how to tell which tcp ports are open?

mikeinlondon · 30-06-2006, 10:16

Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world?

Alos how do i 'ping' myself to test if that is reponding (i dont want it to)?

Mike

tievolu · 01-07-2006, 11:24

Quote:

Originally Posted by mikeinlondon

Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world?

Alos how do i 'ping' myself to test if that is reponding (i dont want it to)?

Mike

Online port scanner.

Online ping test.

brundles · 04-07-2006, 21:07

Netstat will tell you what ports are open and actually doing something (even if it's only listening) but it won't cover you for ports that aren't open but are vulnerable to the operating system.

Another one you can try is PC Flank.

mikeinlondon · 05-07-2006, 08:10

Quote:

Originally Posted by tievolu

Online port scanner.

Online ping test.

thanks ...

but why does your online port scanner say all ports are stealther and Nortons says i have ports open???

Mike

brundles · 05-07-2006, 09:16

Are you using a router?

If so then the online port tests will only be seeing what ports that has open (usually only forwarded ports) where as Norton is reporting what the PC has open and could be accessed by someone on your LAN.

tievolu · 05-07-2006, 10:44

Quote:

Originally Posted by mikeinlondon

thanks ...

but why does your online port scanner say all ports are stealther and Nortons says i have ports open???

As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).

mikeinlondon · 05-07-2006, 22:00

Quote:

Originally Posted by tievolu

As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).

no router... but i have one, a wirless one, is it better to use it then?

Mike

mikeinlondon · 06-07-2006, 09:06

Quote:

Originally Posted by tievolu

As the previous post says, if you're using a router, this shields you from the Internet via NAT, and possibly an SPI firewall too.

Norton is reporting on your PC, from your PC's point of view. It's much more reliable to use an online port scanner to see which ports are open to the Internet (because the online port scanner is scanning from the Internet - Norton is not).

Actually it was Nortons website based scanner, so why the discrepancy I wonder??

Mike

tievolu · 06-07-2006, 09:41

Quote:

Originally Posted by mikeinlondon

Actually it was Nortons website based scanner, so why the discrepancy I wonder??

Hmmm... that's interesting.

Just out of curiosity, which ports did the two scans disagree on?

tievolu · 06-07-2006, 09:42

Quote:

Originally Posted by mikeinlondon

no router... but i have one, a wirless one, is it better to use it then?

Yes, a router represents another layer of defence, so it's worth using it even if you only have one machine to connect.

mikeinlondon · 06-07-2006, 18:26

Quote:

Originally Posted by tievolu

Hmmm... that's interesting.

Just out of curiosity, which ports did the two scans disagree on?

the scan site someone mentioned on here said all ports are stealthed.

with norton they are just closed apart from:

ICMP Ping

22 SSH TCP connections to this port might indicate a search for SSH, which has a few exploitable features. SSH is a secure replacement for Telnet. The most common uses of SSH are to securely login and copy files from a server

80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web pages over the Internet. Port 80 should be open only if you're running a Web server.

...which are open!

That despite the firewall being turned up full, all windows updates to date, and all security software up to date!

So how so different??

Mike

mikeinlondon · 06-07-2006, 18:40

additonally.....

when i first used dnsstuff i was using a specific proxy (cardiff?) and the dns site said it was unable to function as the server concerned was infected with malware!

Maybe ntl's servers are affected and thus affecting us??

Mike

Laggy · 07-07-2006, 00:41

Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer.

If your passing this ok then your firewall is operating correctly.

mikeinlondon · 07-07-2006, 07:49

Quote:

Originally Posted by Laggy

Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer.

If your passing this ok then your firewall is operating correctly.

Thanks for the explanation!

But.... the reason for asking this was my computer being hijacked by trojan horses a while ago. I presumed i was doing something wrong, or that Norton was. Now Im confused and dont know how they got on my machine!

Still, touch wood, I did a format and reinstall and all seems well at the moment....

