Re: Port 23 Open Despite Firewalls

From: karl [x y] (jamescagney90210@excite.com)
Date: 08/07/02

• Next message: Lanwench: "Re: Anyone Setup a Win2K VPN with IPSec like this?"
• Previous message: Usenet News Poster: "Re: Sonicwall question"
• In reply to: Richie: "Port 23 Open Despite Firewalls"
• Next in thread: Wolfgang Kueter: "Re: Port 23 Open Despite Firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "karl [x y]" <jamescagney90210@excite.com>
Date: Tue, 6 Aug 2002 19:12:51 -0400

"Richie" <newsmaster@scifi-central.net> wrote in message
news:AyY39.11859$dA5.122997924@news-text.cableinet.net...
> At the place where I work a Windows 2000 server has access to the internet
> with Win98 workstations connected. NAT is implemented.
>
> No matter what firewall I install (zonealarm, Kerio - Tiny - or Outpost)
the
> gibson research website reports that the ports are all closed (not stealth
> though) except for port 23, which is shown as open no matter how many
rules
> I set up to kepp it blocked.
>
> Any ideas what could be causing this?
> After disposing of Zonealarm 3 which is total crap that kept on crashing
the
> server and Outpost, which regularly caused the server to grind to a halt,
> I'm now using the newest version of Tiny (now Kerio).

First, try scanning with another web page or port scanner program [such as
superscan from www.foundstone.com] to confirm that this is not a false alarm
on the part of grc.com

I would be more concerned first with determining whether Telnet services are
running on the target machine, since you want this disabled unless
absolutely necessary. On a Windows machine, you can run fport from
www.foundstone.com to see if port 23 is really listening. You should make
sure your systems have been hardened and correctly configured first...
installing a firewall is not a replacement for hardening.

The system being scanned is probably the one that is performing NAT. If
your system that is performing NAT does not have a firewall installed, then
that could be one reason for this.

Don't worry about the stealthing, it's overrated. Ports being closed is
probably good enough for your purposes.

---

• Next message: Lanwench: "Re: Anyone Setup a Win2K VPN with IPSec like this?"
• Previous message: Usenet News Poster: "Re: Sonicwall question"
• In reply to: Richie: "Port 23 Open Despite Firewalls"
• Next in thread: Wolfgang Kueter: "Re: Port 23 Open Despite Firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: How to Maintain an IIS Server? ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ... (microsoft.public.inetserver.iis.security) LPD/LPR printing or alternative ... Configuring LPD for Microsoft Windows XP or Windows 2003 Server ... LPR port. ... protocol address of the HP Jetdirect print server. ... (comp.os.os2.misc) RE: xp pro sharing printer ... How to troubleshoot network printing problems in Windows XP ... SMB-connected print server ... Incompatible print driver ... and then redirect the port to the network server. ... (microsoft.public.windowsxp.security_admin) Re: How to Maintain an IIS Server? ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ... (microsoft.public.inetserver.iis.security) RE: Printing from Win9x clients stops ... since this issue only occurs on all Windows 9x ... Open Server Management Console, ... Verify basic network connectivity. ... >> Create a local printer and in the Ports section, ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)