Digital Spy

Search Digital Spy
 

DS Forums

 
 

how to tell which tcp ports are open?


Reply
Thread Tools Search this Thread
Old 30-06-2006, 10:16
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462

Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world?

Alos how do i 'ping' myself to test if that is reponding (i dont want it to)?

Mike
mikeinlondon is offline   Reply With Quote
Please sign in or register to remove this advertisement.
Old 01-07-2006, 11:24
tievolu
Forum Member
 
Join Date: May 2005
Location: Portsmouth
Posts: 500
Originally Posted by mikeinlondon
Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world?

Alos how do i 'ping' myself to test if that is reponding (i dont want it to)?

Mike
Online port scanner.

Online ping test.
tievolu is offline   Reply With Quote
Old 04-07-2006, 21:07
brundles
Forum Member
 
Join Date: Sep 2003
Location: Berkshire
Posts: 1,505
Netstat will tell you what ports are open and actually doing something (even if it's only listening) but it won't cover you for ports that aren't open but are vulnerable to the operating system.

Another one you can try is PC Flank.
brundles is offline   Reply With Quote
Old 05-07-2006, 08:10
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
Originally Posted by tievolu
thanks ...

but why does your online port scanner say all ports are stealther and Nortons says i have ports open???

Mike
mikeinlondon is offline   Reply With Quote
Old 05-07-2006, 09:16
brundles
Forum Member
 
Join Date: Sep 2003
Location: Berkshire
Posts: 1,505
Are you using a router?

If so then the online port tests will only be seeing what ports that has open (usually only forwarded ports) where as Norton is reporting what the PC has open and could be accessed by someone on your LAN.
brundles is offline   Reply With Quote
Old 05-07-2006, 10:44
tievolu
Forum Member
 
Join Date: May 2005
Location: Portsmouth
Posts: 500
Originally Posted by mikeinlondon
thanks ...

but why does your online port scanner say all ports are stealther and Nortons says i have ports open???
As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).
tievolu is offline   Reply With Quote
Old 05-07-2006, 22:00
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
Originally Posted by tievolu
As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).
no router... but i have one, a wirless one, is it better to use it then?

Mike
mikeinlondon is offline   Reply With Quote
Old 06-07-2006, 09:06
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
Originally Posted by tievolu
As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).
Actually it was Nortons website based scanner, so why the discrepancy I wonder??

Mike
mikeinlondon is offline   Reply With Quote
Old 06-07-2006, 09:41
tievolu
Forum Member
 
Join Date: May 2005
Location: Portsmouth
Posts: 500
Originally Posted by mikeinlondon
Actually it was Nortons website based scanner, so why the discrepancy I wonder??
Hmmm... that's interesting.

Just out of curiosity, which ports did the two scans disagree on?
tievolu is offline   Reply With Quote
Old 06-07-2006, 09:42
tievolu
Forum Member
 
Join Date: May 2005
Location: Portsmouth
Posts: 500
Originally Posted by mikeinlondon
no router... but i have one, a wirless one, is it better to use it then?
Yes, a router represents another layer of defence, so it's worth using it even if you only have one machine to connect.
tievolu is offline   Reply With Quote
Old 06-07-2006, 18:26
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
Originally Posted by tievolu
Hmmm... that's interesting.

Just out of curiosity, which ports did the two scans disagree on?
the scan site someone mentioned on here said all ports are stealthed.

with norton they are just closed apart from:


ICMP Ping

22 SSH TCP connections to this port might indicate a search for SSH, which has a few exploitable features. SSH is a secure replacement for Telnet. The most common uses of SSH are to securely login and copy files from a server

80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web pages over the Internet. Port 80 should be open only if you're running a Web server.

...which are open!

That despite the firewall being turned up full, all windows updates to date, and all security software up to date!

So how so different??

Mike
mikeinlondon is offline   Reply With Quote
Old 06-07-2006, 18:40
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
additonally.....

when i first used dnsstuff i was using a specific proxy (cardiff?) and the dns site said it was unable to function as the server concerned was infected with malware!

Maybe ntl's servers are affected and thus affecting us??

Mike
mikeinlondon is offline   Reply With Quote
Old 07-07-2006, 00:41
Laggy
Forum Member
 
Join Date: Jul 2000
Posts: 3,088
Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer.

If your passing this ok then your firewall is operating correctly.
Laggy is offline   Reply With Quote
Old 07-07-2006, 07:49
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
Originally Posted by Laggy
Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer.

If your passing this ok then your firewall is operating correctly.

Thanks for the explanation!

But.... the reason for asking this was my computer being hijacked by trojan horses a while ago. I presumed i was doing something wrong, or that Norton was. Now Im confused and dont know how they got on my machine!

Still, touch wood, I did a format and reinstall and all seems well at the moment....

Mike
mikeinlondon is offline   Reply With Quote
Old 07-07-2006, 11:07
Doomy
Forum Member
 
Join Date: Sep 2004
Location: Leicester
Posts: 912
Trojans normally get on by the user doing something "dumb" (no offence meant) :
Running programs that you downloaded over P2P
Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites
Running a "funny" program attached to an email from a buddy

No amount of fire wall or port blocking will stop a program that you have just told your computer to run.
Doomy is offline   Reply With Quote
Old 07-07-2006, 12:03
mikeinlondon
Forum Member
 
Join Date: Jul 2004
Location: London SE10
Posts: 462
Originally Posted by Doomy
Trojans normally get on by the user doing something "dumb" (no offence meant) :
Running programs that you downloaded over P2P
Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites
Running a "funny" program attached to an email from a buddy

No amount of fire wall or port blocking will stop a program that you have just told your computer to run.
i agree! lololol

..but if only i had actually done that i wouldnt have minded!

it even defeated my IT mate..

Mike
mikeinlondon is offline   Reply With Quote
Old 07-07-2006, 19:23
dave09
Forum Member
 
Join Date: Apr 2003
Location: teeside
Posts: 130
To help find and keep the problem stuff out you could use any combo of these..

Spyware Blaster

Spyware Guard

IE Spyad

Some scanners to use if you think you already got them..

Ad-Aware SE

Spybot Search & Destroy

and some Anti-Trojan Software..

Ewido Anti-Spyware

a-squared
dave09 is offline   Reply With Quote
 
Reply



Thread Tools Search this Thread
Search this Thread:

Advanced Search

 
Forum Jump


All times are GMT +1. The time now is 11:13.