Page 1 of 2 12 LastLast
Results 1 to 15 of 17

Thread: Steve Gibson System Tools

  1. #1
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,329

    Steve Gibson System Tools

    Steve Gibson is my most trusted source for security issues. He has been around since the earliest days of the PC. His web site is full of free utilities that correct many of the MS security issues. Recommend everyone visit to download the items you need.

    I had download DCOMbobulator months ago and had not run it. This morning I finally did and found that port 135 was open. This and other programs are worth a look.

    http://grc.com/freepopular.htm
    Linux Mint Debian Edition

  2. #2
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    yeah GRC.com is a great place... first went there when installed XP and there was the UPnPray port 5000 thing going round. Those little programs DCOM and UPnP are essential to ensure the M$ patches do their job.

    Also, the port testing is invaluable to see if your firewall is up to scratch... i found some holes in early versions of Zonealarm... none now using NIS 2003

    --- 0wN3D by 3gG ---

  3. #3
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184

    ports opened

    this morning, i visited his site and review my settings; i was also going to recommend steve gibson's site. it is definitely the way to go.

    i usually check my security about once every couple of months. it is good to do.

    i found out i had four ports opened. And i have zone alarm pro. so how do i close those ports?

  4. #4
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,329
    Which ports?

    Several of the utilities on the link above, close individual ports. Also a Google search "close port 135" provides many sites with instructions for closing that port. Will probably work in your situation.

    Let us know if you have one you can't find.
    Linux Mint Debian Edition

  5. #5
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184

    open ports

    I am open at ports 21 (ftp), 22 (log on protocol, 23 (Telnet) and finally port 80 (Http).

    As per your suggestion, I did go to goggle and looked around to finding a circumstance that fitted mine. Nothing looked right unless I was not looking at the right location. I went looking at Zone Alarm, even though it has been determined it is in stealth mode, Gibson site- says - no.

    Any good ideas?

  6. #6
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,329
    Important: An open port is not necessarily dangerous!
    You are only at risk if the program using the port contains harmful code. So there is no reason to close all ports in your system. In fact without your ports being open, the internet simply wouldn't work!

    An open port is not an autonomous object, and should not be considered as something which can be destroyed by closing it. If a port is open on your computer, it means that there is an active program using this port number to communicate with other computers on the web. A port isn't opened by the operating system, it's opened by a specific program wanting to use it.

    To close a port, it's usually only necessary to shut down the program holding the port open. On some ports it's enough to tell the program or service that the port should not be opened. A good example is the Microsoft Internet Information Services in Windows 2000 and Windows XP. If installed, they open three ports automatically: 21, 25 and 80. Port 21 is the FTP server, port 25 the SMTP server (email server) and port 80 the webserver for http.

    If however you don't need all these servers, simply shut them down and the ports will be closed automatically. Open the service manager at the control panel - administrative tasks. Services are programs which are automatically run at the system startup without any visible window. They work in the background.

    Search the list for "WWW publishing service" and click on Stop Service icon at the top. The port 80 is no longer in use, meaning that it is closed. You can do the same with the "FTP publishing service" and the "Simple mail transport protocol (SMTP)".

    Source Anti-Trojan.net
    Linux Mint Debian Edition

  7. #7
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184
    thanks for the "heads up" information.

    it is just that i (am not sure of this anymore) .. that is .. i thought zone alarm would be in stealth mode for all the ports regardless if it is open or not.

    i even deleted za and installed it fresh thinking something was corrupted. then i went back to gibson site and checked out -
    --ShieldsUP! and the same ports were still opened.

    but again, repeating myself-
    doesn't za automatically go into stealth mode for all the ports regardless whether it is open or not??? how do i then make it go "stealth"???

  8. #8
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    The only thing I can think of is that you had some program that connects to the internet open while taking the test.

  9. #9
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184
    interesting thought.

    i kept only one window open and that was grc.com - shields up which tested

    and it found ports 21,23 and 80 were open- #22 (log on) was eliminated- respectively--ftp, telnet and http. so perhaps that is the answer. perhaps. <grin>

  10. #10
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    What version of Zone Alarm were you using? The last time I tried Zone Alarm 4, I got a complete stealth rating with default settings.

  11. #11
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184
    i just download the latest version from their web site
    v 4.0.146.029.

    the one before was v 4.0.146.012

    so i do not know-

    ==
    conan,
    did you use shields up to get a complete stealth ratings?

    hmm, the plot thickens.. i am starting to think there might be control panel/ adminstrative tools / services conflict here. hmm

    but where to start.-

  12. #12
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    Originally posted by cityman
    conan,
    did you use shields up to get a complete stealth ratings?


    I always use Shields Up after a fresh reformat of my drive to make sure that my firewall is doing its job. While I did try Zone Alarm I couldn't live with it on a daily basis. I use Sygate Pro, but you have to block Generic Host Process in order to get a full stealth rating.

  13. #13
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184
    Originally posted by Conan
    I I use Sygate Pro, but you have to block Generic Host Process in order to get a full stealth rating.
    i might try sygate pro. what is the advantages/disadvantages of blocking - Generic Host Process?

  14. #14
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    Originally posted by cityman
    i might try sygate pro. what is the advantages/disadvantages of blocking - Generic Host Process?
    If you don't you'll have some ports listed as open when you take the Shields Up test. As to disadvantages, I haven't really come across any.

  15. #15
    Bronze Member
    Join Date
    Sep 2002
    Location
    near ex- world trade center
    Posts
    184
    i switched to sygate did the shields up and got the same open ports. so i uninstalled it and went back to ZA. if i am going to be hacked..it might as well be a program that i am comfortable with.

    there was an article- of some other scans- what was recommended was-

    Audit My PC ( find.pcworld.com/37556 )- this site explains how to fix the problem. and this is what i want

    RVIOscan -- www.Vulns.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •