November 24th, 2004, 02:31 PM
dangerous ports on win xp
i'm waiting for my new internet connection with public ip address (not behind the firewall) and i'm wondering what ports i should close, not to get cracked by script kiddies?
i have read about netbios vulnerability, but is it vulnerable now? didn't MS patch it?
what other ports can be attacked? what type of attack can be made through these ports?
for som\' **** from lithuania
November 24th, 2004, 02:37 PM
If your PC is already patched to XP service pack 2 go into the security center and make sure the firewall is on. Otherwise download a firewall such as ZoneAlarm, (www.zonelabs.com), as soon as you can.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
November 24th, 2004, 02:58 PM
Just out of curiousity, what is the logic for exposing a WinXP desktop directly to the internet? You do understand that this is a very baaad idea right?
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
November 24th, 2004, 03:18 PM
close port 5000 this port is used by script kiddies to identify ur OS as XP.by default this port is open on windows xp. ( search google for what service is running on that port i don't have XP on my pc )
about ur question here is ur patch link http://www.microsoft.com/downloads/d...displaylang=en
but it is mostly a question of administrator's mistake script kiddies start there work by port scanning ur pc or web site then examining ur open ports!!! what services do they offer? what server running if any?is there any vulnerability on that perticular service ?if yes is that system effected by that vulnerability or not?if yes hack it else repeat the procedure for next open ports
it is not important whether a patch is available or not it is basically a question of whether administrator has applied that patch or not!!!
i was chatting with a so called web defacer the on yahoo the other day and i came to know that many sites are still hacked(defaced) by front page extension vulnerability(huh wat a mess)
webdav is still around yeah yeah it is true and that IIS WebDAV vulnerability i read a report a while back stating that it is still around a militry web site of a country running APACHE has directory traversal and file download vulnerability(i am not gonna give u URL don't PM me)
a shopping site from india allows java class file (used for authentication)to be download pretty easily and u can simply regerse engineering on then.
at the end have a look at this exploit pay attention to date of publication?
do u expect any web server in the world to be effected by this?
by the way what u think how many systems are there in the world running xp as OS (legal+illegal)probably we can't imagine out of them how many are on a lan or are connected to internet?
out of those ocnnected to internet or LAN how many u think have SP1?
u will say 50%?
it would be shocking to u guys but in my school they are running windows xp on more then 150 pc's with out SP2.
30 of them are connected to internet.
forget that none of my school mates(i know and running xp)have installed sp2.
forget that too.
there are atleast 10 cyber cafes that i used to visit when i didn't have a internet connection most of them running windows XP or 98 as OS none had sp2 installed.more i think more numbers i have i don't think i ever heard someone in my city saying that they have sp2( by the way they are all pirated softwares) even the school and cyber cafe and goverment agencies use pirated softwares.shocked?
there is a lot more to say trust me!!!!!!!!!!
November 24th, 2004, 03:22 PM
Don't take any chances and close ALL of them. The easiest to do this is by using a firewall.
i'm wondering what ports i should close, not to get cracked by script kiddies
Experience is something you don't get until just after you need it.