Ports - Is my PC safe with just software firewall?
25 August 2006, 09:48 AM
#1
Scooby Regular
Thread Starter
Join Date: Feb 2001
Posts: 2,959
Likes: 0
Received 0 Likes
on
0 Posts
Ports - Is my PC safe with just software firewall?
Hi guys and gals,
Someone at work was discussing having certain ports left unblocked and how hackers can get round software firewalls if you leave them open.
I ran something called netstat from the cmd prompt. The following are "ESTABLISHED". Looks like too many to me but i dont know if its good or bad!!!
Local Address Foreign Address
1025 1063
1025 1064
1060 1065
1060 1066
1063 1025
1064 1025
1065 1060
1066 1060
Does anyone know anything about this and if i should block any of these ports?
Then... how do you block ports?
Thanks!
Jza
Someone at work was discussing having certain ports left unblocked and how hackers can get round software firewalls if you leave them open.
I ran something called netstat from the cmd prompt. The following are "ESTABLISHED". Looks like too many to me but i dont know if its good or bad!!!
Local Address Foreign Address
1025 1063
1025 1064
1060 1065
1060 1066
1063 1025
1064 1025
1065 1060
1066 1060
Does anyone know anything about this and if i should block any of these ports?
Then... how do you block ports?
Thanks!
Jza
25 August 2006, 09:54 AM
#2
Scooby Regular
Join Date: Apr 2004
Location: Cardiff
Posts: 1,928
Likes: 0
Received 0 Likes
on
0 Posts
they are client ports communicating on the internet id imagine, nothing to worry about there. You could try a scan on this website
http://www.grc.com/default.htm
select shields up common ports (Gibson is slated by experts but this works as as a rough guide)
the ones you dont want communicating out are 137,138,139 445 among others
these days decent routers contain excellent hardware firewalls that work on IP tables see link below for a Draytek explanation
http://www.draytek.co.uk/natmovie.html
in a sense by default they only allow information into your network that you request
pc's can be safe with software firewalls as long as they configured well, but id always prefer to be sitting behind a hardware one to be honest
edited again to add decent netstats are
netstat -b (programs)
netstat -an (source and destination ip, protocol and port)
http://www.grc.com/default.htm
select shields up common ports (Gibson is slated by experts but this works as as a rough guide)
the ones you dont want communicating out are 137,138,139 445 among others
these days decent routers contain excellent hardware firewalls that work on IP tables see link below for a Draytek explanation
http://www.draytek.co.uk/natmovie.html
in a sense by default they only allow information into your network that you request
pc's can be safe with software firewalls as long as they configured well, but id always prefer to be sitting behind a hardware one to be honest
edited again to add decent netstats are
netstat -b (programs)
netstat -an (source and destination ip, protocol and port)
Last edited by mike1210; 25 August 2006 at 10:36 AM.
25 August 2006, 11:16 AM
#3
Scooby Regular
Thread Starter
Join Date: Feb 2001
Posts: 2,959
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by mike1210
they are client ports communicating on the internet id imagine, nothing to worry about there. You could try a scan on this website
http://www.grc.com/default.htm
select shields up common ports (Gibson is slated by experts but this works as as a rough guide)
the ones you dont want communicating out are 137,138,139 445 among others
these days decent routers contain excellent hardware firewalls that work on IP tables see link below for a Draytek explanation
http://www.draytek.co.uk/natmovie.html
in a sense by default they only allow information into your network that you request
pc's can be safe with software firewalls as long as they configured well, but id always prefer to be sitting behind a hardware one to be honest
edited again to add decent netstats are
netstat -b (programs)
netstat -an (source and destination ip, protocol and port)
http://www.grc.com/default.htm
select shields up common ports (Gibson is slated by experts but this works as as a rough guide)
the ones you dont want communicating out are 137,138,139 445 among others
these days decent routers contain excellent hardware firewalls that work on IP tables see link below for a Draytek explanation
http://www.draytek.co.uk/natmovie.html
in a sense by default they only allow information into your network that you request
pc's can be safe with software firewalls as long as they configured well, but id always prefer to be sitting behind a hardware one to be honest
edited again to add decent netstats are
netstat -b (programs)
netstat -an (source and destination ip, protocol and port)
I've ran the tests you mentioned and th pc passed
Jza
Last edited by Jza; 25 August 2006 at 11:20 AM.
Thread
Thread Starter
Forum
Replies
Last Post
hardcoreimpreza
Computer & Technology Related
21
11 October 2015 03:40 PM
Brzoza
Engine Management and ECU Remapping
1
02 October 2015 05:26 PM
