how do you close ports?
Results 1 to 9 of 9

Thread: how do you close ports?

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    161

    how do you close ports?

    Hi all,

    I have been running some tests on my home network:

    - Box 1: WinXP pro Kerio PF setup to block all in and out traffic on ports 445 and 5000
    - Box 2: Mac OS X running xnmap to scan the windows box, command nmap -sS -P0 -T3 -v 192.168.1.xxx

    I run the scan and Kerio PF alerts me everytime it drops packets on said ports. Scan result tells me that ports 445 and 5000 are open!

    Shouldn't the result mark the ports as closed?

    Any help or comments would be appreciated.


    Cheers,

    J

  2. #2
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    779
    how do you close ports?
    To close ports you disable the service.


    Box 1: WinXP pro Kerio PF setup to block all in and out traffic on ports 445 and 5000
    Simply, disable port 5000 and port 445 no need to run unneccessary services on your system. To do this, start, run, type services.msc then go down to UPnP and set it to disable.

    To disable port 445

    You can easily disable port 445 on your computer. To do so follow these instructions:

    Start Registry Editor (Regedit.exe).

    Locate the following key in the registry:

    HKLM\System\CurrentControlSet\
    Services\NetBT\Parameters

    In the right-hand side of the window find an option called TransportBindName.

    Double click that value, and then delete the default value, thus giving it a blank value.

    Close the registry editor.

    Reboot your computer.


    Registry tweak credit go heres ----------> http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm

  3. #3
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    If you have the WinXP built-in firewall active, you can add ports to the Exception list and uncheck them. This provides some basic blocking.

    Other, more capable firewalls can provide more granular control over ports and what can and cannot pass.

  4. #4
    Junior Member
    Join Date
    Oct 2005
    Posts
    14
    check this out, https://www.grc.com/x/ne.dll?bh0bkyd2 so u can confirm that those ports are actually open, and are you behind a router?

  5. #5
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    779
    Make sure you disable SSDP this service runs on port 1900. Also,
    Enables discovery of UPnP devices on your home network.
    To see what other services you can disable for security purposes check out http://www.beemerworld.com/tips/servicesxp.htm

    If you want to check to see what ports are open on your system on command prompt issue netstat -ano once done press enter.
    Now type tasklist /svc at the prompt and hit enter. Now match the PID with the service. If you see some service you don't know then type it in to google.

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    most personal firewalls give you the option of setting a trusted network so computers on your network can communicate. looks like you have this option on
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  7. #7
    Senior Member
    Join Date
    Apr 2002
    Posts
    161
    Thanks everyone for your feedback.

    So, in order to close a port the service must be disabled, it is not enough to just block traffic to said port with a firewall?

    Cheers,

    __J__

  8. #8
    Senior Member
    Join Date
    Apr 2005
    Posts
    123
    it makes sense, if you don't have the service running he can't listen to anything

  9. #9
    Banned
    Join Date
    Nov 2003
    Posts
    1,161
    Here this is easier. The services you want to keep just go and change back to auto or manual if you need them. Or modify it from here. After that paste this into notepad and save it as a .reg

    *** Print spooler, Wireless, and Auto updates ( Never felt the need to update, hehe) are disabled in this one.

    Code:
    Windows Registry Editor Version 5.00
    
    [HKEY_CURRENT_USER\Control Panel\Sound]
    "Beep"="no"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
    "TransportBindName"="" 
    
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\BagMRU]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\Bags]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell]
    "BagMRU Size"=dword:00001f40
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam]
    "BagMRU Size"=dword:00001f40
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    "NoSaveSettings"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
    "TransportBindName"="" 
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Ole]
    "EnableDCOM"="N"
    
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs]
    
    [HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers]
    
    [HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\Copy To]
    @="{C2FBB630-2971-11D1-A18C-00C04FD75D13}"
    
    [HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\Move To]
    @="{C2FBB631-2971-11D1-A18C-00C04FD75D13}"
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}]
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace\{2227A280-3AEA-1069-A2DE-08002B30309D}]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
    "RegDone"="1"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    "DisableStatusMessages"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    "SynchronousMachineGroupPolicy"=dword:00000000
    "SynchronousUserGroupPolicy"=dword:00000000
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    "NoDriveTypeAutoRun"=dword:0x000000FF
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "MaxConnectionsPer1_0Server"=dword:00000032
    "MaxConnectionsPerServer"=dword:00000032
    
    [-HKEY_USERS\.Default\Software\Microsoft\MediaPlayer\Player\RecentFileList]
    [-HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList
    
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "MaxConnectionsPerServer"=dword:00000020
    "MaxConnectionsPer1_0Server"=dword:00000020
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "MaxConnectionsPerServer"=dword:00000020
    "MaxConnectionsPer1_0Server"=dword:00000020
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam]
    "BagMRU Size"=dword:00001388
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
    "NetFailureCacheTime"=dword:00000000
    "NegativeSOACacheTime"=dword:00000000
    "NegativeCacheTime"=dword:00000000
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
    "Persistent"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "nolmhash"="0x00000001 (1)" 
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "restrictanonymous"="0x00000002 (2)"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters] 
    "EnableICMPRedirect"="0x00000000 (0)"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters] 
    "DeadGwDetectDefault"="0x00000000 (0)"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters] 
    "EnableSecurityFilters"="0x00000001 (1)"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioSrv]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cisvc]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSrv]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COMSysApp]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmadmin]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmserver]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FastUserSwitchingCompatibility]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fax]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\helpsvc]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidServ]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IISADMIN]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ImapiService]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Iprip]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LmHosts]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LPDSVC]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mnmsrvc]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSFtpsvc]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSIServer]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSMQ]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSMQTriggers]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDE]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDEdsdm]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netman]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Nla]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtLmSsp]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtmsSvc]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlugPlay]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectedStorage]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAuto]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDSessMgr]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcLocator]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RSVP]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SamSs]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardDrv]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SimpTcp]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMTPSVC]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMPTRAP]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SwPrv]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TapiSrv]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uploadmgr]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\upnphost]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UPS]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmdmPmSp]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wmi]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApSrv]
    "Start"=dword:00000003
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WZCSVC]
    "Start"=dword:00000004
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule]
    "Start"=dword:00000004

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •