phase1 Posted October 11, 2003 Share Posted October 11, 2003 I am considering getting rid of norton but before I do. I want to know how I can I close most of my ports without the use of a firewall. Could a script be made or something of that nature that would block all my ports but 5 or 7 which is all I want to be available at the most. Link to comment Share on other sites More sharing options...
MxxCon Posted October 11, 2003 Share Posted October 11, 2003 ports are open if any services that use them are running. if you want to close unneeded ports, stop those services/programs. here is example of what my or any other XP system looks like running absolete minimum possible open ports(w/o using firewall) and no folks, THIS IS NOT POST YOUR SECURITY SCAN TEST Link to comment Share on other sites More sharing options...
phase1 Posted October 11, 2003 Author Share Posted October 11, 2003 hey that looks great to me but what do I know. Anyway how can I get my ports to have the same set up as yours what services do I need to close? How do I close the services? and how can I check to see if the are actually closed afterwards and periodically for taht matter. thx for the wuick reply Link to comment Share on other sites More sharing options...
MxxCon Posted October 11, 2003 Share Posted October 11, 2003 get any port scanner and scan your own internet ip. here's a good one to use http://www.foundstone.com/resources/prodde.../superscan4.htm 135, 445 and 1025 are the only ports that should be open Link to comment Share on other sites More sharing options...
phase1 Posted October 11, 2003 Author Share Posted October 11, 2003 sorry maybe I wasnt clear how do I close the ports will the port scanner allow me to do this? Link to comment Share on other sites More sharing options...
MxxCon Posted October 11, 2003 Share Posted October 11, 2003 no, port scanner will show you what ports you have open, so you will know what to close.. if you want to, list ports you have open right now and we'll will tell you what to do to close them. Link to comment Share on other sites More sharing options...
phase1 Posted October 11, 2003 Author Share Posted October 11, 2003 Im not sure how to scan with this program. What do I do? And can this war be used to scan another individual that might have scaned my ports. thx for the help Link to comment Share on other sites More sharing options...
BxBoy Posted October 11, 2003 Share Posted October 11, 2003 a simple netstat -an should give you plenty of info Link to comment Share on other sites More sharing options...
phase1 Posted October 11, 2003 Author Share Posted October 11, 2003 ok I did the netstat -an here it is: Active Connections Proto Local Address Foreign Address State TCP 135 0.0.0.0:0 LISTENING TCP 445 0.0.0.0:0 LISTENING TCP 1025 0.0.0.0:0 LISTENING TCP 1026 0.0.0.0:0 LISTENING TCP 1214 0.0.0.0:0 LISTENING TCP 3172 0.0.0.0:0 LISTENING TCP 3372 0.0.0.0:0 LISTENING TCP 3391 0.0.0.0:0 LISTENING TCP 3621 0.0.0.0:0 LISTENING TCP 3675 0.0.0.0:0 LISTENING TCP 3686 0.0.0.0:0 LISTENING TCP 4387 0.0.0.0:0 LISTENING TCP 4474 0.0.0.0:0 LISTENING TCP 4600 0.0.0.0:0 LISTENING TCP 4943 0.0.0.0:0 LISTENING TCP 4946 0.0.0.0:0 LISTENING TCP 4948 0.0.0.0:0 LISTENING TCP 4949 0.0.0.0:0 LISTENING TCP 139 0.0.0.0:0 LISTENING TCP 3372 216.74.135.172:1939 CLOSING TCP 3391 64.15.245.14:1360 CLOSING TCP 3621 128.242.106.66:80 CLOSE_WAIT TCP 3675 207.46.106.61:1863 ESTABLISHED TCP 4387 80.60.7.61:1214 ESTABLISHED TCP 4474 213.65.121.171:1214 ESTABLISHED TCP 4600 24.34.181.100:3707 ESTABLISHED TCP 4911 64.15.245.14:1281 TIME_WAIT