My desktop failed the grc TruStealth portscan test

If none of the more specific forums is the right place to ask

My desktop failed the grc TruStealth portscan test

Postby vryni » 2020-12-05 10:46

I installed nftables on my Debian desktop a few weeks ago
with a basic ruleset configuration, and tested it on
online port scan of the first 1056 ports for true stealth - which
passed with complete success

I repeated the test today
NO PORTS were found to be OPEN.
1054 Ports were found to be Stealth
Ports 1026, 1031 were found to be CLOSED - not stealth

Port 1026 page of's Port Authority Database
includes the following information :

Name: cap
Purpose: Calender Access Protocol
Microsoft operating systems tend to allocate one or more unsuspected, publicly exposed services (probably DCOM, but who knows) among the first handful of ports immediately above the end of the service port range (1024+).

Last week, i tried to download Windows 10 from Microsoft official website
for my daughter's laptop
(I had nothing to do with Microsoft windows for more than a decade)
and i went along with the download procedure.

What am i to conclude ?
Did Microsoft place some sort of malware on my desktop ?
How should i deal with this ?
Posts: 29
Joined: 2017-06-16 05:12

Re: My desktop failed the grc TruStealth portscan test

Postby Head_on_a_Stick » 2020-12-05 10:53

If your machine is accessing the internet through a router then the port scanner is returning results for your router because it uses NAT, which is a hardware firewall.

EDIT: you don't need a firewall on your desktop unless you're running any services that listen to the ports.

Check with
Code: Select all
# netstat -tlupn

^ If that doesn't show any services then you don't need a firewall.
Black Lives Matter

Debian buster-backports ISO image: for new hardware support
User avatar
Posts: 13041
Joined: 2014-06-01 17:46
Location: /dev/chair

Return to General Questions

Who is online

Users browsing this forum: No registered users and 13 guests