Aller au contenu

Messages recommandés

Posté(e)

Salut,

 

Au fait le premier Fire Wall que j'ai utilisé (pendant un moment) c'était

Agnitum Outpost, la version free, pour tous quoi, son gros avantage

comme ZA c'est qu'il protège dès qu'il est en place. :D

 

Il est vrai que Outpost bloque tout les sites à risque répertoriés jusqu'à présent par eux, je veux dire les sites dangereux ou les sites de spywares, ce que ZA ne fait pas sauf si on le paramètre pour bloquer tout les sites inconnus. Sinon c'est vrai qu'avec sa confi par défaut il ne bloque pas les javas scripts etc... :(

 

J'aime aussi bien ZA que Outpost mais je garde ZA, les tests de sécurités que j'ai fait et des réputés me donnent toute confiance. ;)

 

I :)22 Zone Alarm puis bien paramétré je pense qu'il est très fiable. :D

 

Puis l'avantage de ZA comme le dit Cygale c'est qu'il est intuitif et y a linké à un site qui donne ou foulle d'infos sur les intrusions, Outpost n'en fait pas plus. Mais c'est vrai que j'ai la version Pro. ;)

 

@+ PHoenix.

 

:biere: :biere:

  • Réponses 136
  • Created
  • Dernière réponse

Top Posters In This Topic

Posté(e)
J'ai ZA, je viens de faire les tests de sécurité sur http://www.blackcode.com/scan et même en mettant les niveaux de sécurité de ZA au plus haut j'ai un port ouvert qui d'après les résultats pourrait faire passer pas mal de trojans :( 

c'est grave docteur? :decoiff:

@+ :D

 

lol m'en vais voir ça didonc. :)

 

@++++ PHoenix.

Posté(e)
tenez, un autre scan de ports:

 

https://grc.com/x/ne.dll?bh0bkyd2  ("Shields Up")...

 

:D

 

je l'ai justement testé y a pas longtemps. j'ai un port ouvert même avec le plus haut niveau de ZA :roll:

mais je viens de découvrir pourquoi. J'avais msn ouvert pendant le test. Je l'ai refermé et lancé à nouveau le test et là c'est nickel.

 

Dangereux mr msn :o

 

@+ :D

Posté(e)

Résultats step One...

 

Security Scan - PHASE 1 on xxxxxxxxxxxxx

 

