I've worked on Unix systems for a great deal of time and feel comfortable securing them. When I first heard of Shields Up, I thought I had run into a comprehensive security analysis. What I got, though, was little more than a port scan, which even the web site denounces as useless.

Sure, it'll tell you if your NetBIOS is open and which of the ports under #1024 is open and listening. But is that everything? I think not. Exploits come in many different shapes are forms, and this security analysis really focuses on a few.

You can achieve the same results of this test by running a port scan on your system. One good program that does this is Necrosoft's NScan. Try http://nscan.hypermart.net. It'll tell you the same thing that you'll get from Shields Up.

What you really should do is try a security or exploit scanner like Nmap. While this program only runs on Unix/Linux based systems, it will give you what Shields Up will, but also give you a general idea as to the feasilbility of an attack on the system. Nmap can be found at http://www.insecure.org/nmap/. It's free too, btw.

Steve Gibson misses the point with Shields Up, and he compounds his error by not mentioning Unix security, which would give more information on how people attack systems [hackers tend to prefer Linux, so its a good idea to understand security from their side too]. Furthermore, he advises using firewall as a general solution (ok, I've seen the ZoneAlarm link on his site one too many times). Even Kevin Mitnick, an US government wanted and arrested hacker has said that firewalls are just the lowest level of defense. Further steps, such as patching, are required to secure a system. Lets just leave Gibson with his internet port scan and use more reliable tools such as Nmap.

Recommended: No