Solved

How to deal with open ports?

Posted on 2003-10-22
5
5,872 Views
Last Modified: 2013-12-04
This is not a specific case or emergency.

I would like to know how to close open ports, who has opened those ports and information about why those ports are open.
I know I have no trojans, virus, etc... but sometimes I find some open ports that I dont know which program did it.
Right now I've the 8086 port opened, and I still cant figure out why.

Is there any software, registry stuff or somewhere to check about all this, and close those ports?

I know everybody fix this kind of problem telling about to install a firewall, but I still feel curious about what my computer is doing and why.

Thanx.
0
Comment
Question by:tatoon
  • 3
5 Comments
 
LVL 3

Expert Comment

by:FlamingSword
ID: 9600231
Get ZoneAlarm, it is the easiest way to begin the path you have chosen.
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 9600276
Here's the free, non-trial version. Using downloads like this help you to decide which products to pay for, which improvements you want, and regtister for essential upgrades:
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp;jsessionid=1W4kdzT2kanaF4EUtIpCc5iBw54eK736HGq5pSPvCFVsryN8CA1V!-119358174!-1062696903!7551!7552!-1842707748!-1062696904!7551!7552?lid=home_zainfo
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 9600321
> everybody fix this kind of problem telling about to install a firewall, but I still feel curious about what my computer is doing and why.

It is hard to really find out why, no matter how experienced you are, or points that you have.

A point of clarification: ZoneAlarm does not just close port. It is a door, not a wall. So when a product tries to use a port, the first thing to do is make sure ZA not only tells you, but prompts you for permission. Such as, do you want to let Internet Explorer access the Experts-Exchange? (say 'yes', you like us)

So it does give you more information and control than a freeware would need to.
0
 
LVL 5

Accepted Solution

by:
juliancrawford earned 50 total points
ID: 9602422
If you want to close/block open ports then the best way to go about it is IPSECPOL.
This will block ports, IP addresses or subnets at the socket level layer so your firewall wont even see them knocking down the door.
Here is a link with the basic walkthrough to setup a IPSECPOL rule.
http://www.microsoft.com/serviceproviders/columns/using_ipsec.asp

As to why the ports are open, a very good tool is available  from www.foundstone.com - called Vision (freeware).
Vision will show what ports are open - what programs are opening these ports and what IP addresses are connecting to these open ports.
It will also allow you to terminate the connection - but its best used as an investigative tool.
Here is a link where you can obtain Vision from ..
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/vision.htm

:)
0
 
LVL 12

Expert Comment

by:gidds99
ID: 9611196
This will show you who/what is connected to that port:

http://www.sysinternals.com/ntw2k/source/tcpview.shtml

Its free and easy to use.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now