Port Service Status Port Service Status Port Service Status

1 tcpmux CLOSED 2 compressnet CLOSED 3 compressnet CLOSED

5 rje CLOSED 7 echo CLOSED 9 discard CLOSED

11 systat CLOSED 13 daytime CLOSED 17 qotd CLOSED

18 msp CLOSED 19 chargen CLOSED 20 ftp-data CLOSED

21 ftp CLOSED 23 telnet CLOSED 24 CLOSED

25 smtp CLOSED 27 nsw-fe CLOSED 29 msg-icp CLOSED

31 msg-auth CLOSED 33 dsp CLOSED 35 CLOSED

37 time CLOSED 38 rap CLOSED 39 rlp CLOSED

41 graphics CLOSED 42 nameserver CLOSED 43 nicname CLOSED

44 mpm-flags CLOSED 45 mpm CLOSED 46 mpm-snd CLOSED

47 ni-ftp CLOSED 48 auditd CLOSED 49 login CLOSED

50 re-mail-ck CLOSED 51 la-maint CLOSED 52 xns-time CLOSED

53 domain CLOSED 54 xns-ch CLOSED 55 isi-gl CLOSED

56 xns-auth CLOSED 57 CLOSED 58 xns-mail CLOSED

59 CLOSED 61 ni-mail CLOSED 62 acas CLOSED

64 covia CLOSED 65 tacacs-ds CLOSED 66 sql*net CLOSED

67 bootps CLOSED 68 bootpc CLOSED 69 tftp CLOSED

70 gopher CLOSED 71 netrjs-1 CLOSED 72 netrjs-2 CLOSED

73 netrjs-3 CLOSED 74 netrjs-4 CLOSED 75 CLOSED

76 deos CLOSED 77 CLOSED 78 vettcp CLOSED

79 finger CLOSED 80 www-http CLOSED 81 hosts2-ns CLOSED

82 xfer CLOSED 83 mit-ml-dev CLOSED 84 ctf CLOSED

85 mit-ml-dev CLOSED 86 mfcobol CLOSED 87 CLOSED

88 kerberos CLOSED 89 su-mit-tg CLOSED 90 dnsix CLOSED

91 mit-dov CLOSED 92 npp CLOSED 93 dcp CLOSED

94 objcall CLOSED 95 supdup CLOSED 96 dixie CLOSED

97 swift-rvf CLOSED 98 tacnews CLOSED 99 metagram CLOSED

100 newacct CLOSED 101 hostname CLOSED 102 iso-tsap CLOSED

103 gppitnp CLOSED 104 acr-nema CLOSED 105 csnet-ns CLOSED

106 3com-tsmux CLOSED 107 rtelnet CLOSED 108 snagas CLOSED

109 pop2 CLOSED 110 pop3 CLOSED 111 sunrpc CLOSED

112 mcidas CLOSED 113 auth CLOSED 114 audionews CLOSED

115 sftp CLOSED 116 ansanotify CLOSED 117 uucp-path CLOSED

118 sqlserv CLOSED 119 nntp CLOSED 120 cfdptkt CLOSED

121 erpc CLOSED 122 smakynet CLOSED 123 ntp CLOSED

124 ansatrader CLOSED 125 locus-map CLOSED 126 unitary CLOSED

127 locus-con CLOSED 128 gss-xlicen CLOSED 129 pwdgen CLOSED

130 cisco-fna CLOSED 131 cisco-tna CLOSED 132 cisco-sys CLOSED

133 statsrv CLOSED 134 ingres-net CLOSED 135 loc-srv CLOSED

136 profile CLOSED 137 netbios-ns CLOSED 138 netbios-dgm CLOSED

139 netbios-ssn CLOSED 140 emfis-data CLOSED 141 emfis-cntl CLOSED

142 bl-idm CLOSED 143 imap2 CLOSED 144 news CLOSED

145 uaac CLOSED 146 iso-tp0 CLOSED 147 iso-ip CLOSED

148 cronus CLOSED 149 aed-512 CLOSED 150 sql-net CLOSED

151 hems CLOSED 152 bftp CLOSED 153 sgmp CLOSED

154 netsc-prod CLOSED 155 netsc-dev CLOSED 156 sqlsrv CLOSED

157 knet-cmp CLOSED 158 pcmail-srv CLOSED 159 nss-routing CLOSED

160 sgmp-traps CLOSED 161 snmp CLOSED 162 snmptrap CLOSED

163 cmip-man CLOSED 164 cmip-agent CLOSED 165 xns-courier CLOSED

166 s-net CLOSED 167 namp CLOSED 168 rsvd CLOSED

169 send CLOSED 170 print-srv CLOSED 171 multiplex CLOSED

172 cl/1 CLOSED 173 xyplex-mux CLOSED 174 mailq CLOSED

175 vmnet CLOSED 176 genrad-mux CLOSED 177 xdmcp CLOSED

