- Status
Deep
Version 2.0
mariner said:
atually this test will work properly only if you ave Public IP, i.e. with IPs other than 172.16.x.x, 10.x.x.x,172.168.x.x
anyways to cross check these ports... do this..
in IE write this
For Port 80: *127.0.0.1/
For Port 21: ftp://127.0.0.1
for Port 23
Start - Run - Telnet
in the new window write o 127.0.0.1 it should not show
"Connecting To 127.0.0.1...Could not open connection to the host, on port 23: Connect failed"
if it shows above message then it means you dont have port 23 open..
and for port 80 it should say page cannot be found or something..
21 should say something like unable to connect..
lemme know what happens after u do above things..
Deep
rock_ya_baby
Broken In
mariner said:
You can easily do that using a firewall..
If you dont have / want to use it then you can try > portblocker
Just run it, it automatically blocks the ports that u've mentioned (by default)
Hey i am using sygate (v 5.5, build 2156) with the latest updates and avg. If you keep updating your firewall just like ur antivirus it will work much better. By the way zonealarm is crap as the free edition takes too much system resources and has a very childish and non-geeky interface. if you can pay Rs.1500 mcafee is great. norton is not bad as well but just too expensive.
OP
mariner
Ambassador of Buzz
ok guys i got the following from symantec today
How to close ports that should not be open
Situation:
You ran Symantec Security Check or a similar type of security scanning tool and the results indicate that certain "well known" ports are open. "Well known" ports can include any port from 0 to 1023, but the most commonly used ports are 23, 25, 80, and 110.
Solution:
"Well-known" ports are generally reserved for services such as email, Web services, Internet protocols, and so forth. If a security scanner indicates that some of these ports are open and you are not running services related to those ports, then an unknown process - like a Trojan - may be running on your computer.
To correct this situation, run the current version of an antivirus program to detect and eliminate the Trojan, and then install Norton Internet Security or Personal Firewall and re-scan your computer to confirm that the suspect port is now closed.
The following table identifies ports that should not be open unless you are running services (servers) relating to them. If any of these ports are reported as being open, then a component of a service or server may be running on your computer. An example of a service or server component running on your computer is INETINFO.EXE from Microsoft. This component is used to run the Personal Web Server feature of Windows.
Port Service Type of Server Description
23 Telnet telnet server allows another computer to log into yours
25 SMTP mail server email protocol that sends mail out
80 HTTP web server web protocol
110 POP mail server email protocol that receives mail
To determine if INETINFO.EXE is running on your computer, follow one of these procedures:
Windows 95/98/ME/XP
Click Start then Run.
Type MSCONFIG in Open box.
Click OK or press the Enter key. The System Configuration Utility screen will appear.
Select the Startup tab.
See if INETINFO.EXE is running. If you do not need this feature running, uncheck the box then click OK. Reboot your computer and run Symantec Security Check again.
Windows NT/2000
Open the Task Manager by right clicking the Task Bar.
Select Task Manager.
Click the Processes tab.
See if INETINFO.EXE is running. If you do not need this feature running, you must remove the Internet Information Services (IIS) feature from the Add/Remove Windows Components in the Control Panel.
going to try out the same and will post results
How to close ports that should not be open
Situation:
You ran Symantec Security Check or a similar type of security scanning tool and the results indicate that certain "well known" ports are open. "Well known" ports can include any port from 0 to 1023, but the most commonly used ports are 23, 25, 80, and 110.
Solution:
"Well-known" ports are generally reserved for services such as email, Web services, Internet protocols, and so forth. If a security scanner indicates that some of these ports are open and you are not running services related to those ports, then an unknown process - like a Trojan - may be running on your computer.
To correct this situation, run the current version of an antivirus program to detect and eliminate the Trojan, and then install Norton Internet Security or Personal Firewall and re-scan your computer to confirm that the suspect port is now closed.
The following table identifies ports that should not be open unless you are running services (servers) relating to them. If any of these ports are reported as being open, then a component of a service or server may be running on your computer. An example of a service or server component running on your computer is INETINFO.EXE from Microsoft. This component is used to run the Personal Web Server feature of Windows.
Port Service Type of Server Description
23 Telnet telnet server allows another computer to log into yours
25 SMTP mail server email protocol that sends mail out
80 HTTP web server web protocol
110 POP mail server email protocol that receives mail
To determine if INETINFO.EXE is running on your computer, follow one of these procedures:
Windows 95/98/ME/XP
Click Start then Run.
Type MSCONFIG in Open box.
Click OK or press the Enter key. The System Configuration Utility screen will appear.
Select the Startup tab.
See if INETINFO.EXE is running. If you do not need this feature running, uncheck the box then click OK. Reboot your computer and run Symantec Security Check again.
Windows NT/2000
Open the Task Manager by right clicking the Task Bar.
Select Task Manager.
Click the Processes tab.
See if INETINFO.EXE is running. If you do not need this feature running, you must remove the Internet Information Services (IIS) feature from the Add/Remove Windows Components in the Control Panel.
going to try out the same and will post results
OP
mariner
Ambassador of Buzz
ok deep i did what u said and got the following results
port 80 : cannot be found
port 21 : windows cannot access this folder.make sure u have typed the file name correctly and u have the permission to access this folder
details: a connection with the server cannot be established
port 23 :connecting to 127.0.0.1....cud not open connection to the host,on port 23 connect failed.
ok so tell me
1.does it mean that my pc is safe ?
2.and if it so than why do symantec and shields up tell me that my pc is at
gr8 risk?
port 80 : cannot be found
port 21 : windows cannot access this folder.make sure u have typed the file name correctly and u have the permission to access this folder
details: a connection with the server cannot be established
port 23 :connecting to 127.0.0.1....cud not open connection to the host,on port 23 connect failed.
ok so tell me
1.does it mean that my pc is safe ?
2.and if it so than why do symantec and shields up tell me that my pc is at
gr8 risk?
Deep
Version 2.0
mariner said:
it means that these ports are already blocked on ur machine..
the reason why norton showing those ports open coz it was checking the IP address of your ISP not yours..
you must have having IP address with 172.16.xx or 10.x.xx.xx or 192.168.xx.xx
to cross check it
start - run - command - write ipconfig
it should show ur ip address
and then go to www.whatismyip.com
it should show the IP address of your ISP..if both are same then you have public IP and otherwise your IP address is private..
about ur 2nd question...
answer is in my above explanation...it's chekcing ur ISP's IP address..no need to worry..install firewall like Norton Internet Security or any other u prefer..shall solve your problem
Deep
OP
mariner
Ambassador of Buzz
pk deep thanks a ton for ur help.my ip does start with 192.xxx.......
so if my isp's ip is being checked and the ports r found open then
will it effect my pc ?
i think i will stick to sygate PF for some time and change to another
when i upgrade in early next yr.
many thanx
so if my isp's ip is being checked and the ports r found open then
will it effect my pc ?
i think i will stick to sygate PF for some time and change to another
when i upgrade in early next yr.
many thanx
pantheratigris
Broken In
Norton Internet Security
bhalchandra
Broken In
hey man if u r going for zone alarm then make sure u have 512 MB of memory because pc will die on 128 mb as it very much resorce hungry
Otherwise go for mcafee personel firewall
njoy...............
Otherwise go for mcafee personel firewall
njoy...............
Deep
Version 2.0
anishcool said:
actually u really cant block all the ports...coz some services require certain ports to be opened...
so no need to worry about the ports unless you find something suspicious things going on..
for better security..check ur machine in every 15 days with Ad-Aware and may be virus scan once a month..
Regards
Deep
- Status