port vulnerability??
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: port vulnerability??

  1. #1
    Junior Member
    Join Date
    Aug 2002
    Posts
    2

    Question port vulnerability??

    i was not able to telnet to my isp shell account so i decided to shutdown my ZA firewall; once onto the shell account i monitored my listening ports and my netstat -an showed foreign IP port 80 was 'ESTABLISHED'; do i need to be concerned about this port vulnerability???

    (ps: when i went back into windows IE i re-opened the firewall ; after half an hour i was surprised to see another established IP connection port 80; so i am wondering why the firewall would not have caught this)

  2. #2

    dont trip...

    I dont think you have anything to worry about.. The connection was on port 80 (www) so most likely it was a webserver making a connection. Were you on the web during this "attack"? If so, you should have nothing to worry about. any other info on this would be appreciated.
    .::nataS is WaTchiNg::.

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    Um, I'm confused. . .telnet to your shell shouldn't be messed up by ZA, it should just ask if you want to allow it. . .port 80 is what IE is using so if you've got your browser open it is going to show a connection. . .the firewall wouldn't stop port80 connections if you have it set up to allow IE through. . .dunno if that answered anything but. . .
    Every now and then, one of you won't annoy me.

  4. #4
    Junior Member
    Join Date
    Aug 2002
    Posts
    2
    thanks bludgeon; i have added Telnet to program list in ZA

    var_x; if i see a telent (port 23) established connection should i disconnect modem immediately (thats what i did); i got worried,,,,,; also can i allow the netbios ports (137-139) to remain active LISTENING or would it be better to close them; thanks

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    Personally, I only allow traffic through my Firewall that I require, and limit it to source, destination and port number to the best of my ability (there are some instances where you cannot get this granular).

    I also think that it is a good idea to block all netBIOS traffic at your firewall, for you can pick up information about users if these ports are open, and if your machine is misconfigured, someone could even break you machine relatively easily.
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  6. #6
    Banned
    Join Date
    Nov 2001
    Posts
    43
    Port 80 is used for http, so firewalls dont block it. It could be an attack but probably isnt. I wouldnt worry about it if I were you.

  7. #7
    Member
    Join Date
    Apr 2002
    Posts
    97
    They are definitely right about port 80. It is your http port and it's the main port used to connect to the internet. I'm guessing the reason it was established during your telnet to your ISP is because you probably had to telnet through port 80 to connect to your ISP instead of the usual port 21. Port 80 security issues aren't very common against computers not hosting a webserver. I hope this helps you out.
    The radiance of ignorace in a world of nothingness and all of this time your pestilence has created nothing but uselessness

  8. #8
    walter99 -- I hope you see this or something. You would most likely want to close netbios ports. ( unless you need file and print sharing ) if someone connects through telnet port 23, get their ip, check logs, etc... and notify authorities or something. Check the net for security updates on your OS and firewall as well as checking for exploits/vulns available for hackers to use with your $hit . Oh yea... change your password as well. just to be sure ( never know what "friends" are using your box when you're not looking ).
    .::nataS is WaTchiNg::.

  9. #9
    Junior Member
    Join Date
    Jul 2002
    Posts
    9

    Question Commonly open port list?

    Where could I find a list of the most commonly used ports? I'm mainly curious about stuff like http, https, smtp, tcp/ip, and udp. Thanks in advance!

    v_squared_over_r

  10. #10
    Banned
    Join Date
    Oct 2001
    Posts
    1,463
    Its probably a web spider, or just some person scanning for web servers =)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •