ASBB11 wrote: > > Sorry for the very basic question. > Using superscan I found this port open on my computer. How can I close > it? I use sygate personal firewall but it looks like I do not have > options to shut down ports, I can only act on protocols. > Thanks, > > Angelo
Hi Angelo, Never feel sorry for asking basic questions, that's exactly the reason for this list being here! :-) First, you have to find out why the port is open. Do you have any program running that needs to have that open? There's been some discussion lately about why Trend Micro has to use that specific port for updating customer antivirus signatures when it is a well-known fact that it has been a very frequent targeted port for those trying to locate the Netbus admin tool, unfortunately named as a trojan. http://news.zdnet.co.uk/story/0,,t269-s2102922,00.html http://www.securityfocus.com/bid/1013 Not knowing which WinOS you are running you can use a program like TaskInfo and see which processes are active on your system while the port is open. Check with the threads and see what shows up. You can also use netstat -an, at a prompt, to see which ports are currently active. Usually, if you disable the program that is using the port it will be disabled automatically. Many of us who used nmap the first time gasped at seeing quite a few ports open on the router/firewall, not realizing that they had to be open on the INSIDE in order for other machines on the LAN to be able to connect to the outside. So it's possible that despite that the port is open it does not mean that it's accessible from the outside. Do a port scan from a site like http://www.hackerwhacker.com/ , http://www.dslreports.com/ or http://www.securityspace.com and see if you're actually vulnerable. If it is you can look in the user's manual for the Sygate personal firewall and look for the Advanced Rule Configuration option. You can always create a custom rule to block traffic to specific ports if the need arises. http://www.sybergen.com/swat/support/userguides/spf/spf42_userguide.pdf Good luck! -- Patrick Benson Stockholm, Sweden
