FireWall and GRC port scan

[cutback]

Hello
Absolutely reeking fresh newbie to this
Sick of M$
Testing various Linux distros and found PCBSD: LOVE IT

STill getting to grips with various aspects of both Linux and PCBSD after many years of Windoze

I thought the FWall would by default block ports: scanned at GRC
http://www.grc.com/default.htm
"shields up' and found Port 22 ssh remote login = open
Also 139, 179, and 445: stealthed but not closed.

Currently running the VMWare file in licensed version of workstation on Windows hosts: which could be it, I have enough trouble following FW set-ups without involving VMs.

If I ran the PCBSD as primary system, would I have any ports open?
Exactly what is protecting my system if I am in a VM on the web: the VM FW or the system FW?

Any advice.

Sorry if this is a dumb question.
While I hang around here a bit more, Ill try and keep quiet while absorbing.
Regards.

[Galactic Dominator]

I was going to write a post with my feeling on Steve Gibson, however I found someone has already done it fairly well.

Steve Gibson = grc.com = Gibson research

Quote:

No, geoboy, Steve Gibson is not an idiot. It's too easy to state that. His idiocy has gone to the point where I no longer think he's an idiot, but that he has a deliberate agenda. Probably to sell his crap. Steve Gibson is a paranoid alarmist wacko, and you really should take anything he says with a heaping mound of salt. The funny thing about Steve is that he takes the littlest tiniest thing, which is in fact not a threat, and creates an elaborate contrived fantasy world where this tiny thing has the most dire consequences imaginable. The fact that it's complete nonsensical bullshit he just dismisses without even arguing about it. His website and the software he's created is a stunning testament to his paranoid delusions. He has all this software on there, most of it hand coded in freakin' assembler because he doesn't trust compilers or some damned loony shit, and he makes these huge pages describing why he coded it, using hand written (and UGLY) html, with all these freakin' weird color schemes and boxes full of quotes and such, like he's trying to convince even himself that he's not completely insane. The most hilarious part is that nearly all of his software is completely and totally useless. SpinRite, for example, DOESN'T WORK. It doesn't do a damned thing. At most, at absolute most, it spins your drive for a while and moves the head around a bunch. In certain cases, it can damage the data on the drive by reopening known bad sectors. But in absolutely no case will it fix a drive. In absolutely no case will it make a drive last longer or anything like that. It's complete hokus pokus BS. ShieldsUp goes to all this trouble to do a network scan of your machine, and gives this bogus "stealth" mode back, never actually mentioning that a status of "closed" is just as secure. Yeah, so they know you're there. BFD, if it's closed, then it's CLOSED. No connections allowed. That's what CLOSED means! The rest of his site is similar. He creates a utility to turn of UPnP, as if simply turning it off in the UPnP config didn't work. It does, BTW, and that's all his utility actually does. Only it takes him 22k of hand coded machine language to do it. Not only that, but UPnP is not even a security risk anymore. The patch was out for it within weeks of XP's release. And UPnP is incredibly useful for anybody using a NAT router (most people with broadband, I suspect). So it's worse than worthless. The bottom line is that people who actually know how this stuff works tend to ignore Steve Gibson. Because he's a nut.

You can find the original here.

http://digg.com/security/Steve_Gibson_T ... e_Internet

Actually, I think I would have been quite a harder on him. He is a total crackpot loon who makes money by instilling fear in the consumer where there is little to no cause for the fear.

Quote:

If I ran the PCBSD as primary system, would I have any ports open?

Depends on your setup....usually I have at least port 22 open.

Quote:

Exactly what is protecting my system if I am in a VM on the web: the VM FW or the system FW?

VM FW

Quote:

"shields up' and found Port 22 ssh remote login = open

My advice is as you get more used to *nix you'll come to appreciate ssh and live with being open. Just watch for for CERTS on it and an update when needed....not very often relatively speaking. Course, you could run it on different port, but at the end of the day security through obscurity never works.

Quote:

Also 139, 179, and 445: stealthed but not closed.

So what? I'd only start to worry about that if you were running SAMBA and if so adjust your FW accordingly.

[sblevin]

Mr Gibsons site http://www.grc.com/default.htm

HEHEHEHEHE! Don't read it - just look at it and you'll see it's not a informational site ... it's a RANSOM NOTE!!! :)

[cutback]

ROFL

Heh: I remeber well the SteveGibson "help the sky is falling" shite.

I recall Stevie actually saved the world.

:roll:
http://www.radsoft.net/resources/rants/ ... 4,00.shtml

the great grcsucks.com has gone, shame.

Thanks for replies.
Just interested in the port scans
If you dont mind dealing with newbs I'll hang around.

regards.