178 nextstep CLOSED 179 bgp CLOSED 180 ris CLOSED

181 unify CLOSED 182 audit CLOSED 183 ocbinder CLOSED

184 ocserver CLOSED 185 remote-kis CLOSED 186 kis CLOSED

187 aci CLOSED 188 mumps CLOSED 189 qft CLOSED

190 gacp CLOSED 191 prospero CLOSED 192 osu-nms CLOSED

193 srmp CLOSED 194 irc CLOSED 195 dn6-nlm-aud CLOSED

196 dn6-smm-red CLOSED 197 dls CLOSED 198 dls-mon CLOSED

199 smux CLOSED 200 src CLOSED 201 at-rtmp CLOSED

202 at-nbp CLOSED 203 at-3 CLOSED 204 at-echo CLOSED

205 at-5 CLOSED 206 at-zis CLOSED 207 at-7 CLOSED

208 at-8 CLOSED 209 tam CLOSED 210 z39.50 CLOSED

211 914c/g CLOSED 212 anet CLOSED 213 ipx CLOSED

214 vmpwscs CLOSED 215 softpc CLOSED 216 atls CLOSED

217 dbase CLOSED 218 mpp CLOSED 219 uarps CLOSED

220 imap3 CLOSED 221 fln-spx CLOSED 222 rsh-spx CLOSED

223 cdc CLOSED 243 sur-meas CLOSED 245 link CLOSED

246 dsp3270 CLOSED 344 pdap CLOSED 345 pawserv CLOSED

346 zserv CLOSED 347 fatserv CLOSED 348 csi-sgwp CLOSED

371 clearcase CLOSED 372 ulistserv CLOSED 373 legent-1 CLOSED

374 legent-2 CLOSED 375 hassle CLOSED 376 nip CLOSED

377 tnETOS CLOSED 378 dsETOS CLOSED 379 is99c CLOSED

380 is99s CLOSED 381 hp-collector CLOSED 382 hp-managed-node CLOSED

383 hp-alarm-mgr CLOSED 384 arns CLOSED 385 ibm-app CLOSED

386 asa CLOSED 387 aurp CLOSED 388 unidata-ldm CLOSED

389 ldap CLOSED 390 uis CLOSED 391 synotics-relay CLOSED

392 synotics-broker CLOSED 393 dis CLOSED 394 embl-ndt CLOSED

395 netcp CLOSED 396 netware-ip CLOSED 397 mptn CLOSED

398 kryptolan CLOSED 400 work-sol CLOSED 401 ups CLOSED

402 genie CLOSED 403 decap CLOSED 404 nced CLOSED

405 ncld CLOSED 406 imsp CLOSED 407 timbuktu CLOSED

408 prm-sm CLOSED 409 prm-nm CLOSED 410 decladebug CLOSED

411 rmt CLOSED 412 synoptics-trap CLOSED 413 smsp CLOSED

414 infoseek CLOSED 415 bnet CLOSED 416 silverplatter CLOSED

417 onmux CLOSED 418 hyper-g CLOSED 419 ariel1 CLOSED

420 smpte CLOSED 421 ariel2 CLOSED 422 ariel3 CLOSED

423 opc-job-start CLOSED 424 opc-job-track CLOSED 425 icad-el CLOSED

426 smartsdp CLOSED 427 svrloc CLOSED 428 ocs_cmu CLOSED

429 ocs_amu CLOSED 430 utmpsd CLOSED 431 utmpcd CLOSED

432 iasd CLOSED 433 nnsp CLOSED 434 mobileip-agent CLOSED

435 mobilip-mn CLOSED 436 dna-cml CLOSED 437 comscm CLOSED

438 dsfgw CLOSED 439 dasp CLOSED 440 sgcp CLOSED

441 decvms-sysmgt CLOSED 442 cvc_hostd CLOSED 443 https CLOSED

444 snpp CLOSED 445 microsoft-ds CLOSED 446 ddm-rdb CLOSED

447 ddm-dfm CLOSED 448 ddm-byte CLOSED 449 as-servermap CLOSED

450 tserver CLOSED 512 exec CLOSED 513 login CLOSED

514 cmd CLOSED 515 printer CLOSED 517 talk CLOSED

518 ntalk CLOSED 519 utime CLOSED 520 efs CLOSED

525 timed CLOSED 526 tempo CLOSED 530 courier CLOSED

531 conference CLOSED 532 netnews CLOSED 533 netwall CLOSED

539 apertus-ldp CLOSED 540 uucp CLOSED 541 uucp-rlogin CLOSED

543 klogin CLOSED 544 kshell CLOSED 550 new-rwho CLOSED

555 dsf CLOSED 556 remotefs CLOSED 560 rmonitor CLOSED

561 monitor CLOSED 562 chshell CLOSED 564 9pfs CLOSED

