Shields Up shows security holes despite linksys router

[dmw16]

I have been getting these ad pop-ups recently so I decided that I would get my linksys router and plug it back in (the cable company came and unhooked while I was at school because we were having problems, but that isnt the point.). So I ran shields up and it still says:

RCP - (Remote Procedure Call) This impossible-to-close port appears in most Windows systems. Since many insecure Microsoft services use this port, it should never be left "open" to the outside world. Since it is impossible to close, you will need a personal firewall to block it from external access. Do it soon!

and

MSFT DS - This impossible-to-close port first appeared on Windows 2000 and was carried over to Windows XP. Since several insecure Microsoft services use this port, it should never be left "open" to the outside world. Since it is impossible to close you'll need a personal firewall to block it from external access. Do it soon!

how can i fix this?
thanks,
-doug

 

[JackMDS]

Routers are not popup blockers.

The advice was given. ? You will need a personal firewall to block it from external access. ?

Some Software Firewall (like Norton Internet Security) has popup eliminator as well.

Why Do I need Software Firewall? I have a Router with Hardware Firewall.

In general, security issues at home and a small office installation involve:

1. Unauthorized Internet traffic coming in (from the Internet to your computer).

2. Unauthorized Information going out (from your Hard Drive to some one else Web Server), AKA software calling home.

3. Accidental leakage. Firewall left disable, computer left in DMZ etc.

Unauthorized Information going out is mainly a function of "spyware" and programs that are "calling home". Unfortunately, the amount of programs that are calling home is growing by the day.

The Hardware Firewall provided by most Cable/DSL Routers, is an excellent tool. However, it mainly secures the Incoming traffic, (see at the end the explanation) to secure the Outgoing aspect you need to add Software firewall.

Thus, many Router owners use the combination of Hardware, Software Firewall.

A popular software firewall is Zone Alarm (Basic version free).

ZoneAlarm Download.

Norton Internet security provides very good live control on info going out (Not free).

Norton Personal Firewall 2002.

You can check your system's security by logging to the following page, scroll down, and click on Shields Up.

Gibson Default Page.

Gibson Default Page.

Entry level Cable/DSL Routers - What they Do?

Router is a device that mitigate between two Networks. In our case the Internet, and our LAN.

The out side Network has an IP address that belongs to the ISP. The inside Network has the IPs assigned by us or by the DHCP.

The Entry Level Routers main activity is the Network Address Translation (NAT) i.e. to make sure that each computer on our internal Network should get the Internet info. (From the ISP address) that belongs to it.

To make it inexpensive and uniform the implementation of the NAT is done by setting it so that it reacts only to requests coming from the inside of the network.

As a result of this behavior i.e. reaction to the inside only, the NAT also act as a "Firewall", since it is not letting in info. unless it was requested from the inside.

Some of the new Routers have Firewall based on NAT and an additional "Stateful Packet Inspection" (SPI). SPI controls (filters) the nature of the information passing through the Router.

SPI looks at the content of the packets, and let you filter incoming, and outgoing information by rules. The resultant is better control of the info coming and going. E.g. parents can block exchanges that they deem unfit for their children. Employers can Block unfit sites frequent by some employees.

Some of the old Routers (like the SMC Barricade line) can be upgrade to SPI by installing the most recent firmware.

 

[LordRaiden]

Don't forget Visnetic Firewall and of course the wonderful Tiny Personal Firewall!!

I definately recommend both.

 

[dmw16]

I dont know how they got on my compute...but they do seem to have stopped.
-doug

 

[joey2k]

Could it be you have port forwarding enabled on the router? Also, some routers support UPnP which allows the computer to open and close ports on the router. It will look like 'Internet Connection' in your Network Connections window. You can open it and see what ports are being forwarded by UPnP

Using a router that does NAT, no ports should be available to the Internet unless someone specifically confugred it.

Also, I you scan yourself using sheilds up, disconnect the router the internet and the reconnect, your IP address (usually) changes. However, if you left the shield up browser window open, just hit refresh and it will scan your old IP address but send the results to you!!! I just ran into this last night and at first I thought my firewall was having major problems.

-- Joel