Does Vista firewall have holes?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Currently evaluating Windows Vista RC1. Has anyone experienced any issues
with Windows Vista firewall ports being detected as "closed" or "open" but
not listed as "secure"? I ran several firewall port tests from various sites
(ie: http://www.hackerwatch.org/probe/ ) and all listed the same open ports
"Telnet 23" and "Web Proxy 8080". All other ports are listed as "Closed"
which should indicate they not only respond to pings but are also visible to
the net. None of the ports in the test are listed as "Secure" (ingnore pings
and are thus not visible to third parties). Confirmed via "Control
Panel/Programs & Features/Turn Windows features On or Off" that "Telnet
Client" and "Telnet Server" are not enabled. Also confirmed my LAN settings
are set to auto-detect not use proxy port 8080 since I'm not running a web
server. So either the ping test is producing false positives or Microsoft's
Windows Vista firewall isn't recognizing the holes.
 
Dark said:
Currently evaluating Windows Vista RC1. Has anyone experienced any
issues with Windows Vista firewall ports being detected as "closed"
or "open" but not listed as "secure"? I ran several firewall port
tests from various sites (ie: http://www.hackerwatch.org/probe/ ) and
all listed the same open ports "Telnet 23" and "Web Proxy 8080". All
other ports are listed as "Closed" which should indicate they not
only respond to pings but are also visible to the net. None of the
ports in the test are listed as "Secure" (ingnore pings and are thus
not visible to third parties). Confirmed via "Control Panel/Programs
& Features/Turn Windows features On or Off" that "Telnet Client" and
"Telnet Server" are not enabled. Also confirmed my LAN settings are
set to auto-detect not use proxy port 8080 since I'm not running a
web server. So either the ping test is producing false positives or
Microsoft's Windows Vista firewall isn't recognizing the holes.

Are you, perchance, using a DSL or Cable Modem internet connection with a
'router' to share the connection wirelessly or between several wired
computers?
 
The test system is a single workstation connected directly the the net using
a broadband cable modem, not using a router. The open ports were detected
using default firewall settings.
 
Dark Knight said:
Currently evaluating Windows Vista RC1. Has anyone experienced any issues
with Windows Vista firewall ports being detected as "closed" or "open" but
not listed as "secure"?

try to uncheck "Core networking" from the firewall exceptions
 
All exceptions were unchecked in the exceptions section of Vista's firewall
and the same open ports were listed. Since this is Windows which typically
requires a reboot to make changes effective I did that but it still didn't
resolve the issue. I've also tried changing the Network settings from Private
to Public but no difference in the insecure ports occurred.
 
Dark said:
The test system is a single workstation connected directly the the
net using a broadband cable modem, not using a router. The open ports
were detected using default firewall settings.

The most likely explanation is that those ports are related to your Cable
Modem.
 
Dark Knight said:
All exceptions were unchecked in the exceptions section of Vista's firewall
and the same open ports were listed.

I've tested the Vista Firewall with your test and all the ports are stealthed
Since this is Windows which typically
requires a reboot to make changes effective I did that but it still didn't
resolve the issue.

NO.
Changing rules don't require a reboot
 
While I haven't figured out what's causing it I know I'm not the only one
experiencing an issue with being informed Telnet port 23 is open and
insecure. After Googling the issue I've found several referrences to other
Windows Vista RC1 testers that have port 23 and port 8080 being left open and
insecure. I turned off all exceptions in the Windows Firewall as well run a
complete virus scan with Avast. Windows Vista RC1 was directly downloaded
from Microsoft's website with a valid key and the workstation hard drive was
formatted prior to installation so it's a clean installation.
 
Currently evaluating Windows Vista RC1. Has anyone experienced any issues
with Windows Vista firewall ports being detected as "closed" or "open" but
not listed as "secure"? I ran several firewall port tests from various sites
(ie: http://www.hackerwatch.org/probe/ ) and all listed the same open ports
"Telnet 23" and "Web Proxy 8080". All other ports are listed as "Closed"
which should indicate they not only respond to pings but are also visible to
the net. None of the ports in the test are listed as "Secure" (ingnore pings
and are thus not visible to third parties). Confirmed via "Control
Panel/Programs & Features/Turn Windows features On or Off" that "Telnet
Client" and "Telnet Server" are not enabled. Also confirmed my LAN settings
are set to auto-detect not use proxy port 8080 since I'm not running a web
server. So either the ping test is producing false positives or Microsoft's
Windows Vista firewall isn't recognizing the holes.


DK:

Run netstat -an to see if those ports are open on the computer
 
have you actually tried to telnet to that port from another machine on the
internet?

or possibly running one of hte sysinternals tools to watch the tcpip stack
and the running processes?

i mean, if telnet on 23 is open and you connect to it from another machine
you should get a prompt of some sort.. (or even from 8080)
 
Back
Top