artist Posted November 30, 2003 Report Share Posted November 30, 2003 I just did a scan with SheildsUPhttp://grc.com/x/ne.dll?rh1dkyd2It showed two vunerable ports1025 - Host - It said that ZA should be able to close this? - So why hasn't it?and5000 - to do with M/S Plug and Play, apparently.There's a utility on the site to close PandP - will I notice a difference somewhere if I do. Quote Link to comment Share on other sites More sharing options...
Chris Posted November 30, 2003 Report Share Posted November 30, 2003 Artist...To close Port 5000 use Steves little tool to close it.InformationDownloadYou can do it manually: Start, run, type: services.msc Click OK. Find: Universal Plug and Play Device Host Double click and set it's Startup Type to: Disabled. Log off or restart to make the change. You won't notice a difference.For port 1025, In ZA Click Firewall [main] Push the setting to High for Internet Security Zone. Quote Link to comment Share on other sites More sharing options...
artist Posted November 30, 2003 Author Report Share Posted November 30, 2003 5000 - I went for the manual option - I wanted to see what was there - It was already disabled!This is my .blonde. moment - The ZA didn't open :o be more specific please............ :D Quote Link to comment Share on other sites More sharing options...
Chris Posted November 30, 2003 Report Share Posted November 30, 2003 Hmmmm download that tool then and see if it says it is disabled.ZA is not opening?Double clicked it in the taskbar?Or do it from the start menu. Quote Link to comment Share on other sites More sharing options...
artist Posted November 30, 2003 Author Report Share Posted November 30, 2003 Done the ZA - I've never opened it before! :D I'll do the little tool now...................... Quote Link to comment Share on other sites More sharing options...
artist Posted November 30, 2003 Author Report Share Posted November 30, 2003 Done the ZA - I've never opened it before! :D I'll do the little tool now......................Well now - I pressed the 'disable now' - went back to have a look and it is now 'ENABLED' :huh: :( Now what - something a little amiss........................ Quote Link to comment Share on other sites More sharing options...
moon Posted November 30, 2003 Report Share Posted November 30, 2003 Results with Outpost FirewallUnable to connect with NetBIOS to your computer.All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.Outpost is free if you get fed up with ZA. Quote Link to comment Share on other sites More sharing options...
Chris Posted November 30, 2003 Report Share Posted November 30, 2003 Restart the computer and then use the "Tool" to disable UPnP (again)Zonealarm works as i have it :P all passy pasts. Quote Link to comment Share on other sites More sharing options...
Boris Posted November 30, 2003 Report Share Posted November 30, 2003 Results with Outpost FirewallUnable to connect with NetBIOS to your computer.All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.Outpost is free if you get fed up with ZA. I use Outpost as well but still appear to have Port 1025 open :o - I don't know why at the moment ! Quote Link to comment Share on other sites More sharing options...
Chris Posted November 30, 2003 Report Share Posted November 30, 2003 1025 Host Stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!Using ZA. Quote Link to comment Share on other sites More sharing options...
Boris Posted November 30, 2003 Report Share Posted November 30, 2003 I thought it might be Ad Muncher ? but no !SVCHOST.EXE *.*.*.* n/a TCP 0 bytes 0 bytes 30/11/2003 22:48:06 Listening 1025 *.*.*.* 00:21:05 0So - its something in Services then :unsure: Better take a look at Black Viper :confused: Quote Link to comment Share on other sites More sharing options...
moon Posted December 1, 2003 Report Share Posted December 1, 2003 Let us know what it is, boris.ZA is great, powerless, but it was inconsistent on my LAN. Outpost has no probs. with the LAN whatsoever. Quote Link to comment Share on other sites More sharing options...
artist Posted December 1, 2003 Author Report Share Posted December 1, 2003 Well - here's a funny thing - I couldn't get back on the net last night - 'No connection available', it said.I vowed war on Freeserve!!Still no joy this morning. Went back over what I did yesterday - turned the PandP back on .............I can now connect!Does that mean that port 5000 will have to stay vunerable? Quote Link to comment Share on other sites More sharing options...
moon Posted December 1, 2003 Report Share Posted December 1, 2003 It shouldn't do, but I don't know how to close it. As you can see from my Gibson tests you ought to be invisible on 'stealth'. Quote Link to comment Share on other sites More sharing options...
artist Posted December 1, 2003 Author Report Share Posted December 1, 2003 That test didn't say stealth.......... It said it was open. :( Quote Link to comment Share on other sites More sharing options...
moon Posted December 1, 2003 Report Share Posted December 1, 2003 You have to set your firewall to 'stealth' mode. Quote Link to comment Share on other sites More sharing options...
artist Posted December 1, 2003 Author Report Share Posted December 1, 2003 Powerless said 'high'.................... :huh: Quote Link to comment Share on other sites More sharing options...
moon Posted December 1, 2003 Report Share Posted December 1, 2003 He's probably right. Isn't there a 'stealth' mode in ZA ? I haven't used it for a year or so. Quote Link to comment Share on other sites More sharing options...
artist Posted December 1, 2003 Author Report Share Posted December 1, 2003 Just looked - apparently that's what the 'high' is. :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.