Open Ports

I found a site called "Stealth" about a year ago and occasionally run through the Internet security tests they provide. I've always come through with flying colors. I went there last night and discover I now have four ports that are not in stealth mode. They are shown as open. Previously all ports were stealth. The open ports are 21, 22, 23 and 80. The information given says it is crucial to take care of port 23. I have no idea what to do or how to do it. I've been to Microsoft and went to their knowledge base but I'm not a technician and didn't fully understand anything I read. If there is someone out there who can help me I would sure appreciate it. I'm worried about this as I do a lot of shopping and bill paying online.

Information:
Dell Dimension 4600
Windows XP SP2
I.E. 7
AVG Anti-virus w/firewall
SpySweeper
a2 Squared
Win Patrol
80 GB hard drive
2GB RAM

Thank you,
Nikilet

 

I haven't used AVG with Firewall but I'd check in the help for it and see if you can find information about putting these ports back into stealth mode. Also, there is a forum for AVG users which if you registered, you'll be able to use and at least one person there probably knows their way around ports forwards and backwards!

I found a site which listed these common ports:
FTP 21 - File Transfer Protocol (another way of downloading and uploading files)
SSH 22 - Secure Shell (secure connection to other computers - I use it at uni to access the main computer directly and also when I "ring in" from home)
Telnet 23 - connecting to another machine (and person?) via the phone lines (if I remember correctly)
SMTP 25 - email
Web 80 - internet browsing
Pop 3 110 - email
IMAP 143 - not sure
Other Applications
Remote Desktop 3389 - access your computer from somewhere else via internet
PC Anywhere 5631 - as Remote Desktop

 

By the way, can that site you mention check all ports at once and what's the address there? Wouldn't mind a 'squizzy' at the site.

 

Thanks for the resonse Chookers. I misnamed the site. It's Shields Up! I don't know why I hadn't done this before, but I Googled "Internet security tests" and did the hacker test offered by Trend Micro. The report I got from them was totally different than Shields Up! It stated I had a secure computer and no ports open. Shields Up! has quite a number of tests to run. It's http://www.grc.com/x/ne.dll?rh1dkyd2. You have to click on the home button and then on the page that opens page down until you find the the test link. Thanks for taking the time to answer.

 

Hi Nikilet,

I've just come from there ... one of the things which I noticed was is that 'Steve' is talking about windows 95 and 97 which are somewhat dated .... But I found this link on here which maybe useful?

I have downloaded it at least and will give it a run a bit later.

http://www.majorgeeks.com/CurrPorts_d5079.html

"http://www.majorgeeks.com/CurrPorts_d5079.html"

 

Chookers mentioned the ports above, but I'll expand on it a bit.

Port 23 is telnet. Make certain the telnet service is not running.

Go to start, run and type services.msc.

It should be set to manual, and not running. In most cases, it can be disabled altogether.

telnet doesn't require telephone lines, as mentioned above, just internet access.

Port 21 shouldnt be open unless you are running an ftp server. Are you?

Port 22 being SSH....what exactly are you running? IIS? OpenSSH? Apache? Telnet Service?

All things to be checked, and not just closing the port.

 

I did the run/services.msc and the closest thing I found is called Telphony and it is set on manual.

I'm embarrassed to say so, but I don't know if I'm running an ftp server because I don't even know what it is. Same with Port 22, SSH. I don't even know what you are asking me. If you would be willing to be a bit more detailed I'd appreciate your help.

Thank you,
Nikilet

 

If you are still worried it may help you to close some of your ports by going into 'Control Panel, Network Connections, TCP/IP, right click and go to properties. Click on the advanced tab and then the Wins tab. Setting 'Enable Netbios over TCP/IP' and uncheck the 'file and printer sharing for Microsoft Network'. Also under Network connections, right click on you connection and go to properties and uncheck 'file and printer sharing for Microsoft Network'.

And I found this in the help and support section on my comp (XP Pro), which may also be of interest to you.


• Go to Start, click on control panel, double click on the Guiden Network installation guide.
• The Networks installation guide can only be run on computers which use Windows 98, Windows 98 Second Edition, Windows Millennium Edition, Windows XP Home Edition, Windows XP Professional or Microsoft Windows XP Service Pack 2 (SP2).


.............

Here you can also disable the sharing files option.

On the other hand if Trend reckon that every thing is cool I doubt that it is worth doing any of the above.

 

This reply is directed to Aragon. I just came across the reply from TimW so haven't had time to check that out yet.

I did not find everything you laid out for me. Under 'Enable Netbios over TCP/IP' I found no option to uncheck 'file and printer sharing for Microsoft Network.' But I did find an area where I could uncheck 'File and printer sharing for Microsoft Networks' by clicking on my connection and then properties and I did that. I didn't find anything about Guiden Network installation guide. I did a search of my help files and nothing came up on Network installation.

Thank you for your help.
Nikilet

 

This is to TimW

I apologize for being so green but I'm not quite getting your instructions.

I have the box open and it shows Protocol/Local Address/Foreign Address/State and PID.

Where exactly in this box does it give you the port numbers?

I'm sure you must be rolling your eyes but if you can bear with me here maybe I can learn something.

Thanks,
Nikilet

 

Download and install Active Ports

This will do what tim said but in a far easier manner, it also updates in real time so you can see what programs are opening and closing what ports.

 

Hi Nikilet,

I tried TimW example. It disagrees with the site 'shields up' results. I feel more and more that the site shields up maybe too dated to take seriously these days?

I am sorry that you didn't manage to find the 'un check' field ..... Perhaps I should have written it like this ...

Go to 'Start'
Open 'Control Panel'
Open 'Network Connections'
Click on 'advanced' and in the box which opens, left Click on 'advanced Settings'.

You should now have a box infront of you on the screen which has various connections and ties. One of which maybe/should be 'file and printer connections'. Uncheck that option.


I'm on XP pro ... so not sure if it is the same for you?

But as I said before ... I am dubious about you changing things on your comp because 'shields up' says it's a good idea ... simply because 'shields up' seems out of date and also because you have tried 'Trend' who say your comp is fine and also because as far as my comp is concerned, 'shields up' also disagree's with TimW's addvice, in as much as the ports which 'shields up' claim are open on my comp are not open or even running when I run Tim's method. Although Tims method may only be a here and now approach to which ports are open?

I am also a little dubious to 'Steves' advice to completely shut off Bios???? He did say that didn't he?

I see that Microsoft released four new updates to their seccurity in April this year which I haven't looked into but perhaps they were to do with closing the ports or making them a little more discreet?

 

I have just downloaded Active Ports and wanted to respond also to what Aragon wrote.
I really did try to find answers on my own to this question of ports. I did a lot of Googling and reading. I was prepared to accept Trend Micro analysis over ShieldsUp, but then read that ShieldsUp is known to be reputable and quite accurate so decided I'd better rethink that decision.

I don't recall reading advice to shut off BIOS, but I wouldn't touch that suggestion with a 10-foot pole anyway because I just am not knowledgeable enough to try something like that. I'm a dummy when it comes to things like this and I admit it. It is for this very reason that I am so worried about this open port business.

However, I have all the security programs I need and then some and I run things and update everything, including Windows Updates, faithfully, so guess I will just hope everything is ok. I am going to install and run this Active Ports and see what it shows.

I really appreciate each and every response I've gotten. Just wanted all of you who have taken an interest to know that.

Nikilet