Mike

Doomy · 07-07-2006, 11:07

Trojans normally get on by the user doing something "dumb" (no offence meant) :
Running programs that you downloaded over P2P
Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites
Running a "funny" program attached to an email from a buddy

No amount of fire wall or port blocking will stop a program that you have just told your computer to run.

mikeinlondon · 07-07-2006, 12:03

Quote:

Originally Posted by Doomy

Trojans normally get on by the user doing something "dumb" (no offence meant) :
Running programs that you downloaded over P2P
Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites
Running a "funny" program attached to an email from a buddy

No amount of fire wall or port blocking will stop a program that you have just told your computer to run.

i agree! lololol

..but if only i had actually done that i wouldnt have minded!

it even defeated my IT mate..

Mike

dave09 · 07-07-2006, 19:23

To help find and keep the problem stuff out you could use any combo of these..

Spyware Blaster

Spyware Guard

IE Spyad

Some scanners to use if you think you already got them..

Ad-Aware SE

Spybot Search & Destroy

and some Anti-Trojan Software..

Ewido Anti-Spyware

a-squared

30-06-2006, 10:16	#1
mikeinlondon Forum Member Join Date: Jul 2004 Location: London SE10 Services: 20MB BB, Digital TV, Phone Posts: 458	how to tell which tcp ports are open? Using something like dos command 'netstat' is it possible to get a definative answer on what tcp ports are open to the world? Alos how do i 'ping' myself to test if that is reponding (i dont want it to)? Mike

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

POPULAR SEARCHES ON DS

On Digital Spy

how to tell which tcp ports are open?

Digital Spy

Network

Help

Search Digital Spy

04-07-2006, 21:07	#3
brundles Forum Member Join Date: Sep 2003 Location: Berkshire Services: V+, Broadband L, VOIP Posts: 1,505	Netstat will tell you what ports are open and actually doing something (even if it's only listening) but it won't cover you for ports that aren't open but are vulnerable to the operating system. Another one you can try is PC Flank.

05-07-2006, 09:16	#5
brundles Forum Member Join Date: Sep 2003 Location: Berkshire Services: V+, Broadband L, VOIP Posts: 1,505	Are you using a router? If so then the online port tests will only be seeing what ports that has open (usually only forwarded ports) where as Norton is reporting what the PC has open and could be accessed by someone on your LAN.

06-07-2006, 18:40	#12
mikeinlondon Forum Member Join Date: Jul 2004 Location: London SE10 Services: 20MB BB, Digital TV, Phone Posts: 458	additonally..... when i first used dnsstuff i was using a specific proxy (cardiff?) and the dns site said it was unable to function as the server concerned was infected with malware! Maybe ntl's servers are affected and thus affecting us?? Mike

07-07-2006, 00:41	#13
Laggy Forum Member Join Date: Jul 2000 Services: Sky+HD, Virgin Media Broadband XL Posts: 3,028	Norton's security scanner scan's NTL's proxy, which is why you are getting the results you are with that scan. Where as Shields Up is scanning your actual computer. If your passing this ok then your firewall is operating correctly.

07-07-2006, 11:07	#15
Doomy Forum Member Join Date: Sep 2004 Location: Leicester Services: VM XL TV/M Phone/M BB Posts: 906	Trojans normally get on by the user doing something "dumb" (no offence meant) : Running programs that you downloaded over P2P Clicking on "Yes I would like to get something free" pop-ups on dodgy web sites Running a "funny" program attached to an email from a buddy No amount of fire wall or port blocking will stop a program that you have just told your computer to run.

07-07-2006, 19:23	#17
dave09 Forum Member Join Date: Apr 2003 Location: teeside Services: VM cable 4mb broadband and tv Posts: 130	To help find and keep the problem stuff out you could use any combo of these.. Spyware Blaster Spyware Guard IE Spyad Some scanners to use if you think you already got them.. Ad-Aware SE Spybot Search & Destroy and some Anti-Trojan Software.. Ewido Anti-Spyware a-squared

POPULAR SEARCHES ON DS

My DS Account

On Digital Spy

how to tell which tcp ports are open?

Digital Spy

Network

Help

Search Digital Spy