How can I make my computer safe?

Win XP-SP1, NIS 2005, Netgear WGR614. Even specifically closing port 23 insode NIS does not make a difference! Below are a port scan and netstat resulst I am lost.... Help is more than welcome! VM

Port scanning via

formatting link
shows: Service Ports Status FTP DATA 20 CLOSED FTP 21 CLOSED SSH 22 CLOSED TELNET 23 CLOSED SMTP 25 CLOSED DNS 53 CLOSED DCC 59 CLOSED DHCP SERVER 67 OPEN FINGER 79 CLOSED WEB 80 CLOSED POP3 110 CLOSED SUNRPC 111 CLOSED IDENT 113 CLOSED Location Service 135 CLOSED NetBIOS-NS 137 CLOSED NetBIOS-DGM 138 CLOSED NetBIOS 139 CLOSED HTTPS 443 CLOSED Server Message Block 445 CLOSED SOCKS PROXY 1080 CLOSED UPnP 1900 CLOSED WEB PROXY 8080 CLOSED Trojan 6776 CLOSED Trojan 12345 CLOSED Trojan 20034 CLOSED Trojan 31337 CLOSED Trojan 54320 CLOSED Trojan 54321 CLOSED

Netstat ?an Proto Local address Foreign ad. State TCP 0.0.0.0.:135 0.0.0.0:0 Listening TCP 0.0.0.0.:445 0.0.0.0:0 Listening TCP 0.0.0.0.:1026 0.0.0.0:0 Listening TCP 0.0.0.0.:1027 0.0.0.0:0 Listening TCP 127.0.0.1:1025 0.0.0.0:0 Listening TCP 127.0.0.1:1028 0.0.0.0:0 Listening TCP 192.168.0.2:139 0.0.0.0:0 Listening UDP 0.0.0.0:445 *.* UDP 0.0.0.0:500 *.* UDP 0.0.0.0:1029 *.* UDP 0.0.0.0:1087 *.* UDP 0.0.0.0:1131 *.* UDP 0.0.0.0:1132 *.* UDP 127.0.0.1:123 *.* UDP 127.0.0.1:1039 *.* UDP 127.0.0.1:2616 *.* UDP 127.0.0.1:2672 *.* UDP 192.168.0.2:123 *.* UDP 192.168.0.2:137 *.* UDP 192.168.0.2:138 *.*

Reply to
Franou
Loading thread data ...

U N P L U G I T !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1

Reply to
Charlie

You should download SP2 and get a third-party firewall

Reply to
bareill

The results of running netstat reflect nothing listening of concern listening on 0.0.0.0 or 192.168.0.2.

The results of the external port scan reflect all ports are closed and inaccessible, though they are not stealthed.

Outside of the ports not being stealthy I don't understand your concern. If having stealthy ports is your desire, look at using a different firewall.

Reply to
Don Kelloway

snipped-for-privacy@yahoo.com (Franou) wrote in news: snipped-for-privacy@posting.google.com:

You stay current with things such as XP's SP 2. You also shut down unneeded services and/or configure other things on the O/S to make it more secure.

However, nothing is 100% hack proof and just try to make it difficult so they move on to someone who has a easy setup that can be hacked.

formatting link
Duane :)

Reply to
Duane Arnold

That is a long standing reply......a classic cyberspace "fact"

Reply to
Charlie

"Charlie" wrote in news:10ot9aaojt1i9c6 @news.supernews.com:

Well, I guess there is a clown in every group !! congrats..

Reply to
KHaled

snipped-for-privacy@yahoo.com (Franou) wrote in news: snipped-for-privacy@posting.google.com:

Upgrade to XP SP2 and use one of the Mozilla-type browsers or Opera.

See:

formatting link
(link may wrap)
formatting link
Even better, switch to Linux.

See:

formatting link

Reply to
Robin T Cox

Robin T Cox wrote in news:Xns959B66434A095ARtodfjpasmlklk8979j@194.168.222.124:

I have Windows and Linux on my network. Linux is no bed of roses and is being attacked and compormised like the rest of them. ;-)

Duane :)

Reply to
Duane Arnold

Robin T Cox wrote in news:Xns959B66434A095ARtodfjpasmlklk8979j@194.168.222.124:

I have Windows and Linux on my network. Linux is no bed of roses and is being attacked and compormised like the rest of them. ;-)

Duane :)

Reply to
Duane Arnold

Then I'll guess you have malware on windows catching your linux root password when you are using telnet to log into the linux box.

I have been using linux as my nat firewall since 10/21/99 on a cable modem and have yet to have a compromise.

Reply to
Bit Twister

Bit Twister wrote in news: snipped-for-privacy@wb.home.invalid:

No, it's not even about that. It's about Linux being used by the average Joe that is being introduced to Linux through SuSe Linux and other such distributions. I get the security alerts on Linux just like I get them on MS.

formatting link
Frankly speaking, I don't care about Linux being used as a NAT FW. I am more interested in Linux being used in programmed application business solutions and in everyday usage by end-users such as home users. Linux has all the vulnerabilities as the rest of them. I like Linux, but I no longer believe the hype about how safe Linux is anymore, because I am looking at it up close and personal.

Duane :)

Reply to
Duane Arnold

Don Kelloway wrote

listening on 0.0.0.0 or 192.168.0.2.

inaccessible, though they are not stealthed.

concern. If having stealthy ports is your desire, look at using a different firewall.

I am concerned because they are not stealthy and port 23 remains opened regardless of what I try.

They used to be all stealthy and I felt safe behind the Netgear router and NIS. I do not know what triggered the change, therefore I do not know whether switching to another firewall woudl fix the problem.

BTW, do you still publish your wonderful newsletter?

Thanks,

Franou

Reply to
Franou

Franou,

Re: stealthy ports

If using NIS fails to make the ports stealthy and if having stealthy ports is a concern, then you will probably want to switch to using a different firewall for your PC.

Re: port 23

The results of the netstat do not indicate that TCP port 23 is in a listening state. I'm confused as to why you think it is. Did I miss something?

Re: stealthy vs. not stealthy

I think this is akin to "Which is better Star Wars vs. Star Trek". There are pro's and con's of each philosophy. Personally I think it's best to remain stealthy, but in order to accomplish this task it's additionally required to not host any services whatsoever. For yourself and if you do not plan to host any services I would suggest opting for a different firewall.

re: newsletter

Thank you for the compliment. Fortunately the answer is yes. Unfortunately it has not been as often as I would like it to. The predominate reason is that I've been extremely busy as of the last year providing consulting services. However it is with your expressed interest this will drive me to push out a few more editions than as of late. For persons who may be interested please visit the following URL:

formatting link

Reply to
Don Kelloway

Don,

Because both Symantec Security Check and scan.sygatetech.com/ find it open. It sounds like I ought to trust Netstats more???

Thank you that makes sense.

For everyone else: I highly recommend Don's newsletter whether you are experienced or a beginner about security issues!

Franou

Reply to
Franou

Your initial post the results for scan.sygatetech.com indicated the following:

TELNET 23 CLOSED

Did I miss a post?

Reply to
Don Kelloway

No... my error... Both Symantec and

formatting link
- which I just ran again, find port 23 open.

Thanks!

VM

Reply to
Franou

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.