open ports

Hey all...I've run Steve Gibson's Leak Test and Shield's Up for some time now and when I probe my ports they've always been in a "stealth" mode. I've recently updated my BIOS, chipset and Creative Labs audio drivers. Now when I run these tests I fail the leak test and ports that were stealth are now closed and port 135 is open. I have a Compaq 8000, 1.8GHz, 1.0 GB Ram. I'm also running winxp - home edition. I've been using Norton Anti-virus and Norton Internet Security since I've had the system. I'm also using a broadband connection, consequently I'm always on. Just curious as to how I can go about closing these breach's. Thanx...

 

Which ports are open? Download and run Albert Janssen's Rules Viewer and post the results (click on the AtGuard and NIS button on the left of the main page).

 

Thanx Brett...Threre is quite a bit of information at your site. The only port that shows as being open is port 135 when I do the ShieldsUp tests. (www.grc.com) The info at the Janssen site does give me another tool to use to monitor my system. Now, do I need to use Regedit to modify some of my settings? Or can I tweak my NIS/NAV to get the results I had previously? Again, I appreciate the link and the benefits of your expertise Thanx, again...Alacaman

 

The Rules Viewer simply creates a snapshot of your rules which you can then easily copy and paste . Seeing what rules you have in place would, hopefully, enable us to establish why the port is open. But, that might not be needed. Try this ...

Unload the Messenger Service (instructions here.

Disable DCOM (click Start - Run and type "C:\WinNT\System32\Dcomcnfg.exe" (without the quotes) and then hit the Applications tab).

Once done, reboot and run this scan. Does the Port still show as open? If so, create a in NIS rule which blocks both inbound and outbound traffic on that Port (doing so shouldn't have any adverse affects), run the Rules Viewer and post the results.

HTH.

 

Brett, I unloaded messenger but was unable to disable DCOM. Kept getting message that the file couldn't be found. I did, however, resolve the open ports problem. I activated ICF through WinXP and set up my parameters and it seems to work. I ran Gibson's tests again and all showed up "stealth." Same with the link that you sent. I've attempted to access several types of sites and sent and received email with no problems...so far. Do you think this is enough, or will I need to do more? As it stands now, I'm fairly comfortable with the system and its performance. I do appreciate your prompt and very friendly assistance. If you ever need help with snow removal, or outdoor navigation, give me a buzz and I'll happily do what I can Much appreciatively,
Alacaman

 

The former!

 

Thanx again!

Alacaman