Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Three basic commonly good security results - grc

  1. #1
    Join Date
    Sep 2010
    Location
    Beta Testing in Canada
    Beans
    9,198
    Distro
    Ubuntu Development Release

    Three basic commonly good security results - grc

    Here is a test (and results) for those who are worried about their security. Although there are no guarantees, GRC is a very solid test.

    Simply go to:

    www.grc.com

    and run the "Shields Up" and examine the first three tests, File Sharing, Common Ports and All Service Ports.

    A secure system (with a good router) should produce results such as the below. The reason I am posting this is to give other end_users a starting point if they are investigating security problems on their systems.
    Attached Images Attached Images
    Last edited by ventrical; February 10th, 2014 at 07:35 PM. Reason: addon
    This is not Convergence, This is now Gnome
    Ubuntu Development Version Testing Blog Remarks
    Running 16.04 on Mobo: MSI model: B85-G41 PC Mate(MS-7850) v: 1.0

  2. #2
    Join Date
    Sep 2010
    Location
    Beta Testing in Canada
    Beans
    9,198
    Distro
    Ubuntu Development Release

    Re: Three commonly good security results - grc

    If you have been running a Windows OS and had been hacked in the past then it can be likely that you router has been hacked. If you run Sheilds Up and notice some failures, open ports, closed ports .. etc.. then it is your router and not Ubuntu that is the problem.


    Regards
    Last edited by ventrical; February 10th, 2014 at 04:36 PM.
    This is not Convergence, This is now Gnome
    Ubuntu Development Version Testing Blog Remarks
    Running 16.04 on Mobo: MSI model: B85-G41 PC Mate(MS-7850) v: 1.0

  3. #3
    Join Date
    Sep 2006
    Beans
    8,627
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Three commonly good security results - grc

    Quote Originally Posted by ventrical View Post
    A secure system (with a good router) should produce results such as these:
    Not necessarily. The scan analysis appears to mistake using reject, rather than drop, as a problem. Many do not view it that way:

    http://www.chiark.greenend.org.uk/~p...drop-vs-reject
    http://www.chrisbrenton.org/2009/07/...ll-drop-rules/

    Using drop does not 'stealth' the firewall nor does it add security nor add performance. A case can be made that it reduces performance, which is certainly true for legimate users.

    Then there is the question of ping. Without ping, the net is broken. Again, blocking ping doesn't 'stealth' the firewall nor does it add security nor add performance. Actually it reduces reliability and performance.

    That said, it was interesting to try the scan. What is your connection with the site?

  4. #4
    Join Date
    Sep 2010
    Location
    Beta Testing in Canada
    Beans
    9,198
    Distro
    Ubuntu Development Release

    Re: Three commonly good security results - grc

    Quote Originally Posted by Lars Noodén View Post
    Not necessarily. The scan analysis appears to mistake using reject, rather than drop, as a problem. Many do not view it that way:

    http://www.chiark.greenend.org.uk/~p...drop-vs-reject
    http://www.chrisbrenton.org/2009/07/...ll-drop-rules/

    Using drop does not 'stealth' the firewall nor does it add security nor add performance. A case can be made that it reduces performance, which is certainly true for legimate users.

    Then there is the question of ping. Without ping, the net is broken. Again, blocking ping doesn't 'stealth' the firewall nor does it add security nor add performance. Actually it reduces reliability and performance.

    That said, it was interesting to try the scan. What is your connection with the site?
    I have used the site while servicing customers of infected Windows Operating systems and running various firewalls and AV software. I am not connected directly to the site in a buisness manner.

    Also .. when using terms such as 'myths' which is inferred by one of the links you had presented I find that those arguments lack credibility. Counter pinging a ping reveals a port for discovery , it does not stealth it.

    However, there is a method where an end_user can drop the protection from the router and then run the test and see what actual ports are open or vulnerable. The counter argument is that using drop provides to the hacker/prober that the port simply does not exist. (therefore stealthed by the router).. but I would not go as far as to say that the PC is immune from attack, however , in my years of testing so far I have yet to see a break in the security of my machines from any malware source. The authentication process makes the actual PC pretty well impermeable.

    I am able to run various AV software for linux on Ubuntu , verifying with EICAR.. etc.. and it is a rare occasion that anything gets through , and if a malware does get through , it is rendered usless by the infrastructure of the operating system (unless it is directed to attack a linux system specifically).


    I am not trying to give anyone a false hope of security, just a starting point to be less paranoid about malware and how Ubuntu has handled security on my specific installs.

    regards.. and thank-you for the very informative links..
    Last edited by ventrical; February 10th, 2014 at 10:33 PM.
    This is not Convergence, This is now Gnome
    Ubuntu Development Version Testing Blog Remarks
    Running 16.04 on Mobo: MSI model: B85-G41 PC Mate(MS-7850) v: 1.0

  5. #5
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Three basic commonly good security results - grc

    Drop ("stealth") and reject do exactly the same thing except drop discards packets silently while reject sends a respond that that port isn't open.

    They are equally secure. It does not matter if the server sends a response or not, the port is still closed.

    As far as Shields Up! goes, it only scans whatever device is attached to your connection, which is usually a router, so anything behind that router isn't seen or tested.

    If you really want to check what ports are open on the machines inside your LAN, make nmap your friend.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  6. #6
    Join Date
    Sep 2010
    Location
    Beta Testing in Canada
    Beans
    9,198
    Distro
    Ubuntu Development Release

    Re: Three basic commonly good security results - grc

    Umit , for noobs
    This is not Convergence, This is now Gnome
    Ubuntu Development Version Testing Blog Remarks
    Running 16.04 on Mobo: MSI model: B85-G41 PC Mate(MS-7850) v: 1.0

  7. #7
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Three basic commonly good security results - grc

    Quote Originally Posted by ventrical View Post
    Umit , for noobs
    Found a better explanation.
    http://www.insanitybit.com/2012/05/3...rts-or-closed/
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  8. #8
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    6,235
    Distro
    Xubuntu 17.10 Artful Aardvark

    Re: Three basic commonly good security results - grc

    I'm with CharlesA and Lars Noodén. IMHO, "stealth" is a sales term dreamed up by GRC in order to sell firewall software to nervous windows users who are connected directly to the internet, not even via a router. If you are going to block with iptables, it is probably better to use -j REJECT rather than -j DROP so that you can more easily debug network connectivity problems. Firewalls that drop packets waste loads of debugging time.

  9. #9
    Join Date
    Sep 2010
    Location
    Beta Testing in Canada
    Beans
    9,198
    Distro
    Ubuntu Development Release

    Re: Three basic commonly good security results - grc

    There is no prerequisite to use GRC. If you are worried about your security and need a starting point then I just made the suggestion that it may be of some help to noobs. I am not here to debate it's commerciality.

    Regards..
    This is not Convergence, This is now Gnome
    Ubuntu Development Version Testing Blog Remarks
    Running 16.04 on Mobo: MSI model: B85-G41 PC Mate(MS-7850) v: 1.0

  10. #10
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    6,235
    Distro
    Xubuntu 17.10 Artful Aardvark

    Re: Three basic commonly good security results - grc

    Oh I agree that the GRC web site is very useful for checking yourself for open ports. Well worth knowing about and using.

    It's the pushing of stealth as good and closed as somehow bad that I disagree with. And people using it should be aware that unless they have set up port forwarding, they are probably just scanning their router.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •