Internet security

Discussion in 'Windows Desktop Systems' started by Billy Hunt, Dec 24, 2001.

  1. Billy Hunt

    Billy Hunt Guest

    Can somebody explain to me why when I use the port scan at hackerwatch.org it says the following

    Closed but Unsecure
    21 (FTP)

    This port is not being blocked, but there is no program currently accepting connections on this port.



    Open and Unsecure!
    23 (Telnet)

    This port is not being blocked and there is a program accepting connections on this port.



    Closed but Unsecure
    25 (SMTP Mail Server Port)

    This port is not being blocked, but there is no program currently accepting connections on this port.



    Closed but Unsecure
    79 (Finger)

    This port is not being blocked, but there is no program currently accepting connections on this port.



    Open and Unsecure!
    80 (HTTP)

    If this computer is not supposed to be acting as a web server you should not have this port open.



    Closed but Unsecure
    110 (POP3 Mail Server Port)

    This port is not being blocked, but there is no program currently accepting connections on this port.



    Closed but Unsecure
    139 (Net BIOS)

    This port is not being blocked, but there is no program currently accepting connections on this port.



    Closed but Unsecure
    143 (IMAP)

    This port is not being blocked, but there is no program currently accepting connections on this port.



    Closed but Unsecure
    443 (HTTPS)

    This port is not being blocked, but there is no program currently accepting connections on this port.

    When my mate did the same test with ME he got all secure.

    When I do the ports and shield test at Sheilds up I get all stealth

    Which one should I believe?

    Or how can I close all the ports that hackerwatch say are open?

    I'm using the the firewall included with XP and zone alarm.

    Which programs from XP need to access the internet just for Email and browsing?
    There seems to be a lot of windows programs trying to access internet compared to when I had ME installed such as

    application layer gateway service
    generic host process for win32 services
    services and controller app
    as well as the normal
    outlook express
    internet explorer
    and windows explorer

    some also ask for server rights which ones do I need to let access internet?
     
  2. Billy Hunt

    Billy Hunt Guest

    MMM ! Thanks for the link
    I've read through it (most of it :D )
    It all looks a bit long winded for a home user is there a shorter more simple version or an easier way :confused:
    I got stuck at section A no 6 Use the Options tab- I have no options tab just general, dns, and wins.
    I disabled the net bios over TCP\IP
    That's about all really :)
     
  3. Lonman

    Lonman Bleh!

    Messages:
    2,642
    Go get a copy of ZoneAlarm. It's free and it should button things up for you ok. Are you on dial-up or broadband? If you're on dial-up then your most important program requirement is an up-to-date ant-virus program. If you're on broadband, then a good firewall and an up-to-date anti-virus are really needed.
     
  4. Billy Hunt

    Billy Hunt Guest

    Yea I'm using zone alarm which always worked great with ME secure or stealth ports every where but since installing XP it don't seem to do as well.
    It's the latest version too 2.6.362
    I'm still going through the page that AlecStaar gave and doing what I can.
    What I can't understand is why does Shields up say I'm OK.
     
  5. Lonman

    Lonman Bleh!

    Messages:
    2,642
    I'm not sure what to tell you. I just went to http://www.hackerwatch.org/probe/ and let it run it's port probe and i came up clean as a hounds tooth. The only thing I have running is ZoneAlarm Pro 2.6.357 (older then yours). I'm running on a fairly fresh installation and haven't done any tweaking at all yet. You might want to reinstall ZoneAlarm and try again because I came up secure on all ports scanned by this site.

    Is it possible you got a compromised version of ZoneAlarm?
     
  6. Billy Hunt

    Billy Hunt Guest

    That is reassuring to know lonman at least I know that I can get the cover .
    I don’t have the pro version, I wonder if that could be the difference.
    I have the free version, which I downloaded from zonelabs.com.
    If I know that zone alarm pro does work then I will get that.
    Thanks for the help :)
     
  7. T-Bear

    T-Bear Guest

    in zone alarm check the configure and see what you have the internet setting set at, if low then yes alot of the ports will be set to listen. Change the setting to medium. Go into the programs area and clean out all of the programs that is there. Reboot and let ZA start back up. WHen XP asks about the generic host tell it no for the internet, only local. THen go in and switch each one of the XP services to local.

    Is this system a gateway for ICS if yes then the applicaton layer app gateway is there for that. If not dont allow internet.

    Shut the server app off the internet too, then try your connection to the web, if it doesnt allow then start it back up.
     
  8. Billy Hunt

    Billy Hunt Guest

    Thanks for the reply T-Bear
    I’ve come to the conclusion that there is something wrong with the port scan on the site
    It’s probably been put up by some snotty nosed teenager who just laughs at suckers like me trying to get it to say all secure, which it has said once.
    It can change it’s mind as to what status my ports are with out me making any changes.
    It doesn’t even get my IP address right
    I’ve followed some of Alecstaar's tip's and I downloaded ZA Pro, on the pro version you can set what ports generic host can connect to so I limited it to just 3
    TCP and UDP port 53
    and the two mail ports SMTP and POP3
    I don't allow any server rights.
    So I’d say I’m pretty secure never mind what that site says
    I’ll stick to shields up in future

    What experience has everybody else had with the port scan?