how to tell which tcp ports are open?

Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world?

Alos how do i 'ping' myself to test if that is reponding (i dont want it to)?

Mike

Comments

  • [Deleted User][Deleted User] Posts: 500
    Forum Member
    ✭✭
    Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world?

    Alos how do i 'ping' myself to test if that is reponding (i dont want it to)?

    Mike
    Online port scanner.

    Online ping test.
  • [Deleted User][Deleted User] Posts: 1,929
    Forum Member
    ✭✭✭
    Netstat will tell you what ports are open and actually doing something (even if it's only listening) but it won't cover you for ports that aren't open but are vulnerable to the operating system.

    Another one you can try is PC Flank.
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    tievolu wrote:

    thanks ...

    but why does your online port scanner say all ports are stealther and Nortons says i have ports open???

    Mike
  • [Deleted User][Deleted User] Posts: 1,929
    Forum Member
    ✭✭✭
    Are you using a router?

    If so then the online port tests will only be seeing what ports that has open (usually only forwarded ports) where as Norton is reporting what the PC has open and could be accessed by someone on your LAN.
  • [Deleted User][Deleted User] Posts: 500
    Forum Member
    ✭✭
    thanks ...

    but why does your online port scanner say all ports are stealther and Nortons says i have ports open???
    As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

    Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    tievolu wrote:
    As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

    Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).

    no router... but i have one, a wirless one, is it better to use it then?

    Mike
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    tievolu wrote:
    As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

    Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).

    Actually it was Nortons website based scanner, so why the discrepancy I wonder??

    Mike
  • [Deleted User][Deleted User] Posts: 500
    Forum Member
    ✭✭
    Actually it was Nortons website based scanner, so why the discrepancy I wonder??
    Hmmm... that's interesting.

    Just out of curiosity, which ports did the two scans disagree on?
  • [Deleted User][Deleted User] Posts: 500
    Forum Member
    ✭✭
    no router... but i have one, a wirless one, is it better to use it then?
    Yes, a router represents another layer of defence, so it's worth using it even if you only have one machine to connect.
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    tievolu wrote:
    Hmmm... that's interesting.

    Just out of curiosity, which ports did the two scans disagree on?

    the scan site someone mentioned on here said all ports are stealthed.

    with norton they are just closed apart from:


    ICMP Ping

    22 SSH TCP connections to this port might indicate a search for SSH, which has a few exploitable features. SSH is a secure replacement for Telnet. The most common uses of SSH are to securely login and copy files from a server

    80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web pages over the Internet. Port 80 should be open only if you're running a Web server.

    ...which are open!

    That despite the firewall being turned up full, all windows updates to date, and all security software up to date!

    So how so different??

    Mike
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    additonally.....

    when i first used dnsstuff i was using a specific proxy (cardiff?) and the dns site said it was unable to function as the server concerned was infected with malware!

    Maybe ntl's servers are affected and thus affecting us??

    Mike
  • LaggyLaggy Posts: 3,121
    Forum Member
    ✭✭✭
    Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer.

    If your passing this ok then your firewall is operating correctly.
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    Laggy wrote:
    Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer.

    If your passing this ok then your firewall is operating correctly.


    Thanks for the explanation!

    But.... the reason for asking this was my computer being hijacked by trojan horses a while ago. I presumed i was doing something wrong, or that Norton was. Now Im confused and dont know how they got on my machine!

    Still, touch wood, I did a format and reinstall and all seems well at the moment....

    Mike
  • [Deleted User][Deleted User] Posts: 925
    Forum Member
    ✭✭
    Trojans normally get on by the user doing something "dumb" (no offence meant) :
    Running programs that you downloaded over P2P
    Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites
    Running a "funny" program attached to an email from a buddy

    No amount of fire wall or port blocking will stop a program that you have just told your computer to run.
  • [Deleted User][Deleted User] Posts: 469
    Forum Member
    Doomy wrote:
    Trojans normally get on by the user doing something "dumb" (no offence meant) :
    Running programs that you downloaded over P2P
    Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites
    Running a "funny" program attached to an email from a buddy

    No amount of fire wall or port blocking will stop a program that you have just told your computer to run.

    i agree! lololol

    ..but if only i had actually done that i wouldnt have minded!

    it even defeated my IT mate..

    Mike
  • dave09dave09 Posts: 130
    Forum Member
    To help find and keep the problem stuff out you could use any combo of these..

    Spyware Blaster

    Spyware Guard

    IE Spyad

    Some scanners to use if you think you already got them..

    Ad-Aware SE

    Spybot Search & Destroy

    and some Anti-Trojan Software..

    Ewido Anti-Spyware

    a-squared
Sign In or Register to comment.