Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hacking The Hackers !


  • Please log in to reply
8 replies to this topic

#1 newdadolddad

newdadolddad

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 15 October 2005 - 08:53 PM

Hello everybody,



I'm pretty new to computers. I mean there is a lot to know. I bought an
emachine last year and did not spend a lot because I knew that I would mess
it up some how. Thank goodness it came with a backup restore disk! I have
used this disk over fifteen times in a year. Why? well let's say that I don't like
bundled spyware, from anyone. even if it is from Microsoft. It all started with
me un-installing messenger, ICQ, AOL, Norton Anti-virus ect.... all of these services
(in my opinion,) spy on you, or me as it were.

Key-loggers, cookies, and third parties oh my!! I just want to use the
internet and be anonymous. I use Zone Alarm and it works well. I am having
trouble turning off the ping feature. In ZA you can disable being pinged.
More to the point you can block incoming ping. I have done this and then
went to a website called Shields up (www.grc.com) to check my firewall and
overall internet signature, and I am still answering this ping?

So, now I am trying to learn how to close my open ports. I downloaded
a nice little utility called x-Netstat that adds a GUI to the netstat feature that
you can use in DOS. Does anyone have any advice about open Ports or
at least identifying high risk ports? thanks for the time !!

BC AdBot (Login to Remove)

 


#2 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:08:15 AM

Posted 17 October 2005 - 08:39 AM

A comprehensive list of port-numbers can be found here.

Thanks go out to Animal for that link.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#3 newdadolddad

newdadolddad
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 17 October 2005 - 05:07 PM

Awesome site much thanks to "Animal."

Does anyone know how to block a port or kill an open one?

#4 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:08:15 AM

Posted 17 October 2005 - 05:50 PM

I use a router with an NAT firewall, or a hardware firewall. But the free firewall apps like Kerio, ZoneAlarm or Sygate all block your ports, except for those you allow to be open.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#5 newdadolddad

newdadolddad
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 21 October 2005 - 11:21 PM

I use a router with an NAT firewall, or a hardware firewall. But the free firewall apps like Kerio, ZoneAlarm or Sygate all block your ports, except for those you allow to be open.




Leurgy,

I bought Zone Alarm Pro and chose to disable the ability of my computer
to answer a Ping. Does not work. I went to GRC.com which is a website called " Shields up."
They test your firewall protection. It says that my Computer is returning an answer to
being pinged. I don't know what I am doing wrong?

#6 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:08:15 AM

Posted 22 October 2005 - 04:54 AM

Quite frankly neither do I. Those packets should be dropped.

If you have a paid subscription perhaps check with their support people.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:15 AM

Posted 03 December 2005 - 12:18 AM

I'm not sure if this is the same product you've tried, so here it is.

Fport: Foundstone's enhanced netstat
fport reports all open TCP/IP and UDP ports on the machine you run it on and shows what application opened each port. So it can be used to quickly identify unknown open ports and their associated applications. It only runs on Windows, but many UNIX systems now provided this information via netstat (try 'netstat -pan' on Linux). Here is a PDF-Format SANS article on using Fport and analyzing the results.

Fport

http://www.foundstone.com/index.htm?subnav...ddesc/fport.htm


the SANS article

http://www.giac.org/practical/gsec/Teena_Henson_GSEC.pdf
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Mr Alpha

Mr Alpha

  • Members
  • 1,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:04:15 PM

Posted 03 December 2005 - 07:17 AM

Yuor router or modem could be answering the ping, some do.
"Anyone who cannot form a community with others, or who does not need to because he is self-sufficient [...] is either a beast or a god." Aristotle
Intel Core 2 Quad | XFX 780i SLI | 8GB Corsair | Gigabyte GeForce 8800GTX | Auzentech X-Fi Prelude| Logitech G15 | Logitech MX Revolution | LG Flatron L2000C | Logitech Z-5500 Digital

#9 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:07:15 AM

Posted 03 December 2005 - 10:03 AM

netstat isn't really a "user friendly" application, so I wouldn't recommend using it. It's a good way to confuse yourself more.

It's been awhile since I have used Zone Alarm, but when you first installed it, you should have gotten a series of pop-ups from time to time asking you if you wanted toallow certain rocesses to access the Internet. You should have denied everything, except your web browser. My guess is that it asked about an application that you didn't recognize, and since you didn't know what it was, you allowed it. That happens all of the time.. the companies don't provide a list of what is needed, so poeple allow everything, and thus defeats the purpose of te firewall.

Somewhere in the config, there should be a means of listing all of the applications that are allowed to access the Internet. Remove everything from that list, and start over. Allow only your browser through.. that will be easy enough to recognize. Block everything else. See if you can still access the Internet. You should be able to. Then you may have to decide what other applications need acess. If you have auto-updates on, you will have to allow that through. If you are unsure about an application, make note of the file name, block it, then google for the filename. There are a ton of databases that will tell you what a file is. If you still don't know, ask.

Some troubleshooting issues that may make your life easier (I apologize if they seem too elementary, some people overlook the obvious). If everything stops working, there is an option in zone alarm to disable it (or it may be called "allow all"). Disable it, and you should be able to get back on the net and seek help. If that doesn't work, then uninstall the firewall from the add/remove prgrams, and start all over. Firewalls are not really hard to set up once you have the proper information. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users