January 11th, 2002, 01:22 AM
Ports & Windows
Within a Windows environment (98/Me/2000/XP), is there a command that can be run in the consol that can close open ports on my machine?
i.e. if I run netstat -a and see 4380 open and I'm not certain if it's legit - can I manually close that port from a command line?
January 11th, 2002, 01:44 AM
I'm not sure if there is or not but if you have a firewall it will tell you what ports and services are runing on your box.
January 11th, 2002, 03:00 AM
That's a very good question. I've never even thought about how to close ports manually. I've always used a handy little program called proport that monitors my ports and gives an option of closing them manually. If you're interested you can download it here...
I'd be very interested to see if you can close ports from a command prompt...
January 11th, 2002, 04:07 AM
I don't know of any way to accomplish what you are talking about - but if your not already, you should be running some sort of Firewall (either hardware or software). Something like Zone Alarm would do fine - that way, the firewall will bring to your attention any programs that are trying to access remote sites or gain access to your machine. Then you'll have the option of blocking that program. But like I said, I don't know of any way to 'manually' close those ports.
January 11th, 2002, 06:04 AM
AFAIK, no, there is not built-in commands or anything you can do, you have to write/get a program to do it for you, there aren't any Dos commands for it.
What you CAN do is shut down the running program that controls the port, then the port will close. But, if the program won't show up in the control-alt-delete list, then, again, you need a program to intercede for you.
[HvC]Terr: L33T Technical Proficiency
January 11th, 2002, 07:01 AM
In NT and 2000 there is a function called "IP security" settings (under TCP/IP settings) were you can allow or disallow ports..
This is a real basic packet filter, I have used it to lock down computers but always as a first defence and even if using this port blocking feature I would recomend a firewall.
XP has a simple firewall function aswell, still I would recomend to use better thirdparty softwares as ZA or other personal firewalls.
About to lock down ports manually from the command line!? Nope I have never heard or used such a command.. And it would maybe be a nice feature but I would still recomend a firewall and a good security policy to achive protection.
January 12th, 2002, 02:33 PM
In Win you cannot close the ports manually yiu have to use some program to close it like a firewall. You can use for example ZoneAlarm but i didnīt like it. If you want to prevent a enter in your computer yu can install BlackIce that show possible intrusion on your computer. To see what kind of ports you can put netstat -an to see what ports have you open. You can search in a seracher port-blocker for close your open ports. Bye
Hide your face forever
dream and search forever
night and night you feel nothing
there\'s no way outside of my land
Open your eyes, open your mind ...
January 14th, 2002, 08:56 PM
The key here is shutting down things you do not need. Just pressing ctrl+alt+delete will not do the trick, because services do not show up there. What you have to do is go to serices under the Administration tools menu or control panel (depending on the windows version) and stop any unnecessary services. If there is a service you need, like NetBIOS if you are doing file sharing on your LAN, then you must look at getting some kind of firewall.
January 18th, 2002, 06:20 AM
Another suggestion (assuming you have a multiple PC LAN setup) is to install a second NIC. That way you have one ethernet interface with your internal network for file/print sharing and the other one for the internet at large. Unbind everything from the NIC directly connected to your internet connection (ie, cable, dsl, etc...) except for TCP/IP. Of course, if you don't have multiple PCs using a single internet connection, nevermind....
...And naturally, always use a firewall.
\"Only two things are infinite, the universe and human stupidity, and I\'m not sure about the former.\" -- Albert Einstein
January 21st, 2002, 05:30 AM
HI. I am running win2k PRO, with Blackice server as my firewall, i have tryed a few ideas to try to close some of my open PORTS..... First i set the blackice firewall to "paranoid" to block all incomming connections, but when i run (cmd) "netstat -an" i keep getting ports "listening" and when i am using MORPHEUS people can still connect to download, (i know i can disable file sharing but im just testing the results) Second i tryed to use the IPFiltering feature in "PRO" and filtered all ports but "80" but then again i was still able to use 25 for my mail and 1214 for morpheus and ICQ port. Can anyone clear this issue for me