I am using UFW and I get mixed reports from different firewall testers. Sometimes my system is in full stealth but sometimes some common ports respond as CLOSED instead of STEALTH. I have tried to edit my before.rules by setting DROP instead of ACCEPT for port scanners.
I am no Geek, a noob with some courage to use Root terminal for tweaking essential functions. I really need my box to be STEALTH and I need this to be reliable. On the Windows side, my leaktest were not even noticed by Windows Firewall. TinyWall did better, but privateFirewall 7.0 was almost good. It also did return the very sam ports sometimes as CLOSED and sometimes as STEALTH.
Is there an idiot proof way to set up a fully stealthed firewall in a user friendly way? I was not at ease with how the terminal responded when trying to edit before.ruls, for instance. It did not inspire confidence at all.
How To Stealth My Laptop?
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
Xian Renegade
How To Stealth My Laptop?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
-
Xian Renegade
Re: HOW TO STEALTH MY LAPTOP?
A further development is that I have uninstalled UFW and installed Shorewall instead and configured it as per its developers' website. I still get the random responses from http://www.grc.com and echoed by www.shieldcheck.com
I need to know that my firewall is secure, both from outside and the inside. Many view but none responded thus far. Am I asking a dumb question
, or don't Mint users use firewalls 
, or doesn't anybody have the answer? I am perplexed. 
I need to know that my firewall is secure, both from outside and the inside. Many view but none responded thus far. Am I asking a dumb question
, or don't Mint users use firewalls , or doesn't anybody have the answer? I am perplexed. -
eanfrid
Re: HOW TO STEALTH MY LAPTOP?
netfilter is the - very, very powerful - base engine of all connection tracking and firewalling software. Check the official site about docs, howtos and tutorials: http://netfilter.org/documentation/
-
Xian Renegade
Re: HOW TO STEALTH MY LAPTOP?
Thanks, Eanfrid, I will set time aside to study this and apply my mind to it. I'm already there with my browser, so I am quick to have a look at what you are presenting. Tks!
-
Xian Renegade
Re: HOW TO STEALTH MY LAPTOP?
netfilter.org is quite intimidating to a noob like myself. It will take some serious studying to really get on top of it. Meanwhile, with shorewall installed as per its website instructions, here is what I am still getting, which was the same on gufw, firestarter and the others, alo in windows and its various native+3rd party firewall apps.Xian Renegade wrote:Thanks, Eanfrid, I will set time aside to study this and apply my mind to it. I'm already there with my browser, so I am quick to have a look at what you are presenting. Tks!
Solicited TCP Packets: RECEIVED (FAILED) — As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection. It is generally possible to increase your system's security by hiding it from the probes of potentially hostile hackers. Please see the details presented by the specific port links below, as well as the various resources on this site, and in our extremely helpful and active user community.
Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
Port
Service
Status Security Implications
0
<nil>
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
21
FTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
22
SSH
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
23
Telnet
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
25
SMTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
79
Finger
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
80
HTTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
110
POP3
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
113
IDENT
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
119
NNTP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
135
RPC
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
139
Net
BIOS
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
143
IMAP
Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
389
LDAP
Closed Your computer has responded that this port exists but is currently closed to connections.
443
HTTPS
Closed Your computer has responded that this port exists but is currently closed to connections.
445
MSFT
DS
Closed Your computer has responded that this port exists but is currently closed to connections.
1002
ms-ils
Closed Your computer has responded that this port exists but is currently closed to connections.
1024
DCOM
Closed Your computer has responded that this port exists but is currently closed to connections.
1025
Host
Closed Your computer has responded that this port exists but is currently closed to connections.
1026
Host
Closed Your computer has responded that this port exists but is currently closed to connections.
1027
Host
Closed Your computer has responded that this port exists but is currently closed to connections.
1028
Host
Closed Your computer has responded that this port exists but is currently closed to connections.
1029
Host
Closed Your computer has responded that this port exists but is currently closed to connections.
1030
Host
Closed Your computer has responded that this port exists but is currently closed to connections.
1720
H.323
Closed Your computer has responded that this port exists but is currently closed to connections.
5000
UPnP
Closed Your computer has responded that this port exists but is currently closed to connections.
-
eanfrid
Re: HOW TO STEALTH MY LAPTOP?
Do you connect to the internet through a broadband router (it looks like you do) ? In this case - regarding incoming connections and "stealth" - you are indeed testing the router "firewall", whatever you install/configure on the computers that are connected behind this router. By default, all common broadband routers do NAT and reject unsollicited incoming connections to the LAN computers.
-
Xian Renegade
Re: HOW TO STEALTH MY LAPTOP?
Yes, I am using a Huawei E3131 HSDPA USB dongle and only my laptop is connected to it. Sometimes, I also use my laptop to act as hotspot for my son's iPhone 5, as Windows 8 cannot achive this despite the Dell Hotspot app. part of the reason I migrated to Linux.
