Solved

Open Ports.

Posted on 2001-07-23
10
479 Views
Last Modified: 2010-04-11
I want to know how would I be able to close open ports on my computer.
I performed a port scan of my pc, and found serveral open and unidentified ports. And am interested in closing some of them.

Also, is there a site that I could go look at a listing for all ports and see what uses what port?
I know of the services file in Windows, but as you all know it only lists registered ports.

I once heard of a site that gave you a comprehensive list of most of the TCP and UDP ports.

0
Comment
Question by:Protorian
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 2

Expert Comment

by:scott_renton
Comment Utility
The first step to closing a port, is to find out what opened it in the first place.  For instance, if you're running a web server, you're going to listen for requests on port 80, or 443 (for ssl communications).  SMTP servers will listen on port 25 for incoming connections, POP connections on 110.

http://www.iana.org/assignments/port-numbers

This is a list of well-known ports & their use.  Start here, compare your ports to this list, then find the programs that are running & listening on those ports, and stop them.
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
also check out www.grc.com
shields up
and check out Zonealarm at www.zonealarm.com (free personal firewall, software)
for best results get a hardware firewall solution
0
 

Author Comment

by:Protorian
Comment Utility
I have installed a firewall.
And have ran the sheilds up test.

I want to know how to close the open ports.
The ports are still open.
Even though they are behind the zonealarm. I did a port scan from the same computer, and saw that the ports are still open.


Is this such a hard question?
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
What ports are open? some need to be open like 80
scan your machine for viruses/trojans, as they may have opened these other ports for you
also unbind netbeui form you dialup adapter (or NIC if using dsl/cable)
disable file and printer sharing, and remove all un-needed protocols
0
 
LVL 3

Expert Comment

by:Bruce_R
Comment Utility
you already mentioned grc.com , there's a good tutorial on there at

http://grc.com/su-bondage.htm

0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:Protorian
Comment Utility
Ok,
Let me put it like this.
The computer in question is a server. It does nothing but run a web server, ftp server and a web based email server.

Therefore I need to have ports 80, 21, 20, 8080, 43 and 8383 open.

The computer was hit by more than one trojan virii and we have gotten rid of the virii but some of the ports are still open.

0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
For a web server I strongly suggest a hardware firewall solution.
0
 
LVL 5

Accepted Solution

by:
Droby10 earned 75 total points
Comment Utility
once again, i'll recommend foundstone's fport utility.

http://www.foundstone.com/rdlabs/tools.php?category=Forensic

it will tell you what executable or library is bound to what port...then you can make an assessment as to whether it's detrimental or not, or malicious or not.  
0
 

Author Comment

by:Protorian
Comment Utility
Thank you a million..
I was able to analyze my problem and solve it.
Thankx
0
 
LVL 5

Expert Comment

by:Droby10
Comment Utility
anytime.  glad you were able to resolve the issue.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Article by: IanTh
Hi Guys After a whole weekend getting wake on lan over the internet working, I thought I would share the experience. Your firewall has to have a port forward for port 9 udp to your local broadcast x.x.x.255 but if that doesnt work, do it to a …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now