TCP 4912 64.15.245.12:1480 TIME_WAIT TCP 4920 216.74.135.167:1420 TIME_WAIT TCP 4922 216.74.135.167:1415 TIME_WAIT TCP 4925 216.74.135.169:1938 TIME_WAIT TCP 4926 216.74.135.169:1717 TIME_WAIT TCP 4928 216.74.135.169:1473 TIME_WAIT TCP 4940 64.15.245.10:1803 TIME_WAIT TCP 4941 80.60.7.61:1214 TIME_WAIT TCP 4943 64.15.245.11:1633 LAST_ACK TCP 4946 64.15.245.13:1498 SYN_SENT TCP 4948 64.15.245.12:1649 ESTABLISHED TCP 4949 216.74.135.164:1424 ESTABLISHED TCP 11073 0.0.0.0:0 LISTENING TCP 3001 0.0.0.0:0 LISTENING TCP 3002 0.0.0.0:0 LISTENING TCP 3003 0.0.0.0:0 LISTENING TCP 3005 0.0.0.0:0 LISTENING TCP 3171 0.0.0.0:0 LISTENING TCP 3171 127.0.0.1:3172 ESTABLISHED TCP 3172 127.0.0.1:3171 ESTABLISHED UDP 445 *:* UDP 500 *:* UDP 1214 *:* UDP 3004 *:* UDP 3130 *:* UDP 3282 *:* UDP 3531 *:* UDP 4894 *:* UDP 137 *:* UDP 138 *:* UDP 14228 *:* UDP 3009 *:* UDP 3094 *:* UDP 3572 *:* UDP 3758 *:* UDP 4586 *:* UDP 4825 *:* BXBOY is there a link that will tell me some more useful tricks like that last one. Link to comment Share on other sites More sharing options...
phase1 Posted October 11, 2003 Author Share Posted October 11, 2003 could some one tell me what to do about these prots I am trying to configure my ports so I only have 3 open like the post above by another member. Port list is above but I dont know how close these ports. Link to comment Share on other sites More sharing options...
mtrftw Posted October 12, 2003 Share Posted October 12, 2003 a stealth result is better than a closed result, however, take a look @ http://www.iana.org/assignments/port-numbers to see what ports are what. Link to comment Share on other sites More sharing options...
MxxCon Posted October 12, 2003 Share Posted October 12, 2003 no, stealth result is not better. it's bull**** that GRC is spreading. if your post is closed, your port is closed! weather is "stealth" or closed it makes absolutly no difference. Link to comment Share on other sites More sharing options...
~Bull}{Dog~ Posted October 12, 2003 Share Posted October 12, 2003 I think the point that good ole Steve tries to make is that there are ports on a modern windows OS that you just cant close, and thats pretty dangerous.. While a closed port is good, it just tells the person scanning your machine that there is gonna be a port open somewhere, and all they have to do is find it.. Which is why to stealth em all cant hurt. Just makes it harder for them. Course most of us dont have to put up with the same kind of attacks that GRC does :rofl: Link to comment Share on other sites More sharing options...
MxxCon Posted October 14, 2003 Share Posted October 14, 2003 that's bull. i can have every single port closed, they can scan me all they want and won't find anything. having all ports closed or all ports "shealthed" is exactly same thing = your computer does not accept any incoming connections. plus, open ports does not mean anything. if you have a port open it absolutly DOES NOT MEAN YOU'LL GET HACKED Link to comment Share on other sites More sharing options...
OSUKid7 Posted October 14, 2003 Share Posted October 14, 2003 no, but you can't be hacked if your ports are closed Link to comment Share on other sites More sharing options...
SunnyB Posted October 14, 2003 Share Posted October 14, 2003 This site addresses the ports that are opened by different services and how to disable the service and close the open ports. http://www.hsc.fr/ressources/breves/min_sr...res_win.en.html I used this information and have no open ports. Link to comment Share on other sites More sharing options...
Recommended Posts