Go Back   nV News Forums > Software Forums > Microsoft Windows XP And Vista

Newegg Daily Deals

Reply
 
Thread Tools
Old 06-27-07, 08:58 PM   #1
grey_1
Guest
 
Posts: n/a
Default Security test sites?

Like it says, what are some good sites to test Vistas security? I just dl'd the trial version of zonealarm pro, and would like to test vistas firewall against zonealarms.

Thanks in advance guys!
  Reply With Quote
Old 06-27-07, 09:52 PM   #2
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Security test sites?

If you PM me your IP Address I'll do a penetration test on your box, nothing nefarious.
evilghost is offline   Reply With Quote
Old 06-28-07, 04:30 AM   #3
grey_1
Guest
 
Posts: n/a
Default Re: Security test sites?

Thanks, I'd rather not pm out my IP.
  Reply With Quote
Old 06-28-07, 07:58 AM   #4
radekhulan
 
radekhulan's Avatar
 
Join Date: Apr 2005
Location: Prague
Posts: 749
Default Re: Security test sites?

ShieldsUp!
https://www.grc.com/x/ne.dll?bh0bkyd2
__________________
[size=1][b]CPU:[/b] Core 2 Quad Q6600 @ 3.2GHz | [b]Memory:[/b] 4x2GB Patriot DDR2-800 | 4GB A-Data PD7 ReadyBoost USB | [b]Sound:[/b] X-Fi FPS
[b]Board:[/b] Asus Commando | [b]GPU: 8800GTX @ 650/1050[/b] | [b]HDD:[/b] 3x WD3200KS 320GB + 500GB | [b]Power:[/b] Fortron EPSILON 600W-GLN
[b]Mouse:[/b] Logitech G5 | [b]Kbd:[/b] Logitech G15 | [b]DVD:[/b] Plextor 130B + LITE-ON LH-18A1H | [b]LCD[/b] [b]24" HP2465 1920x1200[/b] | Vista Ultimate x64
My websites: [url=http://hulan.cz/en][b]HULAN.cz[/b][/url], [url=http://radekhulan.cz/][b]RADEKHULAN.cz[/b][/url], [url=http://hulan.info/][b]HULAN.info[/b][/url], [url=http://blogcms.com/][b]BLOGCMS.com[/b][/url], [url=http://www.megablog.cz/][b]MEGABLOG.cz[/b][/url] | [url=http://hulan.cz/temp/games.png][b]Games played[/b][/url] | [URL=http://hulan.cz/temp/sestava.png][B]CPU-Z[/B][/URL] -- [URL="http://radekhulan.cz/img/stacker-830/stacker-830-bocnice.jpg"][B]case foto[/B][/URL][/size]
radekhulan is offline   Reply With Quote
Old 06-28-07, 08:38 AM   #5
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Security test sites?

Quote:
Originally Posted by grey_1
Thanks, I'd rather not pm out my IP.
You'll likely not get accurate results without a real scan.

You could always remote into another box and run an nmap scan, nessus, etc.
evilghost is offline   Reply With Quote
Old 06-28-07, 10:17 AM   #6
ViN86
 
Join Date: Mar 2004
Posts: 15,486
Default Re: Security test sites?

Quote:
Originally Posted by grey_1
Thanks, I'd rather not pm out my IP.
you have a static IP through your ISP?
ViN86 is offline   Reply With Quote
Old 06-28-07, 10:32 AM   #7
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Security test sites?

Quote:
Originally Posted by ViN86
you have a static IP through your ISP?
I know, I even said PM, he doesn't trust me. Fairly sad.

I'll post my IP in this thread, I have absolutely no fear, and I'm static IP with DNS PTR set to my mx.
evilghost is offline   Reply With Quote
Old 06-28-07, 05:14 PM   #8
grey_1
Guest
 
Posts: n/a
Default Re: Security test sites?

Quote:
Originally Posted by evilghost
I know, I even said PM, he doesn't trust me. Fairly sad.

