Feeds

Win-XP firewall defeats Gibson NanoProbes

How can the bad kiddies find you if Steve can't?

  • alert
  • submit to reddit

Internet Security Threat Report 2014

A reader recently told me that the default settings on his Win-XP Pro firewall made him invisible on the Net, at least according to Steve Gibson's ShieldsUp security diagnostic tool. But this isn't what Gibberson is worried about. As we know, he's terrified that Harry Homeowner users will be Trojanized six ways to Sunday by malicious teenagers bent on using their raw sockets to destroy the Internet.

So I installed the XP Home Edition last night and enabled the firewall with default settings only. Then I took a little trip over to GRC and submitted myself to an onslaught of Steve's unimaginably sophisticated NanoProbe Technology.

I could almost feel the Ninja-like power of Steve's NanoProbes assaulting my machine like a million tiny 'vibrating palms'.

And I was shocked, shocked, I tell you, to find that ShieldsUp gave my now explosively deadly Windows box a perfect, 'full stealth' score. This new weapon of mass destruction which I'm typing on is absolutely invisible.

"For all intents and purposes your computer doesn't exist to scanners on the Internet!" Steve explains.

God, what a relief.

So of course, if Steve's 101% pure assembly language scanning engine can't find my machine on the Net, there's absolutely no possibility that some malicious kiddie could do so. And of course, to commandeer an XP box for destructive purposes, the kiddies have to feed the victim a Trojan, or find the machine with a scanning utility.

A really good attack will defeat anything; but Steve's concern, endlessly repeated, is clueless Windows users who don't even know what a firewall is, and who fall victim to the simplest tricks. Now they've got a firewall. It could be better (no outbound filtering), but it will greatly reduce the number of clueless Web surfers getting r00t3d by lame IRC kiddiots.

And, as Steve says, XP boxes 'don't exist' on the Net. Thus the scanning route to destruction is off now -- unless, of course, Steve's ShieldsUp system is just some lame prop he uses to mystify the masses and propagate his bogus legend of technical superiority.

If ShieldsUP is a crap toy, and XP really is a weapon broadcasting its deadly raw sockets to the dark side, then Steve is a fraud. But if the XP firewall really offers 'full stealth' right out of the box, then Steve is a fraud.

So which is it? ®

The Proof

ShieldsUp step one
ShieldsUp step two

Choosing a cloud hosting partner with confidence

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.