565 whoami CLOSED 570 meter CLOSED 571 meter CLOSED

600 ipcserver CLOSED 606 urm CLOSED 607 nqs CLOSED

608 sift-uft CLOSED 609 npmp-trap CLOSED 610 npmp-local CLOSED

611 npmp-gui CLOSED 634 ginad CLOSED 666 mdqs CLOSED

704 elcsd CLOSED 709 entrustmanager CLOSED 729 netviewdm1 CLOSED

730 netviewdm2 CLOSED 731 netviewdm3 CLOSED 741 netgw CLOSED

742 netrcs CLOSED 744 flexlm CLOSED 747 fujitsu-dev CLOSED

748 ris-cm CLOSED 749 kerberos-adm CLOSED 750 rfile CLOSED

751 pump CLOSED 752 qrh CLOSED 753 rrh CLOSED

754 tell CLOSED 758 nlogin CLOSED 759 con CLOSED

760 ns CLOSED 761 rxe CLOSED 762 quotad CLOSED

763 cycleserv CLOSED 764 omserv CLOSED 765 webster CLOSED

767 phonebook CLOSED 769 vid CLOSED 770 cadlock CLOSED

771 rtip CLOSED 772 cycleserv2 CLOSED 773 submit CLOSED

774 rpasswd CLOSED 775 entomb CLOSED 776 wpages CLOSED

780 wpgs CLOSED 786 concert CLOSED 800 mdbs_daemon CLOSED

801 device CLOSED 996 xtreelic CLOSED 997 maitrd CLOSED

998 busboy CLOSED 999 garcon CLOSED 1000 cadlock CLOSED

 

 

SCAN RESULTS:

Your system is secured. No open ports were found.

 

Yessssss. :D

 

@++++ PHoenix.

 

:hello: salut Boumhue. Je crois connaitre ton lien... :D >>Shield Up<<

Posté(e)

Bien en faite c'est tout à fait normal, messenger fait serveur et donc

écoute sur le port n°xxx si y a quelque chose pour lui.

 

Ton anti-virus peut aussi ouvrir des ports. Un serveur de jeux aussi.

Etc... Mais y a t'il un réel risque d'attaque par ces ports, je ne sais pas.

Je vois mal un messenger lancer un format c: de mon pc ou accepter

la réception d'un fichier sans en demander l'autorisation d'abord.

 

Enfin, si un réel risque existe bien faut plus utiliser messenger, ou tout log

qui fait serveur et qui ouvre des ports à tout le monde. Y a de quoi devenir parano. :(

 

@+++ Je continue les tests. ;)

Posté(e)

Tu ne peut pas le fermer à moin de bloquer messenger. S'il y a des failles de sécurité dans Messenger il faut encore un vrai hacker pour

savoir lesquelles exploiter. Encore faut t'il qu'il soit réellement intéressé par ton ip. :)

 

Question, sécurité tu as l'adsl non ? donc ip non statique. :??:

 

@+++ PHoenix. ;)

Posté(e)

Alors Rachel... je viens de re-faire le shields up avec msn ouvert ET ZA en mode minimum (pas de cadenas).. et je suis stealth partout... donc à mon avis c'est ta config qui est pas bonne, pas ZA :o

 

;)

 

de plus (dans les m conditions):

 

scan-1.gif

 

scan-2.gif

 

... :)23

Posté(e)

Regarde le site de boumhue les tests ont été mis au point par un expert,

je dirais même plus un génie en sécurité. :D

 

@+ PHoenix.

 

ps : long ce test :lol:

Posté(e)

Security Scan - PHASE 2 on xxxxxxxxxxxxx

 

SCAN RESULTS:

WARNING! The scan detected one or more open ports used by trojans. However, it may be possible that those ports are opened becouse of another application and not by a trojan. Please make sure that you know why is that port opened. If you are not sure, we recommend you to use a local antivirus program.

