially dangerous. Packet' type Status TCP "ping" stealthed TCP NULL stealthed TCP FIN stealthed TCP XMAS stealthed UDP stealthed Recommendation: Your computer is invisible to the others on the Internet!
__________________
此文章於 2006-06-19 05:40 PM 被 f1HANS 編輯. |
2006-06-19, 05:38 PM
#56
|
Major Member
加入日期: Jul 2002 您的住址: 台南府城
文章: 128
|
Test1:all blocked
Test2:all stealthed XP Pro Firewall + KAV Pro 5.0.391 + Vigor 2104(DMZ) |
2006-06-19, 06:05 PM
#57
|
Amateur Member
加入日期: May 2002 您的住址: 台北
文章: 42
|
我灌了outpost3.51最新版+kav5.0.522
網路環境是中華的光纖(FTTB)再用分享器接進來的 測試結果第一個幾乎全部都closed,不同的只有: WEB 80 OPEN Location Service 135 BLOCKED NetBIOS 139 BLOCKED Server Message Block 445 BLOCKED ICMP 8 OPEN 第二個則是全部non-stealthed 開了xp sp2內建防火牆也是一樣情形,有人知道為什麼會這樣嗎? 我的xp更新也都是最新的
__________________
|
2006-06-19, 07:05 PM
#58
|
Major Member
加入日期: Mar 2003 您的住址: Seednet 8M/640K
文章: 105
|
Test1:all blocked
Test2:all stealthed XP 內建無用firewall + nod32 2.51.26 |
2006-06-20, 12:54 AM
#59
|
Major Member
加入日期: Dec 2004
文章: 187
|
我是安裝Outpost firewell pro 3.51
但是有一個ICMP 8 是OPEN的 請問使用同軟體的各位 該如何設定?
__________________
己所不欲 勿施於人 Display: PHILIPS BDM4037 x3 CPU: 7900X RAM: Gskill DDR4 3200 16G x2 MB: ROG Rampage VI Apex GC: Gigabyte RTX 2080TI Gaming OC 11G Speaker: Altec Lansing MX5021 Power: CORSAIR RM1000X Case: CORSAIR 780T HD: PLEXTOR M8PeGN 1TB M.2 Toshiba MG04ACA400E x2 MS: Logitech G602 KB: Logitech G910 |
2006-06-20, 01:29 AM
#60
|