Closing These Ports?

[v-a-m]

Well, while running Norton System Works,it said "I was at Risk for Hackers!" in a Security Check.

It said these ports are open... now is it dangerous to have these ports open, they seem necessary to be on the internet?

I use a Zone Alaram forewall, here are the ports they said were open.


Any ideas, how I could close any of them?

23: Telnet

80: HTTP

113: Ident/Authentication

[embj]

Port 80 is if you are running a webserver. If you are not you somehow have it open in ZA.

Port 23 is if you use Telnet. You should read what it is here: http://www.techweb.com/encyclopedia/...rm?term=telnet

113 is supposed to be open. It identifies your computer like when you connect to get your mail. I can't remember how to close ports in ZA since it has been about 2 months since I have used it. It is somewhere within the ZA Control Panel. I am sure somebody can tell you where.

[v-a-m]

Okay yah I cant figure it out. But im not running a webserver.

I'd like to close the first two then... anyone know at all?

Thanks alot,
v-a-m

[DVNT1]

BTW, you also don't want 113 open unless you ARE the email server.

In ZOne Alarm you have to go to the Advanced tab within programs and start removing access that was granted to the apps that open these ports.

[Einsamherz]

I've got NT4. Is there an easy way to close ports (particularly 80) to systems OUTSIDE my LAN? I keep getting hack attempts logged (ex. SQL Server overflows, even though it's not ON that machine....)

thanks

[DVNT1]

You can get a router to stop most incoming probes/attacks. They are both broadband and analog routers.

[Einsamherz]

DVNT1:

I've only got a plain old 56k modem on proxy right now. I run a router for my home broadband, but don't have that "luxury" at work.

[DVNT1]

The analog routers can be used with dial-up. Otherwise you have to use software to keep your ports secure.

[v-a-m]

(Im using DSL)

Okay I ran a security check through Norton System Works 2003, here is the link. It was the Security Scan:
(http://security.symantec.com/sscv6/d...d=ie&venid=sym)

It gave me vulnerability to "HACKER EXPOSURE", with ports (23,80,113)
Running a security check with Norton Personal Firewall 2003, it says everything is "Ok", but doesnt show specific hacker, or "port" analysis.

Other free online security scans, show that everything is okay, and all ports probed appear to be closed.
So I think I closed the ports, If Im worng please correct me.. this is what I did...

>Launch Norton Personal Firewall
>Personal Firewall
>Configure (Enter Password)
>Advanced
>General Rules
>Add
>Block
>Connections to and from other computers
>Any Computer
>TCP and UDP
>Only the types of communication or ports listed below
>Add
>Individually specified ports
>23 (and subesquentially 113, and 80 (but only blocking inbound traffic, as I can't see webpages if I block outbound traffic)
>Create a log entry
>OK

1.) Do I wanna block local, remote, or both?

2.) Is that how you close the ports?

3.) If not how do you close your ports?

4.) How do you know if your ports are closed?

Thanks alot for any help from you guys,
v-a-m