can this be done


Recommended Posts

I am considering getting rid of norton but before I do. I want to know how I can I close most of my ports without the use of a firewall. Could a script be made or something of that nature that would block all my ports but 5 or 7 which is all I want to be available at the most.

Link to comment
Share on other sites

ports are open if any services that use them are running.

if you want to close unneeded ports, stop those services/programs.

here is example of what my or any other XP system looks like running absolete minimum possible open ports(w/o using firewall)

and no folks, THIS IS NOT POST YOUR SECURITY SCAN TEST

post-32-1065839821.png

Link to comment
Share on other sites

hey that looks great to me but what do I know. Anyway how can I get my ports to have the same set up as yours what services do I need to close? How do I close the services? and how can I check to see if the are actually closed afterwards and periodically for taht matter.

thx for the wuick reply

Link to comment
Share on other sites

no, port scanner will show you what ports you have open, so you will know what to close..

if you want to, list ports you have open right now and we'll will tell you what to do to close them.

Link to comment
Share on other sites

ok I did the netstat -an

here it is:

Active Connections

Proto Local Address Foreign Address State

TCP 135 0.0.0.0:0 LISTENING

TCP 445 0.0.0.0:0 LISTENING

TCP 1025 0.0.0.0:0 LISTENING

TCP 1026 0.0.0.0:0 LISTENING

TCP 1214 0.0.0.0:0 LISTENING

TCP 3172 0.0.0.0:0 LISTENING

TCP 3372 0.0.0.0:0 LISTENING

TCP 3391 0.0.0.0:0 LISTENING

TCP 3621 0.0.0.0:0 LISTENING

TCP 3675 0.0.0.0:0 LISTENING

TCP 3686 0.0.0.0:0 LISTENING

TCP 4387 0.0.0.0:0 LISTENING

TCP 4474 0.0.0.0:0 LISTENING

TCP 4600 0.0.0.0:0 LISTENING

TCP 4943 0.0.0.0:0 LISTENING

TCP 4946 0.0.0.0:0 LISTENING

TCP 4948 0.0.0.0:0 LISTENING

TCP 4949 0.0.0.0:0 LISTENING

TCP 139 0.0.0.0:0 LISTENING

TCP 3372 216.74.135.172:1939 CLOSING

TCP 3391 64.15.245.14:1360 CLOSING

TCP 3621 128.242.106.66:80 CLOSE_WAIT

TCP 3675 207.46.106.61:1863 ESTABLISHED

TCP 4387 80.60.7.61:1214 ESTABLISHED

TCP 4474 213.65.121.171:1214 ESTABLISHED

TCP 4600 24.34.181.100:3707 ESTABLISHED

TCP 4911 64.15.245.14:1281 TIME_WAIT

TCP 4912 64.15.245.12:1480 TIME_WAIT

TCP 4920 216.74.135.167:1420 TIME_WAIT

TCP 4922 216.74.135.167:1415 TIME_WAIT

TCP 4925 216.74.135.169:1938 TIME_WAIT

TCP 4926 216.74.135.169:1717 TIME_WAIT

TCP 4928 216.74.135.169:1473 TIME_WAIT

TCP 4940 64.15.245.10:1803 TIME_WAIT

TCP 4941 80.60.7.61:1214 TIME_WAIT

TCP 4943 64.15.245.11:1633 LAST_ACK

TCP 4946 64.15.245.13:1498 SYN_SENT

TCP 4948 64.15.245.12:1649 ESTABLISHED

TCP 4949 216.74.135.164:1424 ESTABLISHED

TCP 11073 0.0.0.0:0 LISTENING

TCP 3001 0.0.0.0:0 LISTENING

TCP 3002 0.0.0.0:0 LISTENING

TCP 3003 0.0.0.0:0 LISTENING

TCP 3005 0.0.0.0:0 LISTENING

TCP 3171 0.0.0.0:0 LISTENING

TCP 3171 127.0.0.1:3172 ESTABLISHED

TCP 3172 127.0.0.1:3171 ESTABLISHED

UDP 445 *:*

UDP 500 *:*

UDP 1214 *:*

UDP 3004 *:*

UDP 3130 *:*

UDP 3282 *:*

UDP 3531 *:*

UDP 4894 *:*

UDP 137 *:*

UDP 138 *:*

UDP 14228 *:*

UDP 3009 *:*

UDP 3094 *:*

UDP 3572 *:*

UDP 3758 *:*

UDP 4586 *:*

UDP 4825 *:*

BXBOY is there a link that will tell me some more useful tricks like that last one.

Link to comment
Share on other sites

could some one tell me what to do about these prots I am trying to configure my ports so I only have 3 open like the post above by another member. Port list is above but I dont know how close these ports.

Link to comment
Share on other sites

I think the point that good ole Steve tries to make is that there are ports on a modern windows OS that you just cant close, and thats pretty dangerous..

While a closed port is good, it just tells the person scanning your machine that there is gonna be a port open somewhere, and all they have to do is find it.. Which is why to stealth em all cant hurt. Just makes it harder for them.

Course most of us dont have to put up with the same kind of attacks that GRC does :rofl:

Link to comment
Share on other sites

that's bull.

i can have every single port closed, they can scan me all they want and won't find anything.

having all ports closed or all ports "shealthed" is exactly same thing = your computer does not accept any incoming connections.

plus, open ports does not mean anything. if you have a port open it absolutly DOES NOT MEAN YOU'LL GET HACKED

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.