Help
I have been searching and reading all over the place. In tests I previously ran on Shields Up! I passed all with flying colors. I tested back in December when I purchased and installed AVG firewall (previously used Norton). I tested a few nights ago and discovered that ports 21, 22, 23 and 80 are now showing as open. What has caused this and how can I get these ports back to stealth mode? I have written to Grisoft but I am anxious to get information for a fix.
If anyone is so kind as to answer, please keep your answers in plain language because I am not a computer technician.
Thank you,
Nikilet
Page 1 of 1
Open Ports Some previously stealth ports now open
Back to top
#2
- Forum Addict
-
- Group: Banned
- Posts: 1,327
- Joined: 18-October 06
- Gender:Male
Posted 03 April 2007 - 01:31 AM
Read this thread, especially post no#4, and hopefully it'll fix you up.
Tor Question:
http://www.bleepingcomputer.com/forums/topic83994.html
I just now came from Shields Up!,,, and again, they're unable to even do a reverse DNS lookup for my ip address, which isn't my real ip address, which they say is a good thing, but I already know that.
When I clicked on the link for the Common Ports Probe.. my ip was changed again... because of what I use. It also showed that all ports are closed (all 26 of them).
I can take more tests, but from what I've been using, and the length of time too, I'm always testing, and always satisfied with my results.
You can secure all your ports if you use the right protection.
Below are actual quote that Shields up! had to report about my computer. Again, I can take all the tests, like I have before, and my computer passes every time.
Here is what I get when I click on the File Sharing link... and it showed a different ip address again.
Now that's what I'm talking about..... doing your best to be secure.
Tor Question:
http://www.bleepingcomputer.com/forums/topic83994.html
I just now came from Shields Up!,,, and again, they're unable to even do a reverse DNS lookup for my ip address, which isn't my real ip address, which they say is a good thing, but I already know that.
When I clicked on the link for the Common Ports Probe.. my ip was changed again... because of what I use. It also showed that all ports are closed (all 26 of them).
I can take more tests, but from what I've been using, and the length of time too, I'm always testing, and always satisfied with my results.
You can secure all your ports if you use the right protection.
Below are actual quote that Shields up! had to report about my computer. Again, I can take all the tests, like I have before, and my computer passes every time.
Here is what I get when I click on the File Sharing link... and it showed a different ip address again.
Quote
Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Quote
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
Now that's what I'm talking about..... doing your best to be secure.
This post has been edited by Walkman: 03 April 2007 - 01:45 AM
#3
- aut viam inveniam aut faciam
-
- Group: Members
- Posts: 3,516
- Joined: 14-November 06
- Gender:Male
- Location:Ossendrecht/The Netherlands
Posted 03 April 2007 - 02:12 AM
@ walkman and offtopic I really need to have a look at this tor thing.. 
Wikipedia on ports
IANA is responsible for assigning TCP and UDP port numbers to specific uses. The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic and/or Private Ports.
* The Well Known Ports are those in the range 0–1023. On Unix-like operating systems, opening a port in this range to receive incoming connections requires administrative privileges, although this all might change.[1]
* The Registered Ports are those in the range 1024–49151.
* The Dynamic and/or Private Ports are those in the range 49152–65535. These ports are not used by any defined application.
IANA does not enforce this; it is simply a set of recommended uses. Sometimes ports may be used for different applications or protocols than their official IANA designation. This misuse may, for example, be by a Trojan horse, or alternatively be by a commonly used program that didn't get an IANA registered port or port range.
The tables below indicate a status with the following colors and tags:]Wikipedia.org[/url]
Think you really don't have much to worry about, if you do the propper thing which is running anti virus test and anti spyware test on a regular basis. If you are in doubt you always can run any of the below online tests
In normal mode, run an online antivirus check from at least two and preferably three of the following sites
BitDefender
Computer Associates Online Virus Scan
Panda's ActiveScan
Trend Micro Housecall
Windows Live Safety Center Free Online Scan
This scanner from Trend does not require an Active X to run.
