Author |
Topic: Computer Protection Issues - Wiz? HELP |
DG Whitley
|
Posted 21 Apr 2018 6:04 am
|
|
Ok, to start off with, I had a normal computer internet setup, modem, wifi router, computer. I use GRC.com on a monthly basis to check my port setting and make sure they are all "stealth mode". Now, I move to a new "fiber" service with my internet, and all of a sudden all my ports are either showing closed or open. The only change was the service (they don't use a modem, direct connect to the internet, no filters, so I guess I'm just getting a "raw" internet connection). I tried ZoneAlarm, no change. So I'm at a loss to know what I need to do now. I may be changing back to my old internet provider. Wiz, any guesses what is going on here? Any help deeply appreciated. |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 21 Apr 2018 8:09 am
|
|
If you have a modern Windows operating system, you have access to the Windows Firewall. It has advanced options that allow you to block or allow incoming and/or outgoing packets to any port you find listed or add to the list. You should be able to block the major hacker ports manually.
Windows Defender will also be watching if you have it active and updated. In fact, Defender also manages your firewall ports to defend against TCP/IP and other attack vectors on non-standard ports.
Since you aren't using a router right now, Defender should have your back. But, I can't imagine that there is no way to obtain a router that interfaces with an optical input and sends out signals via Ethernet or Wi-Fi. _________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
DG Whitley
|
Posted 21 Apr 2018 8:37 am
|
|
Wiz, it is connected to my router but that doesn't seem to do anything at all, other than the wireless part. Do I need a different kind of router than the one I had connected to the modem? Just weird now that I seem to fail the GRC test program by changing providers and ditching the modem. |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 21 Apr 2018 8:47 am
|
|
I have no personal experience with optical Internet service providers. For all I know, they may be allowing certain ports to remain open on the incoming end. Whether this is true or not, you can configure your Windows (or Linux, or Mac) firewall to close the dangerous ports, like 113, 139 and UPnP.
I also recommend every computer user to operate as a limited privileges standard user, rather than an administrator. This reduces your likelihood of silent compromise by close to 92%. If you need more details about this, see Wiz's Security Blog articles here and here. _________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Robert McDaniel
From: White Oak Texas, USA
|
Posted 2 May 2018 3:06 pm
|
|
DG,
Most likely the difference you are seeing happened when you changed to the fiber ISP. When you get a new provider they place a modem in your house to terminate their service. These modems almost always contain a router that has a firewall (much like your wifi router). The difference in the model, style, settings of the firewall in the modem may be the reason for the difference in reporting.
The only real difference between "stealth" mode and "closed" is whether or not the router rejects the traffic, or just ignores it. Either way, the firewall is doing its job. Any hacker port scanning the internet is going to pass up a rejected port, they are looking for low-hanging fruit, not a challenge. I believe you have a pretty safe setup.
As Wiz mentioned, you can rely on your Windows firewall to protect you, and in your case it is a third layer behind your modem and wifi router. Stealth mode is enabled by default on the firewall for newer Windows operating systems.
Honestly, the biggest threat to your computer security isn't so much hacking attacks originating from the Internet against your firewall. The biggest threat comes from links or attachments in email that are designed to install malware on your computer.
Beware what you click on and never open anything that you are not expecting. If in doubt, call the company you believe it came from and verify. Also, be careful when downloading any "free" software. They are often bundled with malware that can open the door for even worse nasties.
And Wiz gives great advice about limiting your user privileges. That way, even if you stumble into something bad, it will be unable to install. Use a non-admin account and turn on your UAC settings so you are asked before anything tries to install.
Rob |
|
|
|
DG Whitley
|
Posted 5 May 2018 9:05 am
|
|
OK, I have figured out what happened. When they installed the system, they had a box in front of mine, which I thought was a switch and never gave it a second look. Upon closer inspection, it was actually an mini-router, so my thoughts are that GRC saw that router and not mine. I plugged the input line directly into my router, problem solved.
I have yet to figure out why they did that as my router had plenty of ports to handle all that was needed. Go figure.
Anyway all is well and probably was all along, but I really do not need a second router. Especially when it seems that router had little to no protections at all. |
|
|
|
Robert McDaniel
From: White Oak Texas, USA
|
Posted 5 May 2018 10:50 am
|
|
Glad you figured it out!! |
|
|
|