I'll post my IP in this thread, I have absolutely no fear, and I'm static IP with DNS PTR set to my mx.
No, mines dynamic. I get my smc with static in a couple of weeks.

It's not I don't trust you at all evilghost, I thougt pm's were considered not secure, and that it wasn't a good idea to put one out there?

Or is that just very naive?
  Reply With Quote

Old 06-28-07, 05:28 PM   #9
grey_1
Guest
 
Posts: n/a
Default Re: Security test sites?

Quote:
Originally Posted by radekhulan
Thanks radekhulan!

Now I just have to get evilghost back on board after offending him.

Edit: Vistas security is pretty solid according to that website, just found 1 closed port.
  Reply With Quote
Old 06-28-07, 08:26 PM   #10
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Security test sites?

Quote:
Originally Posted by grey_1
Thanks radekhulan!

Now I just have to get evilghost back on board after offending him.

Edit: Vistas security is pretty solid according to that website, just found 1 closed port.
You really need to do some egress filtering too, plus, that scan only hit some of the common ports. I'd so something like p0f to see if I could fingerprint/identify the machine based on the TCP/IP stack response. I'd also run an nmap syn scan against the machine to see if there's any ports rejected by DROP or DENY. Drop will be a 'dead' port where-as a DENY will show up as a closed port. Once I had the closed port I'd then try some spoofing SYN scans spoofing an IANA reserved range or your SRC IP to see if the port would then open.

If I found any open ports on the TCP or UDP stack (I'd scan all ports) I'd fire up netcat or nessus and see if I could fingerprint the listening daemon.
evilghost is offline   Reply With Quote
Old 06-29-07, 03:50 AM   #11
grey_1
Guest
 
Posts: n/a
Default Re: Security test sites?

Quote:
Originally Posted by evilghost
You really need to do some egress filtering too, plus, that scan only hit some of the common ports. I'd so something like p0f to see if I could fingerprint/identify the machine based on the TCP/IP stack response. I'd also run an nmap syn scan against the machine to see if there's any ports rejected by DROP or DENY. Drop will be a 'dead' port where-as a DENY will show up as a closed port. Once I had the closed port I'd then try some spoofing SYN scans spoofing an IANA reserved range or your SRC IP to see if the port would then open.

If I found any open ports on the TCP or UDP stack (I'd scan all ports) I'd fire up netcat or nessus and see if I could fingerprint the listening daemon.
I understand a part of that, thanks, but tbh a good deal is over my head. If your still willing, I'll send you the IP.

Thanks evilghost.
  Reply With Quote
Old 06-29-07, 07:38 AM   #12
ViN86
 
Join Date: Mar 2004
Posts: 15,486
Default Re: Security test sites?

Quote:
Originally Posted by evilghost
You really need to do some egress filtering too, plus, that scan only hit some of the common ports. I'd so something like p0f to see if I could fingerprint/identify the machine based on the TCP/IP stack response. I'd also run an nmap syn scan against the machine to see if there's any ports rejected by DROP or DENY. Drop will be a 'dead' port where-as a DENY will show up as a closed port. Once I had the closed port I'd then try some spoofing SYN scans spoofing an IANA reserved range or your SRC IP to see if the port would then open.

If I found any open ports on the TCP or UDP stack (I'd scan all ports) I'd fire up netcat or nessus and see if I could fingerprint the listening daemon
.
damn, you gotta teach me some security. atm, i have no idea how to use iptables nor what the hell to look for.
ViN86 is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
German ISP claims to deliver 4.7Gbps download speed in field test News Archived News Items 0 06-01-12 05:50 AM
Oi, Diablo: Torchlight II Beta Stress Test This Weekend News Archived News Items 0 05-18-12 09:30 PM
Torchlight 2 beta stress test this weekend News Archived News Items 0 05-18-12 07:00 AM
Video: Cyber Security Defense Using HPC News Archived News Items 0 05-07-12 04:00 PM

All times are GMT -5. The time now is 02:01 AM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.