1. Detects and removes malware ( viruses, worms, trojans, etc. )
2. Detects and removes grayware and spyware
3. Restores damage caused by malware to your system.
4. Notifies about vulnerabilities in installed programs and connected network services.
5. Multi-platform support for: Windows, Linux, Solaris.
6. Easy-to-use with the Microsoft Internet Explorer and Mozilla Firefox.
I would suggest nr 1 & 4 to be absolutely sure
Wikipedia on ports
IANA is responsible for assigning TCP and UDP port numbers to specific uses. The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic and/or Private Ports.
* The Well Known Ports are those in the range 0–1023. On Unix-like operating systems, opening a port in this range to receive incoming connections requires administrative privileges, although this all might change.[1]
* The Registered Ports are those in the range 1024–49151.
* The Dynamic and/or Private Ports are those in the range 49152–65535. These ports are not used by any defined application.
IANA does not enforce this; it is simply a set of recommended uses. Sometimes ports may be used for different applications or protocols than their official IANA designation. This misuse may, for example, be by a Trojan horse, or alternatively be by a commonly used program that didn't get an IANA registered port or port range.
The tables below indicate a status with the following colors and tags:]Wikipedia.org[/url]
Think you really don't have much to worry about, if you do the propper thing which is running anti virus test and anti spyware test on a regular basis. If you are in doubt you always can run any of the below online tests
In normal mode, run an online antivirus check from at least two and preferably three of the following sites
BitDefender
Computer Associates Online Virus Scan
Panda's ActiveScan
Trend Micro Housecall
Windows Live Safety Center Free Online Scan
This scanner from Trend does not require an Active X to run.
1. Detects and removes malware ( viruses, worms, trojans, etc. )
2. Detects and removes grayware and spyware
3. Restores damage caused by malware to your system.
4. Notifies about vulnerabilities in installed programs and connected network services.
5. Multi-platform support for: Windows, Linux, Solaris.
6. Easy-to-use with the Microsoft Internet Explorer and Mozilla Firefox.
I would suggest nr 1 & 4 to be absolutely sure
This post has been edited by fozzie: 03 April 2007 - 02:13 AM
Free antivirus : AVG Free Free Anti-spyware AVG Anti Spyware
Free Firewall :Zone Alarm Ccleaner Ad aware & Manual
SpybotS&D&Manual Free Handy programs
#4
- New Member
-
- Group: Members
- Posts: 12
- Joined: 02-April 07
Posted 03 April 2007 - 02:12 AM
Walkman - Thanks for your answer.
It's 1 a.m. and I'm awfully tired so maybe I'm extra dumb right now, but I didn't find anything in the post you sent that struck me as providing an answer to my problem. Unless it was the statement about being able to secure your computer if you use the right protection and then giving a link that takes you to Sun.
I think I'll turn call it a day, but if you could clarify what I seem to be missing here I'd appreciate it.
Thanks,
Nikilet
It's 1 a.m. and I'm awfully tired so maybe I'm extra dumb right now, but I didn't find anything in the post you sent that struck me as providing an answer to my problem. Unless it was the statement about being able to secure your computer if you use the right protection and then giving a link that takes you to Sun.
I think I'll turn call it a day, but if you could clarify what I seem to be missing here I'd appreciate it.
Thanks,
Nikilet
#5
- New Member
-
- Group: Members
- Posts: 12
- Joined: 02-April 07
Posted 03 April 2007 - 07:38 PM
Thanks for your response. I was put onto Shields Up! through some forum or something, went there and thought it was pretty cool to be able to run those tests. I don't know why I never thought to Google "Internet security tests" and try testing somewhere else -- but I finally did that last night. I used a hacker scanner at Trend Micro and the results showed a big "Congratulations, Secure System! and then the following:
Open/Closed ports on your machine:
Open ports:
Closed ports:
Not responding ports: 500, 3128, 445, 443, 143, 5900-5910, 8080, 113, 54320, 12345, 8787, 139, 138, 53, 25, 23, 22, 79, 80, 137, 135, 119, 110, 21
Thanks again!
Nikilet
Open/Closed ports on your machine:
Open ports:
Closed ports:
Not responding ports: 500, 3128, 445, 443, 143, 5900-5910, 8080, 113, 54320, 12345, 8787, 139, 138, 53, 25, 23, 22, 79, 80, 137, 135, 119, 110, 21
Thanks again!
Nikilet
Share this topic:
Page 1 of 1