is there a software port scanner that says open or closed or stealth?

is there a port scanner that says open/closed/stealth?

I know stealth isn't any better than closed. However, the reason why I
ask about one is because , for my LAN, suppose I have a comp on whome
I want to know if it's running a firewall.

There's an easy to check that works for comps on my LAN - it works
easily on my LAN 'cos it's not going through a router.


The windows firewall, and other software firewalls like sygate or
norton, stealth ports. And they tend to do so to all ports except ones
specified.


If I scan a comp and see a port e.g. 451 is CLOSED that indicates to
me that no software firewall is running. If I scan it and it says
STEALTH, then it indicates that it is.

This is useful.. Because for troubleshooting, sometimes, I wonder if a
comp is running a firewall.

e.g. I've had a comp that couldn't access the internet.. As far as
I knew it didn't have a firewall. It turned out that a broken software
firewall was stopping it. One that hadn't uninstalled properly


Another example. I had a laptop, I couldn't ping it for some
reason.
I didn't think it likely that it was running a firewall. But I was
aware that a firewall often blocks ping. I couldn't see one, and pre
sp2 there's no firewall icon. Turned out that win xp , pre xp2, has a
firewall - ICF. I wasn't aware of that. If I could have tested to see
if it had a firewall it'd have been quicker. A way to test would've
been to see if ports wre stealthed.


Up until now, I have tested this by opening some port on my router,
then scanning that port with an online port scanner, like GRC. But my
beloved current router, as nice as it is, working beautifully. It has
a nasty non-geeky user interface, and I really can't stand doing any
port forwarding on it. I'd much rather just test it from one comp on
my LAN, to another. Then I don't have to touch the router.

The online port scanners say open or closed or stealth. I'm wondering
if a software one does.


TIA

Re: is there a software port scanner that says open or closed or stealth?

jameshanley39@yahoo.co.uk wrote:
> is there a port scanner that says open/closed/stealth?

Most port scanners (nmap being the most prominent example) correctly
report ports as either open, closed or filtered. There's no such thing
as "stealth".

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: is there a software port scanner that says open or closed orstealth?

Ansgar -59cobalt- Wiechers wrote:

> jameshanley39@yahoo.co.uk wrote:
>> is there a port scanner that says open/closed/stealth?
>
> Most port scanners (nmap being the most prominent example) correctly
> report ports as either open, closed or filtered. There's no such thing
> as "stealth".

Sadly most port scanners, including some based on Nmap, have bad frontends
that are either broken (thus reporting stuff that has never been measures by
the backend, or belongs to a different session) or spill the reports
(including a mapping of words (open,closed)->"open, insecure, bad", closed
-> "stealth, secure, good" as well as bad filtering and transformation).

So better use Nmap directly or some known good frontend (like
).

Re: is there a software port scanner that says open or closed or stealth?

On 22 Jun, 23:37, Ansgar -59cobalt- Wiechers
wrote:
> jameshanle...@yahoo.co.uk wrote:
> > is there a port scanner that says open/closed/stealth?
>
> Most port scanners (nmap being the most prominent example) correctly
> report ports as either open, closed or filtered. There's no such thing
> as "stealth".
>
> cu
> 59cobalt


thanks, that does work nicely.