Hello everybody,
I'm pretty new to computers. I mean there is a lot to know. I bought an
emachine last year and did not spend a lot because I knew that I would mess
it up some how. Thank goodness it came with a backup restore disk! I have
used this disk over fifteen times in a year. Why? well let's say that I don't like
bundled spyware, from anyone. even if it is from Microsoft. It all started with
me un-installing messenger, ICQ, AOL, Norton Anti-virus ect.... all of these services
(in my opinion,) spy on you, or me as it were.
Key-loggers, cookies, and third parties oh my!! I just want to use the
internet and be anonymous. I use Zone Alarm and it works well. I am having
trouble turning off the ping feature. In ZA you can disable being pinged.
More to the point you can block incoming ping. I have done this and then
went to a website called Shields up (www.grc.com) to check my firewall and
overall internet signature, and I am still answering this ping?
So, now I am trying to learn how to close my open ports. I downloaded
a nice little utility called x-Netstat that adds a GUI to the netstat feature that
you can use in DOS. Does anyone have any advice about open Ports or
at least identifying high risk ports? thanks for the time !!
Full Version: Hacking The Hackers !
Awesome site much thanks to "Animal."
Does anyone know how to block a port or kill an open one?
Does anyone know how to block a port or kill an open one?
I use a router with an NAT firewall, or a hardware firewall. But the free firewall apps like Kerio, ZoneAlarm or Sygate all block your ports, except for those you allow to be open.
QUOTE(Leurgy @ Oct 17 2005, 05:50 PM) 
I use a router with an NAT firewall, or a hardware firewall. But the free firewall apps like Kerio, ZoneAlarm or Sygate all block your ports, except for those you allow to be open.
Leurgy,
I bought Zone Alarm Pro and chose to disable the ability of my computer
to answer a Ping. Does not work. I went to GRC.com which is a website called " Shields up."
They test your firewall protection. It says that my Computer is returning an answer to
being pinged. I don't know what I am doing wrong?
Quite frankly neither do I. Those packets should be dropped.
If you have a paid subscription perhaps check with their support people.
If you have a paid subscription perhaps check with their support people.
I'm not sure if this is the same product you've tried, so here it is.
Fport: Foundstone's enhanced netstat
fport reports all open TCP/IP and UDP ports on the machine you run it on and shows what application opened each port. So it can be used to quickly identify unknown open ports and their associated applications. It only runs on Windows, but many UNIX systems now provided this information via netstat (try 'netstat -pan' on Linux). Here is a PDF-Format SANS article on using Fport and analyzing the results.
Fport
http://www.foundstone.com/index.htm?subnav...ddesc/fport.htm
the SANS article
http://www.giac.org/practical/gsec/Teena_Henson_GSEC.pdf
Fport: Foundstone's enhanced netstat
fport reports all open TCP/IP and UDP ports on the machine you run it on and shows what application opened each port. So it can be used to quickly identify unknown open ports and their associated applications. It only runs on Windows, but many UNIX systems now provided this information via netstat (try 'netstat -pan' on Linux). Here is a PDF-Format SANS article on using Fport and analyzing the results.
Fport
http://www.foundstone.com/index.htm?subnav...ddesc/fport.htm
the SANS article
http://www.giac.org/practical/gsec/Teena_Henson_GSEC.pdf
Yuor router or modem could be answering the ping, some do.
netstat isn't really a "user friendly" application, so I wouldn't recommend using it. It's a good way to confuse yourself more.
It's been awhile since I have used Zone Alarm, but when you first installed it, you should have gotten a series of pop-ups from time to time asking you if you wanted toallow certain rocesses to access the Internet. You should have denied everything, except your web browser. My guess is that it asked about an application that you didn't recognize, and since you didn't know what it was, you allowed it. That happens all of the time.. the companies don't provide a list of what is needed, so poeple allow everything, and thus defeats the purpose of te firewall.
Somewhere in the config, there should be a means of listing all of the applications that are allowed to access the Internet. Remove everything from that list, and start over. Allow only your browser through.. that will be easy enough to recognize. Block everything else. See if you can still access the Internet. You should be able to. Then you may have to decide what other applications need acess. If you have auto-updates on, you will have to allow that through. If you are unsure about an application, make note of the file name, block it, then google for the filename. There are a ton of databases that will tell you what a file is. If you still don't know, ask.
Some troubleshooting issues that may make your life easier (I apologize if they seem too elementary, some people overlook the obvious). If everything stops working, there is an option in zone alarm to disable it (or it may be called "allow all"). Disable it, and you should be able to get back on the net and seek help. If that doesn't work, then uninstall the firewall from the add/remove prgrams, and start all over. Firewalls are not really hard to set up once you have the proper information.
It's been awhile since I have used Zone Alarm, but when you first installed it, you should have gotten a series of pop-ups from time to time asking you if you wanted toallow certain rocesses to access the Internet. You should have denied everything, except your web browser. My guess is that it asked about an application that you didn't recognize, and since you didn't know what it was, you allowed it. That happens all of the time.. the companies don't provide a list of what is needed, so poeple allow everything, and thus defeats the purpose of te firewall.
Somewhere in the config, there should be a means of listing all of the applications that are allowed to access the Internet. Remove everything from that list, and start over. Allow only your browser through.. that will be easy enough to recognize. Block everything else. See if you can still access the Internet. You should be able to. Then you may have to decide what other applications need acess. If you have auto-updates on, you will have to allow that through. If you are unsure about an application, make note of the file name, block it, then google for the filename. There are a ton of databases that will tell you what a file is. If you still don't know, ask.
Some troubleshooting issues that may make your life easier (I apologize if they seem too elementary, some people overlook the obvious). If everything stops working, there is an option in zone alarm to disable it (or it may be called "allow all"). Disable it, and you should be able to get back on the net and seek help. If that doesn't work, then uninstall the firewall from the add/remove prgrams, and start all over. Firewalls are not really hard to set up once you have the proper information.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.