Need help with Tcp/udp ports in win2kpro
Results 1 to 10 of 10

Thread: Need help with Tcp/udp ports in win2kpro

  1. #1
    Junior Member
    Join Date
    Jun 2003
    Posts
    14

    Question Need help with Tcp/udp ports in win2kpro

    I wanna be able to close or open any ports in my win2kpro OS.

  2. #2
    Member
    Join Date
    Aug 2002
    Posts
    38
    Hiii,
    Im no expert but wouldnt that involve starting and stopping services on your system? And closing them would also involve getting a Firewall of some sort!!!

    For Instance if you want port 21 Run a FTP server on your machine. OPEN PORT 21
    or maybe Closing port 139 Disabling file and print sharing.

    You getting the idea? Or am i off on your question!

    Tasha

  3. #3
    Senior Member n01100110's Avatar
    Join Date
    Jan 2002
    Posts
    349
    Yea , Basically what Natasha said. But if you want a glimpse of what services are currently running on your box , go to dos and type 'netstat -a' without the quotes and it should list all open ports running. But definetely disable file and print sharing like Natasha said. Also run some firewall like zone alarm. Other than that you should be ok.
    www.zonelabs.com
    "Serenity is not the absence of conflict, but the ability to cope with it."

  4. #4
    Junior Member
    Join Date
    Jul 2003
    Posts
    6
    If you want a port open, as in being a server who is waiting for incoming connections, you must run some type of server service (referred to as a daemon on unix).

    Running IIS will automatically make your machine listen on port 21 for FTP and port 80 for HTTP.

    As for turning a port off, usually this is done on a firewall. The firewall can be on a router, a stand alone dvice on the network, or a personal firewall on your desktop. I have used F-Secure Personal Firewall before and you can tell it to deny connections on any given port. It will pop up a windows and tell you who is trying to enter and what port they are entering on, but to them they just never get to make the connection and don't know you're receiving this additional information. Not rocket science, but pretty slick and useful.

    Another cool tool that listens and notifies, but does not actually block, is Attacker from Foundstone. It's free. You tell it what pots to listen on and when it detects a portscan, it will alert you. Really nice!!

  5. #5
    Junior Member
    Join Date
    Jun 2003
    Posts
    14

    Smile Thanks...but..

    Thanks for trying to help me out!
    I tried to do that but it didnt seem to work??where did i go wrong??

  6. #6
    Member
    Join Date
    Jan 2002
    Posts
    82
    As for turning a port off, usually this is done on a firewall. The firewall can be on a router, a stand alone dvice on the network, or a personal firewall on your desktop. I have used F-Secure Personal Firewall before and you can tell it to deny connections on any given port. It will pop up a windows and tell you who is trying to enter and what port they are entering on, but to them they just never get to make the connection and don't know you're receiving this additional information. Not rocket science, but pretty slick and useful.
    Just wanted to to add that a firewall does not close a port, it blocks any requests on that port. If you want to turn off the port, you have to close the daemon (service) running on that port.

    Download Antiyports.exe this will map your open ports with the .exe opening them.

    Hope this helps!

  7. #7
    Senior Member
    Join Date
    Mar 2002
    Posts
    442
    Another possibility is to get a router that has a built in NAT firewall. These are becoming very common and popular these days, and a 4-port ethernet router can be purchased for under 50$. Hardware firewalls are much more superior to software files in many ways, they don't 'freeze up', the firm ware is usually more secure, it doesn't require system cpu cycles or system memory, and it is usually faster as well. A NAT firewall will deny any incoming requests that were not preceded by an outgoing request. What this basically means is, if your computer did not ask for the information in the first place, NAT will deny it, and your computer will never even be bothered by the packet. NAT will block port scans, attempts to connect to 'most' torjans, any services that may be running on your box from being accessed by people not on your LAN (which would include NetBIOS), and other things like that.
    Originally posted by me, http://www.antionline.com/showthread...525#post640525

  8. #8
    Junior Member
    Join Date
    Jul 2003
    Posts
    19
    'Netstat -a' will show what ports are opened on the box. A 3rd party tool is needed to see what app is using the ports. I use the fport.exe tool from foundstone, you can get this tool from their webpage www.foundstone.com .

    In W2K and Windows XP it is possible to enable TCP/IP filtering in the kernel. You can find this option in the advanced TCP/IP settings. A second way is to use IPSEC policies that can filter the ports on the IP stack, this option can also be found in the advanced settings. (I believe both options are only possible in the professional versions, I'm not very known with the Home editions)

    When the box is behind a router/Firewall it is also possible to put an Access List in place to control the IP traffic from and to the box.

  9. #9
    Junior Member
    Join Date
    Dec 2001
    Posts
    23
    Geppy informed you correctly. In Win2k and XP professional this setting is found in

    network connectons-->Lan or high speed Intenet-->properties-->Intenet Protocals(tcp/ip)

    -->Properties-->Advanced




    Hope this is of some help.

    Neosamurai
    \"Cant sleep..... clown\'ll eat me..... cant sleep...... clown\'ll eat me.\"

  10. #10
    Junior Member
    Join Date
    Jun 2003
    Posts
    14
    Back in business!!!

    Thanks a lot for helping me out...bless for all!!!!!!

    Roger Wilco
    [glowpurple]NO PAIN NO GAIN[/glowpurple]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides