Re: How to close the unnecessary Ports
From: Nick (psstcenter_at_shaw.ca)
Date: 10/25/05
- Next message: johntangelo_at_gmail.com: "Deep Freeze In Deep Trouble"
- Previous message: nemo_outis: "Re: Is there way to stop a keyboard logger intercepting my keystrokes?"
- In reply to: Imhotep: "Re: How to close the unnecessary Ports"
- Next in thread: Moe Trin: "Re: How to close the unnecessary Ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Oct 2005 04:27:05 GMT
"Imhotep" <Imhotep@nospam.net> wrote in message
news:au2dnVUQZu2F86LeRVn-hg@adelphia.com...
> Nick wrote:
>
> > Hi
> >
> > As there are over 65000 ports in the TCP/IP stack, which ones are the
most
> > necessary ports for a homeuser and how to close the rest of the ports?
My
> > PC is connected to internet via a router and a cable modem. I run ZA
> > firewall and BHODemon 2.0 thanks to the help from Mr.Lipman. Here is a
> > ports link I found online:
> > http://www.iss.net/security_center/advice/Exploits/Ports/default.htm
> >
> > Thanks in advance!
> > Nick
>
> Hum. I assume you are running a hostbased firewall with no server ports
> since you said you are a "homeuser". I am not familiar with any of the
> WinFirewalls but I will assume it is statefull (it really is important to
> know whether it is a statefull or a packet filtering firewall as the
> configurations will be different) However, since most firewalls now-a-days
> are statefull or better your ZA firewall is probably *not* a packet
> filtering firewall (which is good because packet filter firewalls
> suck :-) ).
Yes, I use ZA and you are saying that ZA is a stateful firewall but not a
packet filtering firewall. Are stateful/stateless and packet filtering two
different things? I checked my security+ book regarding this, but all I
could find is the following:
- stateful packet filtering is a filtering technique that records the state
of a connection between an internal computer and an external server and
makes decisions based on the connection as well as the rule base (?).
- stateless packet filtering is a filtering technique that permits or denies
a packet based strictly on the rule base.
>
> Now the next question. Do you have any *other* computers on your home LAN?
I have my computer, my daughter's computer and my laptop. They were all
connected to a 4-port GNet router. The router was connected to a modem
cable. I do not use the router at the moment because all of a sudden it
blocked my connection to the internet and I do not know how to configure it.
Maybe it's broken. I do not have the phone number of the store I bought it
from either. Anyway, right now I have only my computer connected directly to
the modem and ZA firewall as well as BHO Demon 2.0, Symantec Antivirus,
Spybot, and Ad-Aware SE Professional.
> If not then you can simply allow all outgoing (statefull) connections and
> deny all incoming (if you do have more than one home computer please reply
> back and we can talk about that). Now remember that your host based
> firewall is statefull so incoming data (ports) will be allowed to
> communicate with you provided you initialized the connection (started the
> connection). I works like this (Warning very, very basic description
below)
>
> You are at home an open your browser and type the url for www.bbc.com:
>
> Your browser gets an open port in the defined ephemeral (basically client
> ports) range. Let say it is port 25,000 TCP. Next the PC sends a packet
> from your IP and your client port number 25000 going to the IP of
> www.bbc.com port 80 (www server port). Your statefull firewall records
this
> to allow www.bbc.com port 80 to reply back to you on your IP and your port
> 25,000 TCP....
>
> It is actually much more complicated then this there are things like TCP
> three way handshake, negotiation of window sizes, RST, ACK, NACK, etc,
etc,
> etc...
>
> Anyway to summarize you can simply allow all access out of your computer
> going anywhere but deny all incoming (Again, only if you are running a
> statefull firewall and you do not have more than one computer on your home
> network). The reason I ask you about the number of computers on your home
> network is because you *might* want to have a domain or filesharing, etc
> capabilities between your home computers.
>
> There are a couple of things worth mentioning. There is a special address
> (interface) called a "loopback". There are some special things to consider
> here but, I bet the WinFirewall you are using probably does it for
> you....so I would not worry.
127.0.0.1
>
> Again, realize that I generalized a lot here for simplicity sake (and I
hate
> typing)....
>
> Anyway good luck,
> Imhotep
Thanks
Nick
- Next message: johntangelo_at_gmail.com: "Deep Freeze In Deep Trouble"
- Previous message: nemo_outis: "Re: Is there way to stop a keyboard logger intercepting my keystrokes?"
- In reply to: Imhotep: "Re: How to close the unnecessary Ports"
- Next in thread: Moe Trin: "Re: How to close the unnecessary Ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
