How do u close a port!!

Printable View

November 15th, 2003, 09:59 PM
mafia_almighty

How do u close a port!!

u can view all the open ports on my PC ....but what should i do ... if dont want a particular port on my PC to be open..???

plz reply!!!
November 15th, 2003, 10:01 PM
sysmin770

Just use a firewall and close them all. Unnecessary ports being open can lead to a lot of trouble.
November 15th, 2003, 10:04 PM
skiddieleet

Do what sysmin said, here are a few firewalls:
http://soho.sygate.com/buy/download_buy.htm
http://www.zonelabs.com/store/conten...eeDownload.jsp
www.kerio.com/us/kpf_home.html

edit
no problem sysmin, we shouldn't have to find it for them anyway.
November 15th, 2003, 10:07 PM
sysmin770

Thanks h3retic I am not feeling well today. I should have posted links to some free ones.
November 15th, 2003, 10:10 PM
MrLinus

Ummm.. dumb question but what OS are you using? A firewall will block ports but not necessarily close them. It's probably better to stop/remove the service that is causing the port to be open. And if you cannot stop/remove the service, then the firewall can be used to block the port.

And I've moved this to Newbie Security because this can go beyond a) web access b) it's always something that new members are interested in.
November 15th, 2003, 10:15 PM
skiddieleet

I was just going to add about running services MsM. You should definetly try and turn off what you can. Here is a good site for unnecessary windows services and how to turn them off: www.blackviper.com
If you are on linux(I don't think you are) there should be a built in firewall and I kindof need to know which distro to help you turn it on. Check out blackviper if you're on windows though, it will help you get rid of unnecessary services.
November 15th, 2003, 10:39 PM
noODle

MsM=e^2 :confused:

Quote:

Ummm.. dumb question but what OS are you using?

Quote:

A firewall will block ports but not necessarily close them.

h3r3tic

Quote:

...good site for unnecessary windows services...

If you are on windows you could use f-port && Google besides the allready mentioned.
Search for disable+app_name. :cool:

You should still use a firewall though, it will change the status to stealth instead of closed unless you specify it not to.
:eek:
November 15th, 2003, 11:48 PM
Datsun 260Z

Quote:

Originally posted here by h3r3tic
Do what sysmin said, here are a few firewalls:
http://soho.sygate.com/buy/download_buy.htm
http://www.zonelabs.com/store/conten...eeDownload.jsp
www.kerio.com/us/kpf_home.html

edit
no problem sysmin, we shouldn't have to find it for them anyway.

Another good, free firewall is Agnitum Outpost. http://www.agnitum.com

There's a free and paid version. The free version should be enough.
November 16th, 2003, 12:00 AM
Producer

Why not troubleshoot what apps are opening the ports?

Or is this grandma we are talking to?
November 16th, 2003, 03:27 AM
!mitationRust

Some Tips
Be careful with file-sharing services like Kazaa
Update your software
Use passwords (strong passwords. Just a thread about this on the main board)
Windows 2000 and XP,Do not Browse the internet on Root or an "administrator account"
Configure your home firewall well
Don't use outlook express (I know, it's convenient)

Check your own security by simply going to
http://www.grc.com/ and running Shields Up.
http://grc.com/lt/leaktest.htm
http://www.auditmypc.com/

If your on XP enable the XP firewall:
http://www.microsoft.com/windowsxp/p...orking/icf.asp

1. Log into XP with an owner account.
2. Click the Start button and select Control Panel. Double-click the Network Connections icon.
3. In the Network Connections window, click to highlight the connection you want to protect. In the left panel, under Network Tasks, click "change settings of this connection."
4. When the connection status dialog box opens, click the Properties button.
5. In the Properties dialog box, click the Advanced tab. Check the box beneath "Internet Connection Firewall." If you leave it unchecked, the firewall is off. If you aren't running any servers on your computer, just click OK. If you run an FTP or Web server, you need to change the advanced settings.

Most think Microsoft's XP Firewall is underpowered. They prefer more powerful software, such as BlackICE Defender,Sygate....ect. Others hide their networks behind a cable/DSL router like the Linksys BEFSR41, (I prefer the BESX41)which includes a built-in hardware firewall.

Stateful inspection
The firewall included with Microsoft Windows XP claims to be a stateful inspection firewall, though it lacks any way of filtering application content. This is where things get a little blurry, as the XP firewall has essentially the same functionality as the firewalls built into commonly available cable/DSL home routers, a combination of packet filtering with a circuit level gateway.

(opinion)Close all ports your not using including port 80 when you away from the computer
Port: One end of a logical connection between two computers. Specific ports are used for specific types of data. For example port 80 is used to send and receive HTTP (web browser) traffic. Firewalls can block ports, disabling them from receiving any data.

Speaking of configuring your new firewall
Here is a list of well-known port numbers which you may find useful in configuring your firewall. (paste job)
Service Port Number
FTP 21TCP
Telnet 23 TCP
SMTP 25 TCP
HTTP 80 TCP
POP3 110 TCP
HTTPS (secure) 443 TCP
IRC 194 TCP
ICQ 5190 TCP, (note: ICQ by default will use this port to connect, and any available port above 1024 to listen for new connections. This is kind of insecure, so I would recommend going to the ICQ site and reading their firewall configuration info
AOL messenger 5190, 4099 TCP (also will self configure to available ports)
Yahoo IM (self configures)
MSN messenger 6891-6900 TCP for file transfer, 6901 TCP/UDP for voice (otherwise self configures messaging)
Kazaa 1214 TCP (can be reconfigured within Kazaa)
Games** For various multiplayer games, check the websites for specifics.

I would take h3r3tic's advice an go to www.BlkViper.com and make your own custom reg tweak.
Here is the link to my own custom reg tweak.
http://www.antionline.com/showthread...898#post684898

Also here are the links to the software that I use. (All free)
http://www.antionline.com/showthread...317#post685317
November 16th, 2003, 04:35 AM
Turmoil

I found this program called "TCP VIEW" and it shows all the traffic on the different ports... It doesn't really show you which ones are open, unless there is traffic already on them.. But it shows you the traffic and you can choose to close the port off to that service if ya want :)
November 16th, 2003, 05:12 AM
!mitationRust

Active Ports
http://www.webattack.com/get/activeports.shtml

Infiltrator Network Security Scanner 1.01
http://www.webattack.com/features/in...704-428944.php

AW Ports Traffic Analyzer
http://www.webattack.com/get/awpta.html

AW Security Port Scanner
http://www.webattack.com/get/awebscanner.html

DiamondCS Port Explorer
http://www.webattack.com/get/portexplorer.html

Advanced Port Scanner
http://www.webattack.com/get/advportscan.html

Port Listener XP
http://www.webattack.com/get/portxp.html

SuperScan - network scanner
http://www.webattack.com/get/superscan.html
November 19th, 2003, 07:03 PM
Aftiel

NOTE: This response to the poster is slanted towards Linux.

In Linux, I use the command:

netstat -tap|grep LISTEN

to find out what services are listening. Our immediate reaction is to "close" or "disable" all ports, however (as was pointed out,) normally a better option is to secure the ports/services individually.

Especially if we are talking in terms of learning security. Take the opportunity to properly secure applications/ports, then monitor them.

You can also use those to work on breaking them yourself. The standard reaction to something like Sendmail is to disable it if it is not being used.

Take that opportunity to learn how to secure it - so in the future it is old news when you need to use it.

There are obvious exceptions to this - such as X11, which likes to start default by listening. Since we normally do not share X11 with the world, that can be stopped.

In terms of Windows, the same can be applied. With open ports, we can learn how to properly secure and monitor them (i.e. only allow internal network traffic on them, or DENY certain IP's etc.)

I feel if we simply close or disable everything, we lose a chance at learning how to really "secure" something.

.: Aftiel
November 20th, 2003, 12:25 AM
harrybuzzi

There`s a little Tool called TCPView.exe from Sysinternals.com.
Using this you can see all open ports on your computer and close them-if you want.
November 20th, 2003, 12:06 PM
Sgear17

i thinks the other is right you can close a port by using a firewall and you can open them if you want just configure it on the firewall configuration.... Some firewall that ive use is the Agnitum and Zone Alarm check them out in the google.com hope this help you a litle bit
November 20th, 2003, 08:27 PM
\/IP3R

Re: How do u close a port!!

Quote:

Originally posted here by mafia_almighty

u can view all the open ports on my PC ....but what should i do ... if dont want a particular port on my PC to be open..???

plz reply!!!

go to start menu ------>run------->cmd-----.enter
type netstat -na, this will give you the details which ports are open and which connection is established. Then you can go to your firewall. I don't know which one you are using but I use zone alarm, if you use zone alarm then double click on zonealarm icon on task bar. Click on firewall option, on the main window of it there should be two bars one in internet zone security and another in trusted zone security. Click on custom button on internet zone security. This will open custom firewall setting window with internet zone window activated. Scroll down where you can see tcp/udp incoming/outgoing port numbers. Just select your choice of tcp or udp and incoming or outgoing and then enter the port number in the dialog box and presss apply. If you are not using zone alarm I am sure your firewall should have some sort of traffic blocking feature init.
November 21st, 2003, 12:03 AM
Iaio

@ !mitationRust

I think that IRC is on port:6667 by default. But anyway 10x for the huge info it helps me a lot.
November 21st, 2003, 01:22 AM
!mitationRust

Quote:

Originally posted here by Iaio
@ !mitationRust

I think that IRC is on port:6667 by default. But anyway 10x for the huge info it helps me a lot.

ircd 6667/tcp # Internet Relay Chat
ircd 6667/udp # Internet Relay Chat

http://www.comptechdoc.org/independe.../netports.html

irc 194/tcp # Internet Relay Chat
irc 194/udp

http://perso.netinfo.fr/GeKhaJoFour/...pp-page-5.html

irc 194/tcp Internet Relay Chat Protocol
irc 194/udp Internet Relay Chat Protocol

http://www.iana.org/assignments/port-numbers

ircu 6665-6669/tcp IRCU
ircu 6665-6669/udp IRCU

Yeah keep the change!!!
November 22nd, 2003, 12:19 AM
Iaio

@!mitationRust

ok. I guess you know a lot about ports so explain to me what is the difference, please. ircd, irc, ircu. all of them look the same to me.
January 12th, 2004, 05:30 PM
tyfon

I am running suse 8.2 How should i close the ports i dont need? (not block them) Also,is the susefirewall good enough to protect me?