Click on a trojan name to view the details available for that trojan

 

Port 5000 OPENED. Known trojans using this port:

-----------------------------------------------------------------------------------

 

Le port 5000 est utilisé par messenger à l'écoute sur ce port. Ce n'est donc pas un trojan donc no stress. C'est normal. ;) Puis après fermeture de messenger phases 1 et 2 ok donc c'est bon.

 

En fait, c'est ce qu'ils expliquent plus haut. :)

 

@+ PHoenix. :D

Posté(e)

Ce que ne fais pas ce site c'est détecter quel trojan connu se cache derrière un port ouvert. Si y en a un.

 

Le site de ..BoumHue! je pense qu'il y a ce genre de check dans les tests de sécurité. :D

 

 

@+ PHoenix. :biere:

Posté(e)

j'ai fait le test sur le site de blackcode

 

et j'ai 3 port ouvert

 

 

Service: netbios-ssn

 

Service: microsoft-ds

 

Service: loc-srv

 

 

 

sachant que j'ai aucun forewall

le deuxieme c le dos, et le premier, une faille par laquelle entre les hackers pour pirater le syhsteme, la faille IPC; mais bon, ils hackent que qd il y a de la place de libre sur le DD (oui j'en connais :cool: :cool: )

Posté(e)

Salut

 

Faut pas oublier qu'un des test des firewalls consiste a voir la facilité a laquelle on peut les degager... et c'est un des gros point fable de ZA !

Et un firewall qu'on peut viré = pas de firewall alors...

 

@+

Posté(e)

Salut

 

Blackcode.com Phase 1 = 1 port ouvert : 80 www-http OPENED c'est encore heureux sinon comment je surf si www est fermé !

Phase 2 = Port 1025

 

@+

Posté(e)
Security Scan - PHASE 2 on xxxxxxxxxxxxx

 

SCAN RESULTS:

WARNING! The scan detected one or more open ports used by trojans. However, it may be possible that those ports are opened becouse of another application and not by a trojan. Please make sure that you know why is that port opened. If you are not sure, we recommend you to use a local antivirus program.

Click on a trojan name to view the details available for that trojan

 

Port 5000 OPENED. Known trojans using this port: 

-----------------------------------------------------------------------------------

 

Le port 5000 est utilisé par messenger à l'écoute sur ce port.  Ce n'est donc pas un trojan donc no stress.  C'est normal.  ;) Puis après fermeture de messenger phases 1 et 2 ok donc c'est bon.

 

En fait, c'est ce qu'ils expliquent plus haut.  :)

 

@+ PHoenix.  :D

 

Et bien non, le port 5000 n'est pas utilisé par Messenger mais par un service de microsoft, le site de diagnostique (shields up) explique tout ça et conseille d'utiliser un logiciel qui ferme ce port.

 

ZA ne ferme pas ce port, mais outpost le fait t'il ? A tester donc. :D

 

Puis à chacun de voir s'il est intéressent ou non de ferme ce port. ;)

 

Le meilleur site de diagnostique pour moi... Shields Up.

 

https://grc.com/x/ne.dll?bh0bkyd2

 

Voilà @+ PHoenix. :biere:

Posté(e)
Ah?

 

vais voir alors,mais pour le premier ils disent try it donc je pensais que :roll:

 

Oui ils proposent en DL la version gratuite, plus légère mais pas moin sécurisante et la version pro intéressante entre autre je crois pour partager des connections internet et avoir un support technique.

 

Oui la version free est très très bien mais je crois qu'il n'y a pas de doc livrée avec. Mais je connais un truc tout à fait légal. :D

 

@+ PHoenix.

 

:biere: :biere:

Posté(e)

Rachel,

 

Ce port 5000 reste ouvert si msn lancé aussi bien avec ZA qu'outpost.

 

Si ça se trouve c'est pas un problème. Je sais pas en faite. :) :??:

 

@+ PHoenix.

 

ps : moi je me tracasse pas pour ça. :D

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.


×
×
  • Créer...