Steve Gibson is my most trusted source for security issues. He has been around since the earliest days of the PC. His web site is full of free utilities that correct many of the MS security issues. Recommend everyone visit to download the items you need.

I had download DCOMbobulator months ago and had not run it. This morning I finally did and found that port 135 was open. This and other programs are worth a look.

http://grc.com/freepopular.htm

yeah GRC.com is a great place... first went there when installed XP and there was the UPnPray ;) port 5000 thing going round. Those little programs DCOM and UPnP are essential to ensure the M$ patches do their job.

Also, the port testing is invaluable to see if your firewall is up to scratch... i found some holes in early versions of Zonealarm... none now using NIS 2003 ;)

this morning, i visited his site and review my settings; i was also going to recommend steve gibson's site. it is definitely the way to go.

i usually check my security about once every couple of months. it is good to do.

i found out i had four ports opened. And i have zone alarm pro. so how do i close those ports?

Which ports?

Several of the utilities on the link above, close individual ports. Also a Google search "close port 135" provides many sites with instructions for closing that port. Will probably work in your situation.

Let us know if you have one you can't find.

I am open at ports 21 (ftp), 22 (log on protocol, 23 (Telnet) and finally port 80 (Http).

As per your suggestion, I did go to goggle and looked around to finding a circumstance that fitted mine. Nothing looked right unless I was not looking at the right location. I went looking at Zone Alarm, even though it has been determined it is in stealth mode, Gibson site- says - no.

Any good ideas?

Important: An open port is not necessarily dangerous!
You are only at risk if the program using the port contains harmful code. So there is no reason to close all ports in your system. In fact without your ports being open, the internet simply wouldn't work!

An open port is not an autonomous object, and should not be considered as something which can be destroyed by closing it. If a port is open on your computer, it means that there is an active program using this port number to communicate with other computers on the web. A port isn't opened by the operating system, it's opened by a specific program wanting to use it.

To close a port, it's usually only necessary to shut down the program holding the port open. On some ports it's enough to tell the program or service that the port should not be opened. A good example is the Microsoft Internet Information Services in Windows 2000 and Windows XP. If installed, they open three ports automatically: 21, 25 and 80. Port 21 is the FTP server, port 25 the SMTP server (email server) and port 80 the webserver for http.

If however you don't need all these servers, simply shut them down and the ports will be closed automatically. Open the service manager at the control panel - administrative tasks. Services are programs which are automatically run at the system startup without any visible window. They work in the background.

Search the list for "WWW publishing service" and click on Stop Service icon at the top. The port 80 is no longer in use, meaning that it is closed. You can do the same with the "FTP publishing service" and the "Simple mail transport protocol (SMTP)".

Source Anti-Trojan.net

thanks for the "heads up" information.

it is just that i (am not sure of this anymore) .. that is .. i thought zone alarm would be in stealth mode for all the ports regardless if it is open or not.

i even deleted za and installed it fresh thinking something was corrupted. then i went back to gibson site and checked out -
--ShieldsUP! and the same ports were still opened.

but again, repeating myself-
doesn't za automatically go into stealth mode for all the ports regardless whether it is open or not??? how do i then make it go "stealth"???

The only thing I can think of is that you had some program that connects to the internet open while taking the test.

interesting thought.

i kept only one window open and that was grc.com - shields up which tested

and it found ports 21,23 and 80 were open- #22 (log on) was eliminated- respectively--ftp, telnet and http. so perhaps that is the answer. perhaps. <grin>

What version of Zone Alarm were you using? The last time I tried Zone Alarm 4, I got a complete stealth rating with default settings.

i just download the latest version from their web site
v 4.0.146.029.

the one before was v 4.0.146.012

so i do not know-

==
conan,
did you use shields up to get a complete stealth ratings?

hmm, the plot thickens.. i am starting to think there might be control panel/ adminstrative tools / services conflict here. hmm

but where to start.-

Originally posted by cityman
conan,
did you use shields up to get a complete stealth ratings?




I always use Shields Up after a fresh reformat of my drive to make sure that my firewall is doing its job. While I did try Zone Alarm I couldn't live with it on a daily basis. I use Sygate Pro, but you have to block Generic Host Process in order to get a full stealth rating.

Originally posted by Conan
I I use Sygate Pro, but you have to block Generic Host Process in order to get a full stealth rating.

i might try sygate pro. what is the advantages/disadvantages of blocking - Generic Host Process?

Originally posted by cityman
i might try sygate pro. what is the advantages/disadvantages of blocking - Generic Host Process?

If you don't you'll have some ports listed as open when you take the Shields Up test. As to disadvantages, I haven't really come across any.

i switched to sygate did the shields up and got the same open ports. so i uninstalled it and went back to ZA. if i am going to be hacked..it might as well be a program that i am comfortable with.

there was an article- of some other scans- what was recommended was-

Audit My PC ( find.pcworld.com/37556 )- this site explains how to fix the problem. and this is what i want

RVIOscan -- www.Vulns.com

i have not fixed the problem. why the 4 ports are opened.

is there a way to make Zone Alarm Pro close the 4 different ports?

i mean- maybe that is the standard installation.

Or would there be something in windows itself that keeps the ports open?

the solution came from Jnismi at another site: he wrote--

Check out here for info on the ports: http://www.iana.org/assignments/port-numbers

FYI, port 20, 21 is FTP, 22 is for secure socket handling, 80 is web.
Sounds to me like you have IIS installed and setup with defaults. I would lock those down nice and quick like.
==

and that was the answer- IIS was installed. everything is in stealth mode except for port 113 and that was closed. now to figure out how to close port 113.