[Wolves] Ok now i'm slightly worried.

Bobby Singh bs_wm at yahoo.co.uk
Sat Sep 24 17:46:52 BST 2005 

Hello,

I would like to thank everyone for there response.  No
doubt there is a lot of knowledge and helpfullness out
there at wolves lug.  I have a lot of bookmarks which
i researched for ports and they are not the ships
kind.  But you people have given a lot of info.  Now
from the post's it seems i am secure but i could close
all my ports.  I will try that through firestarter in
ubuntu.

Cheers

Bobby

--- Simon Morris <mozrat at gmail.com> wrote:

> On 23/09/05, Bobby Singh <bs_wm at yahoo.co.uk> wrote:
> > Hello,
> >
> > I tried a link from one of the post which was
> > www.hackerwatch.org/probe.  My set-up is a belkin
> > modem-router with its own firewall.  Then on my
> linux
> > distros and other os they have there own firewall
> such
> > as firestarter.  I thought this would well
> secured.
> > Now this website tests your firewall/security of
> your
> > PC.  I tried the 'simple probe' which was a basic
> one
> > with the results;
> >
> > '...we were able to get a response from the
> computer
> > at the IP address...'
> > '... computer is through a router behaving as a
> NAT
> > (network address translator)...'
> > '...we can not test your computer directly but
> through
> > your proxy server...'
> >
> > Well my router is firewalled so all good.
> >
> > Then i tried the 'port scan' which is more
> precise.
> > The results were;
> >
> > Closed but Unsecure
> > 21 (FTP)
> > This port is not being blocked, but there is no
> > program currently accepting connections on this
> port.
> >
> 
> Hi Bobby,
> 
> The way they are testing whether a port is open,
> blocked or closed is
> by trying to connect to that port.
> 
> If a port is open your machine would respond and
> synchronise the
> connection over TCP with the testing machine
> 
> If a port is actively being blocked your machine
> would send a TCP RST
> (reset) packet telling the testing machine to close
> and reset the
> connection. Basically 'f' off
> 
> If the port is closed (as in there is no listen
> application) the TCP
> SYN request from the testing machine will just go
> unanswered (although
> different OS's do different things here sometimes)
> 
> So.....
> 
> 
> > Open and Unsecure!
> > 80 (HTTP)
> > If this computer is not supposed to be acting as a
> web
> > server you should not have this port open.
> >
> 
> Testing machine sent a SYN (Synchronise connection
> please!) and got
> back a SYN-ACK (Yep - lets talk) packet. Could this
> be the web based
> admin package on your router?
> 
> > Closed but Unsecure
> > 110 (POP3 Mail Server Port)
> > This port is not being blocked, but there is no
> > program currently accepting connections on this
> port.
> >
> 
> Testing machine sent a SYN packet and got no
> response ( I think ). Is
> this something to worry about? Probably not but you
> could actively
> block the port in case an intruder managed to start
> a listening
> application there (or you did accidentally)
> 
> 
> >
> > Secure
> > 443 (HTTPS)
> > This port is completely invisible to the outside
> > world.
> >
> 
> ??? I don't have a definite explanation for this
> message they are giving you
> 
> > Now the fact i don't know what these abbreviations
> > stand for and mean wasn't enough.  They are all
> > UNSECURE besides the '443 HTTPS'.  Now i thought
> with
> > my ubuntu and vector and the other OS all packed
> up
> > with firewalls and security.  I thought it was
> more
> > than ok.  Now i'm on a lot of reserch on 'ports'
> and
> > not ship kind. People who have tried this what
> results
> > do they get, which firewall blocks most ports,  do
> i
> > need to worry about the ports, what shall i change
> in
> > my set-up to to be secure.
> >
> 
> So as I say - you look fairly secure. You are only
> running a HTTP
> server on your public address. If you want to send
> me your public IP I
> can test what your 443 port is doing (IANAC - I am
> not a cracker :) )
> 
> Cheers!
> 
> 
> --
> ~sm
> Jabber: mozrat at gmail.com
> www: http://beerandspeech.org
> 
> _______________________________________________
> Wolves LUG mailing list
> Homepage: http://www.wolveslug.org.uk/
> Mailing list: Wolves at mailman.lug.org.uk
> Mailing list home:
> http://mailman.lug.org.uk/mailman/listinfo/wolves
> 



	
	
		
___________________________________________________________ 
Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com

More information about the Wolves mailing list