As a novice, I am just too uninformed to know what is at risk, how serious the level of risk is and how to manage it. I did a leak test in Windows 8 of Windows Firewall. WF was so bad that it allowed unrestricted access to grc.com's leak test without even noticing it happen.
When booting from Mint, my Skype video works well even despite me having an i3 Sandy Brdige and a mere 2GB RAM. In Windows 8, it tells me that I do not have enough CPU power for video calling. Also, many of my old programmes including MS Office 2007, Zone Alarm and others stopped working after a recent Win 8 update. Mint: all my systems work rather well, the machine never lags despite the minusculre resources and it hardly ever touches my hilarious 7GB swap areas. It is just the online security that worries me a bit, simply because I am used to full stealth in Linux until I bought this machine and the HSDPA dongle.
My other machines (both given away now) were a 2003 HP Compaq NX9010 with P4M 2.8Ghz, 1GB DDR and a 40GB HDD. Its graphics could omly handle distros up to Ubuntu 10.4, so I had to let it go. The Thinkpad T61P was a Core2Duo 2.1GHz with 3GB DDR2 and a 140GB HDD. It was needed elsewhere so the new Dell came, it runs well beyond expectations and it only is the firewall bit that seems to be less than I am used to. Mint 15 64-BIT just flies on it, it plays MP3 and MP4 out of the box, it plays all formats of video (unlike Windows Media Slayer) and its stability is just pleasurable. It never had a single crash or latency, unlike Win 8 that regularly had to recover itself.
Am I really at risk anywhere? Port scanners responded seemingly favourably; it did report some ports to be closed and not stealth but never failed the system completely. I also saw that ports 80 and 5000 were open. 80 I know is used for all internet comms but I will later look what 5000 is being used for. Most other ports are stealth but some are just closed. If I need to worry about this, please tell me, otherwise I am prone to rest this.
As a novice, I am just too uninformed to know what is at risk, how serious the level of risk is and how to manage it. I did a leak test in Windows 8 of Windows Firewall. WF was so bad that it allowed unrestricted access to grc.com's leak test without even noticing it happen.
When booting from Mint, my Skype video works well even despite me having an i3 Sandy Brdige and a mere 2GB RAM. In Windows 8, it tells me that I do not have enough CPU power for video calling. Also, many of my old programmes including MS Office 2007, Zone Alarm and others stopped working after a recent Win 8 update. Mint: all my systems work rather well, the machine never lags despite the minusculre resources and it hardly ever touches my hilarious 7GB swap areas. It is just the online security that worries me a bit, simply because I am used to full stealth in Linux until I bought this machine and the HSDPA dongle.
My other machines (both given away now) were a 2003 HP Compaq NX9010 with P4M 2.8Ghz, 1GB DDR and a 40GB HDD. Its graphics could omly handle distros up to Ubuntu 10.4, so I had to let it go. The Thinkpad T61P was a Core2Duo 2.1GHz with 3GB DDR2 and a 140GB HDD. It was needed elsewhere so the new Dell came, it runs well beyond expectations and it only is the firewall bit that seems to be less than I am used to. Mint 15 64-BIT just flies on it, it plays MP3 and MP4 out of the box, it plays all formats of video (unlike Windows Media Slayer) and its stability is just pleasurable. It never had a single crash or latency, unlike Win 8 that regularly had to recover itself.
Am I really at risk anywhere? Port scanners responded seemingly favourably; it did report some ports to be closed and not stealth but never failed the system completely. I also saw that ports 80 and 5000 were open. 80 I know is used for all internet comms but I will later look what 5000 is being used for. Most other ports are stealth but some are just closed. If I need to worry about this, please tell me, otherwise I am prone to rest this.
-
eanfrid
Re: HOW TO STEALTH MY LAPTOP?
Is this http://www.huaweidevice.co.in/Products/MobileBroadband/huawei-E3131.php ? This model is indeed a USB wifi router. So if you own this kind of device, as I told above, you need not to worry about stealth tests (this "stealth" is an overrated feature anyway). The ports of the router are closed to unwanted incoming connections and it is enough to be safe regarding that.
-
Xian Renegade
Re: HOW TO STEALTH MY LAPTOP?
It is the same, yes, also it is a little device that comes Linux-capable and works extremely well. I also have a brand new D-Link of some sort but never uses it as it undepr-performs even in Windows. I use its SIM with bundled data on the Huawei instead.eanfrid wrote:Is this http://www.huaweidevice.co.in/Products/MobileBroadband/huawei-E3131.php ? This model is indeed a USB wifi router. So if you own this kind of device, as I told above, you need not to worry about stealth tests (this "stealth" is an overrated feature anyway). The ports of the router are closed to unwanted incoming connections and it is enough to be safe.
Thank you for your efforts to educate me. I may be doing a course in IT security later this year; I retired from IT before 2000 and the need for security back then was minimal as almost nobody was connected to the outside world.
