Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Listening Ports


  • Please log in to reply
8 replies to this topic

#1 digicrow

digicrow

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 07 December 2006 - 03:48 PM

I very recently had a Trend pop up window come up that said there was suspicion with a listening port, unidentified by the software. I have never seen this before so am wondering what this is about. I know that there are hackers that use a computers ports and can gain access that way to a computer. That is all I know.

The reason I didn't pay a lot of attention at the time is because I was re setting my wireless (Belkin Pre N) router and Comcast Modem at the same time. However, I also realized after a time that I should at least ask some experts if I should pay attention and what should I do to confirm that I may or may not have a problem.
It's been about 4 days since the warning. I know little about this particular problem.

I am running Windows MCE on Sony Vaio w/ Intel dual core processor and 1 GB ram. the wireless is a Belkin Pre N with a comcast cable Modem. Any help would be appreciated. I will gladly answer any other questions that need to be for further diagnosis as I am sure that I haven't provided all the info necessary.

BC AdBot (Login to Remove)

 


#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:05:26 PM

Posted 08 December 2006 - 04:10 AM

Did it see which port? You might be vulnarable to attacks when one of your ports is open and certainly unwantingly. Check here to find out which port is opened. At the same time go thru these steps depending on the outcome of your tests

#3 digicrow

digicrow
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 09 December 2006 - 05:56 PM

First, I ran the port test as you suggested. Second, I have no idea how to interpret the results. Not at all familiar with the jargon. Of the three tests run the bottom one said something about a problem. I can't be any more specific than that. Perhaps you can fill me in on what I am looking at? Something about stealth, I am fire walled (Trend and Microsoft) and a group of all green cubes in a large block. If you want help with photography I have 40 years experience. I have no experience with ports; could use a bit more clarification. Thanks.

If you want an HJT log I can provide. Would rather see what this test was about first. Thanks.

#4 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:05:26 PM

Posted 09 December 2006 - 09:11 PM

Go back to shields up and klick on common ports and all service ports please let me know whether you passed the test. If not let us know

#5 digicrow

digicrow
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 09 December 2006 - 10:16 PM

Service ports :GRC Port Authority Report created on UTC: 2006-12-10 at 03:10:44

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

Common Ports :GRC Port Authority Report created on UTC: 2006-12-10 at 03:12:19

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.
These are the test summaries. Is this what you needed?

#6 digicrow

digicrow
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 10 December 2006 - 02:08 PM

I caught the connection to my computer today. It is called "Majestic". Does this ring any bells?

MAC Address: 00:0d:88:89:fd:38

I entered this in the address bar and it came up as: "00.com".

Edited by digicrow, 10 December 2006 - 02:33 PM.


#7 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:26 AM

Posted 10 December 2006 - 02:52 PM

By any chance do you have a copy of the Electronic Arts ARG game Titled "Majestic" installed or was it ever installed on this machine?

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#8 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:05:26 PM

Posted 10 December 2006 - 03:10 PM

Are you behind a router? In that case you have to configure the firewall which is i the router. Have you made a advanced rule to allow a incoming ICMP type 8 and a outgoing ICMP type 0?

#9 digicrow

digicrow
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 10 December 2006 - 09:37 PM

No, to the game.
Yes, I am behind a router. Belkin Pre N wireless. No, I do not know how to configure the 8's and 0's. Any help would be appreciated. I am blocking this spy with Trend. But, that's a stop gap until I figure out what to do with your help. Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users