[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to identify inbound traffic for Windows 7 and block ports as nessecary.

Posted on 2016-09-05
7
Medium Priority
?
155 Views
Last Modified: 2016-11-23
Greetings,

I'm running Windows 7 on an Acer laptop.  I'm trying to become knowledgeable of network security.  In the process I downloaded CurrPorts to identify and kill 'Unknown' connections.  Long story short, CurrPorts is about good for nothing in this regard.  Each and every attempt to kill a connection fails with a line that says I must be running it as Administrator when I am running as Administrator.

At anyone time I can have 30+ 'Unknown' connections.  This is frustrating.  Yes, I do get the IP or domain name and see who the connection is from.  Yes, many are from Google or AOL etc but many are not.  I find some connections are from all over the world and have nothing to do with what I'm using the browser for.

How can a manage these connections better?  How can I reduce the amount of unknown connections?  For instance, if I'm using Google or AOL or G mail, these are the only unknowns I want connecting to my computer.

I did use Windows Firewall with Advanced Security to set a few rules but these rules appear to be good for nothing seeing how there are so many potential Unknown connections.

Thanks for the help!
0
Comment
Question by:John500
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 98

Expert Comment

by:John Hurst
ID: 41785121
You need a Packet Sniffer for this:

I use Comm View (Tamosoft) but Wire Shark also works.

Comm View will show you the ports uses with the IP address.
0
 

Author Comment

by:John500
ID: 41785152
Thank you Mr. Hurst.

I'm guessing both of these are free-ware?  Back in 2006 (my last IT days) a sniffer was in the thousands of dollars.

Given they are free, would you be so kind as to provide what you call a 'safe' download site/link.  Sometimes 90 % of the battle in obtaining good free ware is getting it from a site that doesn't find a means to installing a Trojan.

Thank you!
0
 
LVL 98

Accepted Solution

by:
John Hurst earned 1600 total points
ID: 41785155
Wire Shark has a small support charge but I think you can use it for free.

Comm View is truly better, not free, comes with support and I have been using it for about 2 decades.

Wire Shark can be had safely from here:  https://www.wireshark.org/

Comm View and everything else Tamos can be had safely from here: http://www.tamos.com/

By the way, a good study of networking security is not likely to be free.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 88

Assisted Solution

by:rindi
rindi earned 400 total points
ID: 41785163
If you want to run a program as Administrator, you need to right click on it and select "Run as Administrator". UAC will then pop up and ask you to enter the admin's credentials.

And make sure you never log on to Windows with an account that has admin rights. Only use standard user accounts. If anything needs admin rights UAC will come up. Just make sure there is an admin account. But never use that directly.
0
 

Author Closing Comment

by:John500
ID: 41785178
Thanks guys!!
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 41785186
You are very welcome and good luck with Network Security.
0
 
LVL 27

Expert Comment

by:tliotta
ID: 41899942
For instance, if I'm using Google or AOL or G mail, these are the only unknowns I want connecting to my computer.
Can you post a useful sample of the "unknown" connections? Using any of those three is likely to give a fair number of "unknown" connections in order for them to work well (or perhaps at all).

Also, are you asking about any connections or only in-bound? Also, what router/modem equipment is under your control?
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question