Windows XP includes a Firewall to protect your system against unwanted “visitors” from the
Internet ( but not controlling connections from your system to the Internet, for which you would
need to install a Non-Microsoft Firewall, like ZoneAlarm ) , which is configured using the Properties
of the modem-connection :
( using the Firewall on a LAN connection will cause network access problems to your system )
In the properties of the Internet Connection : tab: Advanced. make sure, that the checkmark is placed for the Internet Connection Firewall. Using Settings, you can configure the firewall. |
|
tab : Services The list of programs, which could run on your system. By default, no access is allowed from the Internet to your system to any of these services. Unless you need to grant such an access, do NOT activate any of these services. |
|
tab: Security Logging Allows to activate a log-file |
|
tab : ICMP ICMP (Internet Control Message Protocol is part of TCP/IP, the most common use is the PING program to test a network connection. By default, the firewall will NOT respond to any ICMP , incl. PING, from the Internet. |
Let’s test the security of your system using the XP Firewall and visit on the Internet
www.grc.com , click on the “Shields UP” twice :
You can then run a check on your network security and your TCP/IP ports:
Test “your Shields” :
Shields UP! is checking YOUR computer’s Internet connection security . . . currently located at IP: Please Stand By. . . |
||
|
Attempting connection to your computer. . . Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet! Please Note: On highly secure systems this may take up to one minute. . . |
|
Preliminary Internet connection established! Your computer has accepted an anonymous connection from another machine it knows nothing about! (That’s not good.) This ShieldsUP! web server has been permitted to connect to your computer’s highly insecure NetBIOS File and Printer Sharing port (139). Subsequent tests conducted on this page, and elsewhere on this website, will probe more deeply to determine the extent of this system’s vulnerability. But regardless of what more is determined, the presence and availability of some form of Internet Server HAS BEEN CONFIRMED within this machine . . . and it is accepting anonymous connections! The rest of this website explains the implications and dangers of your present configuration and provides complete and thorough instruction for increasing the security of this system. At the moment, any passing high speed Internet scanner will quickly spot this computer as a target for attack. (When this page has completely finished displaying, you might wish to sneak a quick peek at these two pages to see what lies ahead at this website: ) The phrase you must remember is: “My port 139 is wide OPEN!” |
|
Unable to connect with NetBIOS to your computer. The attempt to connect to your computer with NetBIOS protocol over the Internet (NetBIOS over TCP/IP) FAILED. But, as you can see below, significant personal information is still leaking out of your system and is readily available to curious intruders. Since you do not appear to be sharing files or printers over the TCP/IP protocol, this system is relatively secure. It is exposing its NetBIOS names (see below) over the Internet, but it is refusing to allow connections, so it is unlikely that anyone could gain casual entry into your system due to its connection to the Internet. |
Then , also test “your Ports : “
Port |
Service |
Status |
Security Implications |
21 |
FTP |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
23 |
Telnet |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
25 |
SMTP |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
79 |
Finger |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
110 |
POP3 |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
113 |
IDENT |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
135 |
RPC |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
139 |
Net BIOS |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
143 |
IMAP |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
443 |
HTTPS |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
445 |
MSFT DS |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
5000 |
UPnP |
Stealth! |
There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
Good : Your system will be invisible on the Internet , not allowing
ANY access from the Internet to any information on your system !
Advanced Setup: In case you have the Internet Information Server (maybe including the FTP-server) installed and you like to allow access from the Internet, then you need to place the Check-marks (you are prompted to confirm the system allowed to be accessed) |
|
Activate ONLY the service, which people need to access from the Internet. |
|
tab: ICMP To allow people on the Internet to test, that the connection is working to your system, you should allow incoming echo requests (PING-requests). Warning: now your systems becomes also visible for all these “bad boys and girls”, which probe all IP-addresses on the Internet and then try to find out which system they had found, and some of them may try to damage your system ! |
When testing via via www.grc.com your protection, then it will show the open ports to
allow people from the Internet to use your system as FTP-server :
Port |
Service |
Status |
Security Implications |
21 |
FTP |
OPEN! |
FTP servers have many known security vulnerabilities and the payoff from exploiting an insecure FTP server can be significant. This system’s open FTP port is inviting intruders to examine your system more closely. |