Articles

How to close ports!!!

April 5, 2005 at 15:49:57
Specs: xp & 98, 256

How do I close 3 open ports (ftp, telnet and http( Only 2 are in stealth mode and the rest are in close mode. Zone Alarm is in installed and three computers are hooked up to a Linksys router. I'm helping a friend who is constantly being hacked by the same person. Thanks so much in advance

See More: How to close ports!!!

Report •


#1
April 5, 2005 at 17:43:01

What test are you using that identifies these ports as a problem? Are they the Sygate or Symantec tests? I have never passed those test with my DLink and I also used their firewalls when running the tests. The only time I pass the Sygate test when I am using Linux. Symantec will not do a test for anyone using Linux. Try GRC'S "Shields Up" test. I would recommend the test at PC Flank, but normally it will not detect your address if you are using a router with a hardware firewall. You could also check the the advanced Zone Alarm settings for applications making sure that no server rights are set. HTH

Report •

#2
April 6, 2005 at 02:58:48

Hi

several options you have done eg ZA, cool,
block non internet proggs from accessing the net.
if you are not using the ftp service , simply disable it.
login as admin ,in the start\run box, type services.msc

find telnet service , right click properties start type ,set to disabled.
check out blackviper.com other services not required.
http services id leave alone as you will need IE to browse, set ZA on firewall settings to high , this can cause some proggs to complain try & see.
grc sheilds up is only so good at what it does)
clear the logs ZA holds and start monitoring
which ip is connecting and if succesfully Blocked then the person will eventually get bored and go away u win.
if they persist ,complain to your isp let them do the legal bit.
how do you know your freind is being hacked?
Are they using the built in NAT firewall?
check pcs for keyloggers and trojans ,
a decent Antivirus will sort that.

useful port checker
www.sysinternals.com/ntw2k/source/tcpview.shtml

Regards


Report •

#3
April 6, 2005 at 14:30:40

I used www.GRC.com´s shield´s up test. I don´t undestand why Zone Alarm doesn´t automatically make all the ports stealth.

The man´s whose computer it is, uses WS-FTP to upload files to his webhost but he doesn´t have FTP server software installed to my knowledge.

His webpages have been hacked several times and I´m assuming this due to thoese 3 ports being open, he didn´t have a firewall installed. I installed the free version of Zone Alarm yesterday alogn with spyware removal and anti-virus software(this is for charitable organization). Also XP´s firewall is enabled.

When I´m back at this computer I will try the things you mentioned above. Any other info would be greatly apprecatiated.


Report •

Related Solutions

#4
April 7, 2005 at 04:22:32

Hi again
oh i see now its not obvious from 1st post however its his web page being trashed on another server,
i thinks theres somthing you should tell the
man, its not his pc thats
being hacked its his isp web space, and he should contact his isp as its their responsibilty to ensure their web server is secure.
or change to another web host, there are plenty are about.
theres not much more you can do if their security is poor.

regards


Report •

#5
April 7, 2005 at 16:52:18

Duh!! I don´t know why that didn´t occur to me already!!! His webhosting company is pathetic...they can´t even tell me the inbound-outbound settings to setup his mail client!! Oh btw I´m in Peru at the moment...things are done much differently here.

But this still doesn´t negatet the fact that his ports are open! I need tomake sure they´re closed.

Unfortunately, this man is not very upfront with me and I´m slowly getting info from him. For example, he told me recently that this hacker change info on his website, intercepts email, I´m not sure if he access his files on his hardrive. I will confirm but thanks for your help...that´s so dumb of me not to even realize that!


Report •

#6
April 8, 2005 at 06:39:19

Hi

probably zero chance he can do try using pgp
freeware
http://www.pgp.com/downloads/freeware/freeware.html
encrypt emails however the recipient needs the key to unlock ,
take care now!

:)


Report •


Ask Question