Port Scanners, Port Watchers and Firewalls/Port Blockers

Port Scanners, Port Watchers and Firewalls/Port Blockers

Post by John Tople » Fri, 16 Jun 2000 04:00:00



(Cross-posting removed)

http://grc.com is a good place to start for the first question. My vanilla
Windows 2000 Pro install was reported as being essentially invisible to port
scanners and that's without a firewall installed.

--
John

Quote:> Here's the situation:

> 1. I want to scan my ports on a fairly vanilla W2K Pro install to see
> what is listening.

> 2. I then want to install/setup a personal firewall/port blocker to
> patch up what I can't kill from services and 3rd party and also
> allow/deny on an ip by ip basis (without IPSEC).

> 3. I then want to set up a port watcher to tell me what the baddies
> are trying to do.

> Suggestions/tips would be appreciated on software (shareware/freeware
> or demos if possible) and/or how to do this.

> Cheers,

> Judd Howie

 
 
 

Port Scanners, Port Watchers and Firewalls/Port Blockers

Post by Kent W. Englan » Fri, 16 Jun 2000 04:00:00


Post from and followup to microsoft.public.win2000.general

Quote:> 1. I want to scan my ports on a fairly vanilla W2K Pro install to see
> what is listening.

From a command prompt, enter "netstat -a" or "netstat -an" to see all
your open ports. Then search deja.com to read the threads in this
group on all those mysterious ports above 1024 that you don't
understand.

Quote:

> 2. I then want to install/setup a personal firewall/port blocker to
> patch up what I can't kill from services and 3rd party and also
> allow/deny on an ip by ip basis (without IPSEC).

That sounds like BlackICE.
Quote:

> 3. I then want to set up a port watcher to tell me what the baddies
> are trying to do.

Once you close down your dangerous ports, do you care if you are
being scanned?

But what about what the baddies put on your system when you
innocently install freeware? No firewall, per se, will watch that
stuff. Get ZoneAlarm to watch what evil things your own Windows tries
to do.

--
Kent W. England
--
For a  step-by-step  guide to installing  your own  small
office  network  and shared  Internet access  safely  and
securely using TCP/IP and NetBEUI, see www.SOHOinter.net.
Email technical support is  not available.  Post Qs here.

 
 
 

Port Scanners, Port Watchers and Firewalls/Port Blockers

Post by Andy Gree » Fri, 16 Jun 2000 04:00:00


At the risk of sounding like a paid-for Zone Labs tool, I *strongly*
recommend it too.  The number of attempts to scan for Trojans will amaze
you.  One note if you're on a dialup with dynamic IP allocation, it is
common for the first couple of minutes to get the previous guy's TCP timeout
traffic; you often see this coming up as hits from a http port to some
random TCP port on your IP.  These don't mean anything (although it can be
fascinating doing a tracert on the numeric IP to find out what websites the
previous owner of your IP was visiting :) )

On my dialup ISP IPs I get several scans a day on trojan ports or attempts
to touch NetBios - I think everyone should be running ZoneAlarm.

-Andy



> Post from and followup to microsoft.public.win2000.general

> > 1. I want to scan my ports on a fairly vanilla W2K Pro install to see
> > what is listening.

> From a command prompt, enter "netstat -a" or "netstat -an" to see all
> your open ports. Then search deja.com to read the threads in this
> group on all those mysterious ports above 1024 that you don't
> understand.

> > 2. I then want to install/setup a personal firewall/port blocker to
> > patch up what I can't kill from services and 3rd party and also
> > allow/deny on an ip by ip basis (without IPSEC).

> That sounds like BlackICE.

> > 3. I then want to set up a port watcher to tell me what the baddies
> > are trying to do.

> Once you close down your dangerous ports, do you care if you are
> being scanned?

> But what about what the baddies put on your system when you
> innocently install freeware? No firewall, per se, will watch that
> stuff. Get ZoneAlarm to watch what evil things your own Windows tries
> to do.

> --
> Kent W. England
> --
> For a  step-by-step  guide to installing  your own  small
> office  network  and shared  Internet access  safely  and
> securely using TCP/IP and NetBEUI, see www.SOHOinter.net.
> Email technical support is  not available.  Post Qs here.

 
 
 

Port Scanners, Port Watchers and Firewalls/Port Blockers

Post by gbh » Sat, 17 Jun 2000 04:00:00


Here's the situation:

1. I want to scan my ports on a fairly vanilla W2K Pro install to see
what is listening.

2. I then want to install/setup a personal firewall/port blocker to
patch up what I can't kill from services and 3rd party and also
allow/deny on an ip by ip basis (without IPSEC).

3. I then want to set up a port watcher to tell me what the baddies
are trying to do.

Suggestions/tips would be appreciated on software (shareware/freeware
or demos if possible) and/or how to do this.

Cheers,

Judd Howie

 
 
 

Port Scanners, Port Watchers and Firewalls/Port Blockers

Post by Gregory Phillip » Sat, 17 Jun 2000 04:00:00


To see what ports are listening open a cmd box and type:

netstat -a

Unfortunatelly some of these are displayed by service name.

epmap   = TCP&UDP 135  
microsoft-ds = TCP&UDP 445
isakmp  = UDP 500
---

 
 
 

1. ISA parallel port card/parallel port scanner

I've been using an Epson ES-800C scanner, via the ISA
parallel port card that came with it, on Win98 for a
couple of years with no problems at all.

Now I've upgraded to Win2000 and the ISA parallel port
card isn't recognized at all by Win2000. How can I fix
this? If the card can be recognized, will the scanner work
with Win2000?

Thanks,
Russ Chinoy

2. Basic Stamp on a SimmStick Platform.

3. how do i open multiple ports or a port range

4. Only one with Cut,Copy,Paste Problems ??

5. How can I tell which COM port on which USB Hub Port?

6. Help with figure inserting

7. opening TCP port 1494 and UDP port 1694

8. change Matlab icon in GUI app

9. Allocation of IR port to COM port

10. Share network port printer with DOS port

11. Com Ports vs. Serial Ports and how to add one?

12. map infrared port to COM port in Win2k

13. map infrared port to com port in Windows 2000