Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Port Scan


  • Please log in to reply
9 replies to this topic

#1 DogSoldier

DogSoldier

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 30 January 2006 - 12:17 PM

so shields up says my pc is completely stealth.


ran the stealth scan at http://scan.sygatetech.com/ it says port 22,23 and 80 are "open"

A friend who does IT for a local community college ran 3 scans and found nothing.

Thoughts?

BC AdBot (Login to Remove)

 


m

#2 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:20 PM

Posted 30 January 2006 - 08:21 PM

I use Sygate Personal Firewall and here are my results as of this post:

Sygate Stealth Scan: 22,23, 80 are "blocked."
ShieldsUp! common ports probe: 22,23,80 are in "stealth" mode.

What firewall are you using?
Theoretically, there should be no discrepancy between the two scans.

Regards,
John

Edited by jgweed, 30 January 2006 - 08:22 PM.

Whereof one cannot speak, thereof one should be silent.

#3 DogSoldier

DogSoldier
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 30 January 2006 - 08:55 PM

pc cillin 2005 is the firewall, i am also using spybot, webroot spysweeper, ms antispyware, avg, avast, and ad-aware and spycop for keyloggers.

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:20 PM

Posted 31 January 2006 - 04:40 AM

Hi DogSoldier

Are you using the Trend Micro Pc-cillin 2005 internet security suite? Or just the firewall? If you are using the suite then it will install an anti-virus for you. I see that you also have AVG running and Avast; having two or three AV's running at the same time is a bad idea . I could be wrong and you are using just 1 firewall (pc-cillin) but you have both AVG and avast installed; i'd check it out if i were you as if you do have two or three AV's running then it will slow your computer down to a standstill!

That probably sounds a bit confusing, but let me know the status of your AV's. I'll see what jgweed says as his opinion may differ, but i thought i would throw in my 2cents.

David

Edited by D-Trojanator, 31 January 2006 - 04:45 AM.


#5 DogSoldier

DogSoldier
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 31 January 2006 - 06:04 AM

i am using the pc-cillin 2006 security suite. I have removed AVG and Avast. They were installed AFTER I got the open port reading from sygate. I ran Port Checker last night and the three ports in question were blocked.

this is very confusing but thanks so much for your help

#6 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:01:20 PM

Posted 31 January 2006 - 09:35 AM

Does your computer connect straight to the internet or through
a router?

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#7 DogSoldier

DogSoldier
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 31 January 2006 - 09:53 AM

Netgear WGU 624 is the router.

#8 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:01:20 PM

Posted 31 January 2006 - 08:35 PM

Then you are actually port scanning the router.
Most all routers use SPI (stateful packet inspection) as a
firewall.
Check the router config and make sure these ports are not being forwarded.
Even if they are being forwarded to a non-existent IP on the network
they will still show open.

A friend who does IT for a local community college ran 3 scans and found nothing.

If your friend used 'nmap' to scan your IP and it came up clean then you're good.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#9 DogSoldier

DogSoldier
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 01 February 2006 - 04:59 AM

he didnt use namp.

he used:

http://www.gfi.com/pricing/pricelist.aspx?product=LANSS

#10 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:01:20 PM

Posted 02 February 2006 - 09:25 AM

LanGuard is a very excellent scanner

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users