Closing Ports on WinXP without a firewall

From: Fort (vyfortknocks@hushmail.com)
Date: 12/06/02


From: vyfortknocks@hushmail.com (Fort)
Date: 6 Dec 2002 08:54:15 -0800

Kool-Aide" <kool-aide@earthlink.net> wrote in message
news:015001c29cf8$9e26a370$cef82ecf@TK2MSFTNGXA08...
> I have portscanned myself and noticed alot of ports i dont
> use open. And i have a firewall but i don't always like to
> run it because of certian issues. But i was wondering is
> there a way to close those open ports on my computer using
> a program already loaded on windows xp? or maybe 1 i can
> download and run once then those ports are closed to never
> open agian? thanks alot. - Kool-Aide

No, this isn't possible. There are two different issues here. If
there are
certain services on your computer that are running, listening and
waiting
for someone to connect to it, you can disable whatever software or
service
is listening on that port. However, this does not really "close the
port
forever," as you say, since if you were infected by a worm, virus or
trojan
or a hacker was able to remotely control your computer, any of these
things
could open any port on your computer and use it to communicate [for
example,
use TCP port 25 to email out your passwords or virus infected emails
to
others]. Only a firewall or IP filtering technology of some sort can
stop
that. Said differently, you can "close" a port so that no software is
listening on that port and holding it open, but this does not prevent
this
port from being reopened and used at a later date by some malicious
code.

Terrific Response! Well spoken and you are one smart cookie. Your
response was even spoken in laymans terms so most unknowledgeable
would understand. Way To Go!

It is true that it is possible to disable all unnecessary services and
carefully secure your machine so that it is fairly secure even without
a
firewall. However, good security practices dictate that it is usually
better to have more than one layer of defense just in case, and this
would
mean a firewall in addition to closing open ports.

IMO- this is possible, but the broad scope of security practices is
wide-spread.
One of the major targets attacked by malicious hackers is a persons
email application. Don't want to elaborate more on this at this time.

Tracker



Relevant Pages

  • Re: keeping ports open
    ... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ...
    (microsoft.public.security)
  • Re: How to Maintain an IIS Server?
    ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: CEICW fails at firewall config
    ... ISA Server prevents connection to a remote desktop when you connect through ... Remote Web Workplace on a Windows Small Business Server 2003-based computer ... Acceleration Server as a firewall. ... connection uses TCP port 4125. ...
    (microsoft.public.windows.server.sbs)
  • Re: How to Maintain an IIS Server?
    ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: What is the trick to get Windows XP firewall to stay on (after a reboot)?
    ... > While I did not explicitly state that the EPRT and PORT commands reached ... > Windows Firewall did not start a listen according to netstat -a and Port ... So, while a proxy would result in a new listening socket, a firewall does ... client sending a PORT command that it has chosen to send. ...
    (microsoft.public.windowsxp.network_web)