A tool for this purpose could (again ;) be a desktop firewall named "ATGuard". With ATGuard you can block these Ports from being accessed remotely and also on the so called "Dashboard" exists a section for Network Connections. In this section you can see a list with information like this: -the protocol (TCP) -the Executable (inetinfo.exe) -the State (Listening) -Remote ( ) -Local (BlueScreen-Primary: 3005) -Sent ( ) -Received ( ) -Time (34:49)
You can download ATGuard for example from here: http://www.seitz-pc.de/cooky/downloads/atguard.zip I hope it is the English Version ;) Good luck. BTW, inetinfo.exe is (as far as i know) part of the Internet Information Server: IIS Administration Service. Regards, ------------------------------------------------------- BlueScreen / Florian Hobelsberger (UIN: 101782087) Member of: www.IT-Checkpoint.net www.Hackeinsteiger.de www.NGSecurity.de www.DvLdW.de.vu Für Fragen im Bereich Datensicherheit wenden Sie sich bitte an: www.Hackeinsteiger-Board.de www.Securitypoint-board.de.vu ================================================================== This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Forwarding this E-Mail or parts of information out of it is strictly forbidden - legal actions may be taken. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and BlueScreen/Florian Hobelsberger does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the Sender by telephone on +49 (0)162 337 98 40. ================================================================== To encrypt classified messages, please use this PGP-Key: -----BEGIN PGP PUBLIC KEY BLOCK----- mQGiBDoSjNYRBADwxmFyGCYJVVwoYx6jh69D7Kbu5vLmLGz4LqW7ukFa5YhsdQ2g hqw7iH4FL7UXSyvnQR2O+avrZtn6JgiLr9YvEBuGR4KwmNHzNAdWt1ftPqL/4932 K20XOfzewatJf23gpzpxQ6q7qqN0XKW9zvmBpJqNNosOBbj/Q4257Dao1QCg/9lI 77kKxR9HkiFnFWstiQ/tfOUD/jLogwExYHYYhqKoLG7Pgv+K1+64LXHrwiU53udP PyIBLMx+/nD11dT9GcgH8BKqqYNIewBtTUfe4TzNqdmyOHkGzSk/uWagopXVAWYe lwrFjHSbL5Hgkyuxu26O5UzJeIM74X2lTpXMS2Xeas5/9OGCEZEcrgLzcpwup/Ww L4jCA/9ScTZ7hJlLAF8SsmKtG06UpTLhbHj2JHLYpuS9okcW+tf7KIoc1BytqJyX VwTB3dCZQHzlCBd515k/9n+G2IWmUhh4FWyIOcf9pUPvrrxg6cUMs2C9p5pan0dW huCCXtqOo/ii8QShwJ1Z2QgclNqa7NU9zKWKLAvdEhlzCtofBLRELT1CbHVlU2Ny ZWVuPS0gLyBGbG9yaWFuIEhvYmVsc2JlcmdlciAoMjkuMTEuMjAwMSkgPE11bmlj aEFDQGdteC5kZT6JAFgEEBECABgFAjoSjNYICwMJCAcCAQoCGQEFGwMAAAAACgkQ lZAUaM5lFc7p+QCgwueO8h1r+tePys2abqKrpYTJNTcAmwcgd0zQ5pS9pWf6qqIs WlET5qgluQQNBDoSjNYQEAD5GKB+WgZhekOQldwFbIeG7GHszUUfDtjgo3nGydx6 C6zkP+NGlLYwSlPXfAIWSIC1FeUpmamfB3TT/+OhxZYgTphluNgN7hBdq7YXHFHY UMoiV0MpvpXoVis4eFwL2/hMTdXjqkbM+84X6CqdFGHjhKlP0YOEqHm274+nQ0YI xswdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3yHx5sHIdOHX79sFzxIMRJitD YMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX86RA6dfSd7ZC LQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/CBdyorrWqULz Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq 01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O 9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6z3W FwACAhAAyeDU/CZegfCp3VmSKfIorYKjbtvSpriZ3KMmD9Qp9GlxwxJOQWUuqtPT WMJnBwXgYKW34jvSw5gDBByOrzHyqolaKvqjG6QXenWcAt2Z5KkIUEFBHrFxUSr4 gwCexwLW1NxGILE6j4O1ZpWj5BJQTqZZpJzJarnzv2cXof0VK8SJodEEu21VHzxP yvU2FTmwsPU5fs+6mppkPdZgb0cqmNTVqak0xyfZzPd4lLOEZIuauOoruTE0a6XV AEx/ns5uY/U16FNq1WNaeJIulGZZNLT5DXwpGPqxm05XRineI8U2mgw+1KVGOnXM 1YfFAIjkpwy9zjjT752m3KNLe3wiWjF+SeH9USCm9KtQZHYQn6jB1hY67rKT2m8p G1qBdbb2sZJCJRlROCe4W/vxevRe7TGdYaNy/hvV7i4OMl/pmeRnKqTpdLLP0Nah 2Cqa7+ddKdwdVtGxzowqKtQOzLF3wnXoixHtKtK8AG2gEa74rsuUamt6alnkFxKQ SsaufCEa6aw/ttJHSEX9HHsbsJ+nmp2RRB+K8Eawln2LZliMb9xnZa3OGMwvkJCU ZyGurrezM8MKGID5PsvV0z/jXP4yhy+Y0szYks2xbq6yAxa86D3LH/AC++l1tV6s iw49duIvnFrlTPzY5qF8P0ywxVbSnXHl+TrVPUsWV8Z4L0mPA4uJAEwEGBECAAwF AjoSjNYFGwwAAAAACgkQlZAUaM5lFc537wCgrEO460bbrm220zd9Mn9Nv/IB9LcA oNeYVeRb2JfeQJkMwu7bfaCqEuoz =Vkyz -----END PGP PUBLIC KEY BLOCK----- ----- Original Message ----- From: "Dilli Rajesh Kumar" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, January 21, 2002 9:42 AM Subject: win2k ports > Hi, > My win2k box has some open ports which i'm not sure for waht service. > Ports 3035,3036,3037 are open if the routing and remote access service is > enabled.And these ports keep varying everytime i restart it.Apart from this > port 3005 is also open which i'm not able to figure out for what purpose.Is > there any tool which gives me what ports are open in the m/c and what are > the corresponding process for that open ports and how do i close these > ports. > > Regards > DRajesh >