?
Solved

How to identify inbound traffic for Windows 7 and block ports as nessecary.

Posted on 2016-09-05
7
Medium Priority
?
139 Views
Last Modified: 2016-11-23
Greetings,

I'm running Windows 7 on an Acer laptop.  I'm trying to become knowledgeable of network security.  In the process I downloaded CurrPorts to identify and kill 'Unknown' connections.  Long story short, CurrPorts is about good for nothing in this regard.  Each and every attempt to kill a connection fails with a line that says I must be running it as Administrator when I am running as Administrator.

At anyone time I can have 30+ 'Unknown' connections.  This is frustrating.  Yes, I do get the IP or domain name and see who the connection is from.  Yes, many are from Google or AOL etc but many are not.  I find some connections are from all over the world and have nothing to do with what I'm using the browser for.

How can a manage these connections better?  How can I reduce the amount of unknown connections?  For instance, if I'm using Google or AOL or G mail, these are the only unknowns I want connecting to my computer.

I did use Windows Firewall with Advanced Security to set a few rules but these rules appear to be good for nothing seeing how there are so many potential Unknown connections.

Thanks for the help!
0
Comment
Question by:John500
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 97

Expert Comment

by:Experienced Member
ID: 41785121
You need a Packet Sniffer for this:

I use Comm View (Tamosoft) but Wire Shark also works.

Comm View will show you the ports uses with the IP address.
0
 

Author Comment

by:John500
ID: 41785152
Thank you Mr. Hurst.

I'm guessing both of these are free-ware?  Back in 2006 (my last IT days) a sniffer was in the thousands of dollars.

Given they are free, would you be so kind as to provide what you call a 'safe' download site/link.  Sometimes 90 % of the battle in obtaining good free ware is getting it from a site that doesn't find a means to installing a Trojan.

Thank you!
0
 
LVL 97

Accepted Solution

by:
Experienced Member earned 1600 total points
ID: 41785155
Wire Shark has a small support charge but I think you can use it for free.

Comm View is truly better, not free, comes with support and I have been using it for about 2 decades.

Wire Shark can be had safely from here:  https://www.wireshark.org/

Comm View and everything else Tamos can be had safely from here: http://www.tamos.com/

By the way, a good study of networking security is not likely to be free.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 88

Assisted Solution

by:rindi
rindi earned 400 total points
ID: 41785163
If you want to run a program as Administrator, you need to right click on it and select "Run as Administrator". UAC will then pop up and ask you to enter the admin's credentials.

And make sure you never log on to Windows with an account that has admin rights. Only use standard user accounts. If anything needs admin rights UAC will come up. Just make sure there is an admin account. But never use that directly.
0
 

Author Closing Comment

by:John500
ID: 41785178
Thanks guys!!
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 41785186
You are very welcome and good luck with Network Security.
0
 
LVL 27

Expert Comment

by:tliotta
ID: 41899942
For instance, if I'm using Google or AOL or G mail, these are the only unknowns I want connecting to my computer.
Can you post a useful sample of the "unknown" connections? Using any of those three is likely to give a fair number of "unknown" connections in order for them to work well (or perhaps at all).

Also, are you asking about any connections or only in-bound? Also, what router/modem equipment is under your control?
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
Suggested Courses
Course of the Month15 days, 11 hours left to enroll

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question