Closing Ports on WinXP without a firewall

From: Fort (vyfortknocks@hushmail.com)
Date: 12/06/02


From: vyfortknocks@hushmail.com (Fort)
Date: 6 Dec 2002 08:54:15 -0800

Kool-Aide" <kool-aide@earthlink.net> wrote in message
news:015001c29cf8$9e26a370$cef82ecf@TK2MSFTNGXA08...
> I have portscanned myself and noticed alot of ports i dont
> use open. And i have a firewall but i don't always like to
> run it because of certian issues. But i was wondering is
> there a way to close those open ports on my computer using
> a program already loaded on windows xp? or maybe 1 i can
> download and run once then those ports are closed to never
> open agian? thanks alot. - Kool-Aide

No, this isn't possible. There are two different issues here. If
there are
certain services on your computer that are running, listening and
waiting
for someone to connect to it, you can disable whatever software or
service
is listening on that port. However, this does not really "close the
port
forever," as you say, since if you were infected by a worm, virus or
trojan
or a hacker was able to remotely control your computer, any of these
things
could open any port on your computer and use it to communicate [for
example,
use TCP port 25 to email out your passwords or virus infected emails
to
others]. Only a firewall or IP filtering technology of some sort can
stop
that. Said differently, you can "close" a port so that no software is
listening on that port and holding it open, but this does not prevent
this
port from being reopened and used at a later date by some malicious
code.

Terrific Response! Well spoken and you are one smart cookie. Your
response was even spoken in laymans terms so most unknowledgeable
would understand. Way To Go!

It is true that it is possible to disable all unnecessary services and
carefully secure your machine so that it is fairly secure even without
a
firewall. However, good security practices dictate that it is usually
better to have more than one layer of defense just in case, and this
would
mean a firewall in addition to closing open ports.

IMO- this is possible, but the broad scope of security practices is
wide-spread.
One of the major targets attacked by malicious hackers is a persons
email application. Don't want to elaborate more on this at this time.

Tracker