|
cant close or cloak port 305 win 2k
bigpond cable via usb.............
tried to close this port but stubbornly it remains open i have turned off dcom and set rules in the firewall [kerio] which disallows access in or out for tcp or udp any tips on how to cloak or at least close port 135? thanks scul |
Re: cant close or cloak port 305 win 2k
scully wrote something like:
> bigpond cable via usb............. > tried to close this port but stubbornly it remains open > i have turned off dcom and set rules in the firewall [kerio] which > disallows access in or out for tcp or udp > > any tips on how to cloak or at least close port 135? > thanks > scul Use a router. I use an old headless P166 PC with smoothwall on it, but any hardware router/firewall is a good idea IMO. -- - Leafnode. Making usenet a better place. - |
Re: cant close or cloak port 305 win 2k
On Sat, 10 Dec 2005 23:10:39 GMT, scully wrote:
> > any tips on how to cloak or at least close port 135? Results 1 - 10 of 654 for close port 135 group:*microsoft* (0.19 seconds) Using the following with close port 135 in the first box and *microsoft* in the newsgroup box (astrisk microsoft asterisk) ----------- standard search text follows ---------------------- Please bookmark the following, very large, Frequently Asked Questions (faq) Search engine: http://groups.google.com/advanced_group_search key word(s) in the first box *linux* in Newsgroup box. You need to use the two asterisks around linux, pick English If you want/need more control over the first box search, http://www.google.com/help/refinesearch.html |
Re: cant close or cloak port 305 win 2k
From: "scully" <scul@peerless.com>
| bigpond cable via usb............. | tried to close this port but stubbornly it remains open | i have turned off dcom and set rules in the firewall [kerio] which | disallows access in or out for tcp or udp | | any tips on how to cloak or at least close port 135? | thanks | scul Use a Cable/DSL Router such as the Linksys BEFSR41 and specifically block TCP and UDP ports 135 ~ 139 and 445 and you won't have to muck with the computer's OS. I take it TCP/UDP port 305 is a typo as there is nothing from Microsoft or other vendors at that port loading a Service. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
Re: cant close or cloak port 305 win 2k
"scully" <scul@peerless.com> wrote in message
news:vjnmp1dj4s53pvmvt1ak2bpoo4trovcgr3@4ax.com... > bigpond cable via usb............. > tried to close this port but stubbornly it remains open > i have turned off dcom and set rules in the firewall [kerio] which > disallows access in or out for tcp or udp > > any tips on how to cloak or at least close port 135? > thanks > scul So how do you know the port is "open"? |
Re: cant close or cloak port 305 win 2k
<Vanguard> wrote something like:
> "scully" <scul@peerless.com> wrote in message > news:vjnmp1dj4s53pvmvt1ak2bpoo4trovcgr3@4ax.com... >> bigpond cable via usb............. >> tried to close this port but stubbornly it remains open >> i have turned off dcom and set rules in the firewall [kerio] which >> disallows access in or out for tcp or udp >> >> any tips on how to cloak or at least close port 135? >> thanks >> scul > > > So how do you know the port is "open"? Yeah. Most of the online scanners are flakey. You go to a couple of different ones and they are likely to give different results... -- - Leafnode. Making usenet a better place. - |
Re: cant close or cloak port 305 win 2k
On Sat, 10 Dec 2005 19:34:32 -0600, <Vanguard> wrote:
>"scully" <scul@peerless.com> wrote in message >news:vjnmp1dj4s53pvmvt1ak2bpoo4trovcgr3@4ax.com.. . >> bigpond cable via usb............. >> tried to close this port but stubbornly it remains open >> i have turned off dcom and set rules in the firewall [kerio] which >> disallows access in or out for tcp or udp >> >> any tips on how to cloak or at least close port 135? >> thanks >> scul > > >So how do you know the port is "open"? i usually use grc's sheilds up as a qick test and it reported 135 as being open all other ports were cloaked i disabled dcom and found a few other services i should disable such as the rpc and remote access services..... i also set rules to disable access to these ports 135,136. 137.138,139 for udp + tcp in kerio firewall.....port 135 obviously this didnt do it...still responding to pings from grc wonder if disabling echo request would do the trick?? i cant test it here as we have a hardware firewall i cant play with scul |
Re: cant close or cloak port 305 win 2k
From: "scully" <scul@peerless.com>
