Is this safe or not ?
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Is this safe or not ?

  1. #1
    Junior Member
    Join Date
    May 2005
    Posts
    12

    Is this safe or not ?

    hello i have a question about my box(computer) ports i have widnows 2000 sever and i scaned my ports useing NmapWin v1.3.1 and i have me this.

    Starting nmap V. 3.00 ( www.insecure.org/nmap )
    Insufficient responses for TCP sequencing (2), OS detection may be less accurate
    Interesting ports on ??? (???.???.?.???):
    (The 1578 ports scanned but not shown below are in state: closed)
    Port State Service
    7/tcp open echo
    9/tcp open discard
    13/tcp open daytime
    17/tcp open qotd
    19/tcp open chargen
    21/tcp open ftp
    25/tcp open smtp
    42/tcp open nameserver
    53/tcp open domain
    80/tcp open http
    135/tcp open loc-srv
    139/tcp open netbios-ssn
    443/tcp open https
    515/tcp open printer
    548/tcp open afpovertcp
    1025/tcp open NFS-or-IIS
    1029/tcp open
    ms-lsa
    1030/tcp open iad1
    1033/tcp open netinfo
    3372/tcp open msdtc
    3389/tcp open ms-term-serv
    6666/tcp open irc-serv
    7007/tcp open afs3-bos
    Remote OS guesses: Windows NT 5 Beta2 or Beta3, Windows Millennium Edition (Me), Win 2000, or WinXP, MS Windows2000 Professional RC1/W2K Advance Server Beta3
    Nmap run completed -- 1 IP address (1 host up) scanned in 20 seconds

    is my ports on this box safe or not what should i do to keep them close ?

  2. #2
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    is all that stuff neccesary? Are you using each of those services? Have you run windows updates? Are you using any kind of firewall?
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    if by safe you mean having multiple (possibly un-needed) ports open, then sure.


    just messing with you. look at what each thing does. do you use things like term serv? if not, close the port. Id get a firewall though.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Was that scan from within a perimeter firewall or outside it.... More to the point, does a perimeter firewall exist?

    'Cos if that box isn't firewalled it's probably already owned.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Junior Member
    Join Date
    May 2005
    Posts
    12
    Yes my windows is up to date, most of those services oh there i not use but the FTP port i'm useing.and i scaned it in side the box i dont have a firewall i dont know to get for the window sever 2000 i had norton but i didnt want to install on this OS.

  6. #6
    Is it being used as a server? If so, forget the firewall and just kill any uneeded services, and lock down the ones you need. Of course make sure all patches are up to date.

    If you go the firewall route, Kerio has some nice firewalls, both enterprise level, and home level that are worth checking out. The nice thing about Kerio is that their firewalls combine IDS for bidirectional protection.

  7. #7
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: Is this safe or not ?

    Originally posted here by Logicalsifter
    Starting nmap V. 3.00 ( www.insecure.org/nmap )
    Kind of old...

    7/tcp open echo
    9/tcp open discard
    13/tcp open daytime
    17/tcp open qotd
    19/tcp open chargen
    These are part of the "Simple TCP/IP services". You don't need them. Remove it.

    21/tcp open ftp
    25/tcp open smtp
    80/tcp open http
    443/tcp open https
    These are part of IIS. If you don't need the smtp and http services, stop them using the IIS management console.

    42/tcp open nameserver
    53/tcp open domain
    DNS Server. Not sure. You may need it if you're running AD.

    515/tcp open printer
    Unix printing services. Probably don't need it. Remove it.

    548/tcp open afpovertcp
    AppleTalk. If you don't have any Apple computers on your network remove it.

    6666/tcp open irc-serv
    Not sure about these. Could be some kind of IRC backdoor.

    7007/tcp open afs3-bos
    Microsoft Streaming Media Services. If you don't need it, remove it.

    is my ports on this box safe or not what should i do to keep them close ?
    No, your box is not safe. It looks like you enabled every single service possible on a W2K.
    How to keep them closed? Only enable services you actually need/use.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  8. #8
    Junior Member
    Join Date
    May 2005
    Posts
    12
    ok how can i close then what setps to do i need to take to that them close ?i dont know to much about closeing my ports on my box.

  9. #9
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    If you stop or remove the service the ports will automaticly be closed.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  10. #10
    Junior Member
    Join Date
    May 2005
    Posts
    12
    hmm i think i might of fond out how to stop those ports i looking at my box management thing and i when to Services and is showing me all those ports things that are running and not running

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •