Im wondering if anyone knows if there is away to close open ports at the command prompt in using windows 2000 pro ?
Thanx
Printable View
Im wondering if anyone knows if there is away to close open ports at the command prompt in using windows 2000 pro ?
Thanx
There is no way to randomly open ports - something has to be listening there for it to be open. You would use the command line to start a service that will open the port.
Net Start xxxxxxx would open ports if there is a service named xxxxxxx in the registry or simply typing the program name of a program that listens on a port such as NetCat with the appropriate switches would open a port.
Other than that you are out of luck. The only reason a port is open is because an app is sat behind it listening for communications with the port. Otherwise nothing can reply to the communication and the port would be determined to be closed.
[Edit] Ooops.... I gotta learn to read...... "close open ports"...... :o
Net Stop xxxxxxxx wil shut down the service that has the port open and you can use the kill app that comes off the resource kit I beleive to kill other app/processes.
[/Edit]
Close the program or service that listening to it. Or get a firewall like ZoneAlarm who free!
Edit : Tiger beat me to it! :( About 30s before I do! :cool: :p
(suggestion)ZoneAlarm ........................Even though Ive used in the past(2yrs ago) no problems. To many people at AO are personally typing statements that the use of ZA can cause unstability in your system.
Yeah, because it uses much of the recources of your system and specially RAM. Well personally i find it the best in comparison to Sygate Firewall. I also have heard of Tiny Firewall and i have heard that it is very good...
Yes you can manually close ports.
In the advanced LAN settings there should be a options tab, here you can close ports manually.
Correction. That is filtering a port. The program is still listening for connections on that port, however in most cases data will simply never get there.Quote:
Originally posted here by erpa1119
Yes you can manually close ports.
In the advanced LAN settings there should be a options tab, here you can close ports manually.
Also, the TCP/IP filtering only stops incoming connections. If you have some kind of spyware sending info out that port, the built-in filtering will do squat.
Closing a port = terminating the listening application
Filtering a port = blocking it at a firewall level
I realize u're running Win2K, but here's a link to shut some services down in XP.
There's quite a few services the same.
http://www.overclockersclub.com/guid...xpservices.php
In th lan advanced settings you can only permit a port. But you first have to disable all, then permit the ones you want, one by one. This gets involving.
win2k and sygate personal pro works perfecly you can set your own rules for it and no problems hehe
Buying a Router with built in Network Address Translation [NAT] can stop any ports from being a threat from the WAN [Internet]. Packets get to your Router that is also a firewall and filters out unwanted / unfriendly packets. A cheap Router like SMC 4 port 10/100 switching Router goes for $40 and upwards [USD].
Over simplifying it.. NAT works like this... you have an internal lan-locked ip address [eg 192.168.0.1], your Router has a world viewable IP address assigned by your ISP. All packets you send to the 'rest of the world' get handed to the router which in turn rubber stamps them with it's ip address but keeps the senders information in a special table. When the packet is responded to [say a response from a webserver after a webpage request] the router will pass back to your ip address the responding packets.
If a cold calling packet, one that is not initiated by you, your network or your router, and one that is not allowed by the router, happens to come to the router [a ping or port scan for example] the Router can automatically ignore it depending on the make, model of the router and the setup. Routers out there can also double up as gateway antivirus scanners, mail agents, webservers and more.
This is an outside the box approach to protecting your ports that requires little or no tech-knowledge and a quick n cheap fix to such a problem. It's also the first step to a centralised way of safekeeping a home network.
Ciao for now... Kwi