< snip > | i cant test it here as we have a hardware firewall i cant play with | scul Do you think you just answered your question in your reply ? As I suggested, use a Cable/DSL Router and specifically block 135 ~139 and 445 on the Router. You can even get a Router model with a full FireWall implementation. I have a Linksys BEFSR81and block all WAN requests and those ports and all ports scans from all sites indicate all ports are stealthed. I have the RPC, NetBIOS and SMB ports open on all my PCs because I have a SOHO LAN behind that Router. No mucking with the OS needed. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
Re: cant close or cloak port 305 win 2k
"scully" <scul@peerless.com> wrote in message
news:9k4np195mdlvkf382d8s93uqebori6813m@4ax.com... > On Sat, 10 Dec 2005 19:34:32 -0600, <Vanguard> wrote: > >>"scully" <scul@peerless.com> wrote in message >>news:vjnmp1dj4s53pvmvt1ak2bpoo4trovcgr3@4ax.com. .. >>> bigpond cable via usb............. >>> tried to close this port but stubbornly it remains open >>> i have turned off dcom and set rules in the firewall [kerio] which >>> disallows access in or out for tcp or udp >>> >>> any tips on how to cloak or at least close port 135? >>> thanks >>> scul >> >> >>So how do you know the port is "open"? > i usually use grc's sheilds up as a qick test > and it reported 135 as being open all other ports were cloaked > i disabled dcom and found a few other services i should disable such > as the rpc and remote access services..... > i also set rules to disable access to these ports 135,136. 137.138,139 > for udp + tcp in kerio firewall.....port 135 obviously this didnt do > it...still responding to pings from grc > wonder if disabling echo request would do the trick?? > i cant test it here as we have a hardware firewall i cant play with > scul Now it's port 135 (instead of 305)? Did you read the comments on GRC's web page regarding port 135? See https://www.grc.com/port_113.htm. It is about a different port but gives clues as to how you close that port. Basically, define a rule that kills the port. If you have a NAT router, disable it there. If all you have is a software firewall in a host connected directly to the Internet then define a rule to block it there. |
Re: cant close or cloak port 305 win 2k
On Sat, 10 Dec 2005 22:26:12 -0600, <Vanguard> wrote:
>"scully" <scul@peerless.com> wrote in message >news:9k4np195mdlvkf382d8s93uqebori6813m@4ax.com.. . >> On Sat, 10 Dec 2005 19:34:32 -0600, <Vanguard> wrote: >> >>>"scully" <scul@peerless.com> wrote in message >>>news:vjnmp1dj4s53pvmvt1ak2bpoo4trovcgr3@4ax.com ... >>>> bigpond cable via usb............. >>>> tried to close this port but stubbornly it remains open >>>> i have turned off dcom and set rules in the firewall [kerio] which >>>> disallows access in or out for tcp or udp >>>> >>>> any tips on how to cloak or at least close port 135? >>>> thanks >>>> scul >>> >>> >>>So how do you know the port is "open"? >> i usually use grc's sheilds up as a qick test >> and it reported 135 as being open all other ports were cloaked >> i disabled dcom and found a few other services i should disable suc>> as the rpc and remote access services..... >> i also set rules to disable access to these ports 135,136. 137.138,139 >> for udp + tcp in kerio firewall.....port 135 obviously this didnt do >> it...still responding to pings from grc >> wonder if disabling echo request would do the trick?? >> i cant test it here as we have a hardware firewall i cant play with >> scul > > >Now it's port 135 (instead of 305)? Did you read the comments on GRC's web >page regarding port 135? > >See https://www.grc.com/port_113.htm. It is about a different port but >gives clues as to how you close that port. Basically, define a rule that >kills the port. If you have a NAT router, disable it there. If all you >have is a software firewall in a host connected directly to the Internet >then define a rule to block it there. the machine in question is offsite. i am going back next week to attempt to secure it properly.....my friend has no money for a router so we need to do the job with a software firewall ....as i said we are well protected here with hardware firewall so i cant do much to test this .....ip address of his computer is fixed and a previous virus infection has allowed access to a server that is still attemting to download virus..... the only visible port is 135 and that is open....obviously my knowledge here is deficient as i closed the port to tcp + udp which did nothing...... my simple question is if i kill the port for icmp will that cloak it.....i am using kerio pf thanks again scul |
| All times are GMT. The time now is 07:49 PM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.