PPPoE/PPP0A or Bridge Mode??

[stan0614]

"Ports found to be OPEN were: 21, 23, 80"

Holy Crap!!!

21 = FTP
23 = Telnet
80 = HTTP

If I knew your IP address (which bad people will find soon enough by randomly scanning a range of ip addresses) - I could open a command prompt on your pc by the telnet command - put whatever files I want to on your hard drive via the ftp command - and run a web server on Port 80.

You're screwed dude.

Did you mean to run these services (http/ftp/telnet) on your PC?
Try: http://127.0.0.1 (Your PC) to see if a web page is displayed.

Since port 135, 137, and 139 are not open - I suspect it's your router/modem instead of your PC reporting these open port values.

Maybe it is the router supplied by your ISP running these and I would contact them ASAP to close the ports. Ask them if you can replace their router with a router of your own like a linksys.

[stan0614]

The logmein software you have loaded could also be listening to those ports. Could be normal - but anything that leaves you that open is not good and could be bypassed.

[Sumesh Paul]

Hi stan0614,

So, what would you recommed me to do to disable these ports?

The latest news by from the link https://www.grc.com/x/ne.dll?bh0ciyl2 is like this....

GRC Port Authority Report created on UTC: 2006-09-29 at 15:10:02

Results from scan of ports: 0-1055

3 Ports Open
1053 Ports Closed
0 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be STEALTH.

Ports found to be OPEN were: 21, 23, 80

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.


Please recommed me with some good measures that I should follow before the "(which bad people will find soon enough by randomly scanning a range of ip addresses)" happens to me.

Regards,
SumesH PauL.

[chizra]

sumesh,

did you run the Microsoft Baseline Security Analyzer? Its a small proggy to help you finetune your pc security.

It is available at http://www.microsoft.com/technet/sec.../mbsahome.mspx

btw, were you browsing in other window while the online scan was going on?

For closing the ports. click start>run>services.msc

Port 21- Stop Application Layer Gateway Service
Port 23- Stop Telnet
Port 80-Stop Windows Media Services, World Wide Web Publishing Service and SharePoint Portal Server

More info about the more obvious ports is at http://support.microsoft.com/kb/832017

cheers

[Sumesh Paul]

Hai Chizra,

Thanks for the post. I disabled the servies as you mentioned above, but what the strange thing was, I couldnt disable the telnet service. The telnet was already disabled. But one telephony service is still running, "which enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet" is what mentioned in the properties of that telephony service. If I stop this service does the connection to internet stops completely?

Please help me with this tooo!!

Regards,
Sumesh Paul.

[chizra]

The snap shot of this particular services is attached.

You may visit http://technet.microsoft.com/en-us/default.aspx

and find more info about them.

btw, i didnt do much, i just invoked my god (google) for it. And switching on/off services is trail and error. always recoverable.

Om Shanti!

[stan0614]

Turning off telnet will NOT affect your connection to the internet.
What is the status of using SHIELDS UP! now.

Are the ports still open?

[Sumesh Paul]

Hi friends,

I still have 3 ports open. The details about this is mentioned below.

GRC Port Authority Report created on UTC: 2006-09-29 at 18:43:11

Results from scan of ports: 0-1055

3 Ports Open
1053 Ports Closed
0 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be STEALTH.

Ports found to be OPEN were: 21, 23, 80

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

I tried to close the telnet, which is already disabled, but still the port 21 is open.

Am attaching a zip file of the this in detail.

[Sumesh Paul]

The ports open are the following..

[stan0614]

what does https://www.grc.com/x/ne.dll?bh0bkyd2 look like?