Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: How do i block these ports?

  1. #11
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Originally posted here by Elliente
    I just recently ran netstat, and here it is:

    TCP 24.156.105.52:139 0.0.0.0:0 LISTENING
    TCP 24.156.105.52:1185 63.108.181.201:80 TIME_WAIT
    TCP 24.156.105.52:1186 168.143.179.189:80 ESTABLISHED
    TCP 24.156.105.52:1187 63.108.181.201:80 TIME_WAIT
    TCP 24.156.105.52:1195 63.108.181.204:80 CLOSE_WAIT
    TCP 24.156.105.52:1196 63.108.181.204:80 CLOSE_WAIT
    TCP 24.156.105.52:9533 0.0.0.0:0 LISTENING

    here is what i got when I scanned remotely:


    TCP: 24.156.105.52 [135-epmap]
    TCP: 24.156.105.52 [139-netbios-ssn]
    TCP: 24.156.105.52 [1025-blackjack]
    TCP: 24.156.105.52 [5000-commplex-main]
    TCP: 24.156.105.52 [9533]

    9533 appears to be open in both cases, along with 139
    port 139 is a NETBIOS session service, couldn't find what 9533 is used for.

    before this i re-installed zone alarm and disabled the Win XP (non)-firewall.

    Thanks for giving us your IP

  2. #12
    seriously...

    shouldnt give out ips and (especially what ports are open). The kiddiots will have a field day with this...

    9533 is prolly some trojan.
    freedom is a road seldom traveled by the multitude

    freedom aint free

  3. #13
    On your ZA try going to the firewall section and go to advanced, try checking enable ARP protection, Allow uncommon protocols at High Security, and the one on top of the second one. If your on a network, check the enable gateway protection.
    The least security someone could have is an anti-virus because thats where some hacks first occur, with the victims computer infected. Id get your computer scanned at Trend Micro and get an Anti Virus. I barely noticed the fact of the netstat results you put. Id get a DNS form of IP if you have broadband. Be careful when you post next time.

  4. #14
    Junior Member
    Join Date
    Jun 2002
    Posts
    24
    Wow, I guess that wasn't a very smart thing to do eh? Giving my IP address out I mean...LOL
    Oh well, What I have running now is working great; McAfee and Sygate personal firewall; I recently ran some netstats and port scans, and everything is fine now! Come to think of it, Before my IP address changed a few days ago, I did notice a few more scans than normal!
    Anyway, there are currently no open ports on my system! thanks for the input!

    I guess I shouldn't give out my new IP eh!
    ----------------------------------------------------------------
    \"First you get the sugar, then you get the power, then you get the women\"
    ----------------------------------------------------------------

  5. #15
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    if u r looking for a good firewall i would personally recommend agnitum outpost
    heres the url if u r interested in it i find that it is better than zonealrm and sygatet
    http://www.agnitum.com
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  6. #16

    Unhappy

    I agree wholeheartedly with iNViCTuS and bombayofpigs. You really shouldn't post IP info with open ports while admitting you can't find the log files for your IDS. Next time you should x out the address like this.

    TCP xx.xxx.xxx.xx:1185 xx.xxx.xxx.xxx:80 TIME_WAIT

    You should leave the port numbers so we can have some idea about what is running, misconfigured, etc.

    I know it's a pain in the ass, but there are somethings you shouldn't post in a public forum.
    A great oak is the end result of a nut who stood his ground.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •