Yesterday I installed Sygate Personal Firewall (the free version). I allowed it to do a port scan and it told me that NetBios port 139 was open. Isn't it the job of a fire wall to close such a dangerous port? What good is a firewall if the only thing it can do is tell the user that he is vurnerable? It doesn't seem to me that this program is doing it's job.
I later scanned all my ports with Shields Up. Then I did a specific scan of port 139. Shields Up told me that all my ports, including port 139 were in "stealth" mode. How can Sygate tell me that port 139 is open and Shields Up tell me that that same port cannot be found?
Is Sygate simply a lousy program, or is there something I just don't understand?
Thanks jeane, but I think you misunderstood my post. I don't want to install another program to block port 139. I thought this was a function of the firewall.
Which is more likely wrong - Sygate or Shields Up?
Hi, I should have mentioned to read the whole link. Sygate tested behind the router and as you have a network port139 would be open (used for printer and file sharing). This is how it should be , Shields up tested in front of the router and shows port 139 stealthed this is how it should be.
If you test behind the router it's ok to have port 139 open, but I didn't think that was the case. When you press the Security Test button in Sygate it opens a browser window with http://scan.sygate.com/ which doesn't seem like a test behind the router.
Shahan, that depends on the protection of the PC behind the router. Normally the router itself would provide protection for the network behind it. But if the router has ports open, the PCs on the network depend on their own protection (which is generally not a good situation).
WOW! So many conflicting answers. Now I'm really confused.
I am inclined to agree with Niels. I do not think Sygate can probe the PC directly because the PC is behind the router. Either Sygate or Shields Up is returning false information.
Don't know if it makes a difference but when you do the scan at shields-up they remain on port 80, but the sygate scan changes their port to 443 which is used for https (I think).
Crunchie, I don't think that makes a difference. They're just sending the result of the scan using HTTPS.
Originally posted by rwinegar WOW! So many conflicting answers. Now I'm really confused.
Me too...
Have you repeated the scans to see if it's really a difference between the sites? Maybe something changed on the network between the scans.
Does your router have any ports forwarded to an IP address?
I repeated the scans several times with the same results. Negative on the router ports Niels.
I uninstalled Sygate. This single experience tells me that is a buggy program.
I found several websites in addition to Shields Up that will probe my ports and send me results. When I get home tonight I will run several of them. My money says that my ports, including port 139, will be in stelth. I will post results tomorrow.
Reply With Quote
