Re: telnet, do i need it and is it safe?
From: Kent W. England [MVP] (kwe_at_mvps.org)
Date: 08/28/04
- Next message: anonymous_at_discussions.microsoft.com: "Privacy Tools 2004 is a rogue!"
- Previous message: Steven L Umbach: "Re: remote access"
- In reply to: Darren: "telnet, do i need it and is it safe?"
- Next in thread: N. Miller: "Re: telnet, do i need it and is it safe?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 28 Aug 2004 10:42:47 -0700
Darren wrote on 28-Aug-2004 12:49 AM:
> Hi
>
> I use the free version of Sygate for my firewall and have done all the port
> scans etc to check it and after a bit of messing around it says i am
> stealthed to the world!
>
> However when i run a common ports scan at 'shield up' it says port 23 used
> by Telnet is only closed and not stealthed and a potential security risk.
>
> What is Telnet? Do i need it? If not how do i disable/block it? If i do how
> do i stealth this port?
>
> Hope someone can help an amateur
>
> Darren
Open a command prompt and run the command "netstat -an" and see if it
reports any process listening on port 23. If it isn't
%windir%\system32\tlntsvr.exe, then it is likely something bad. If it is
tlntsvr.exe, you can disable it in services.msc, but you said you were
using XP Home, so it shouldn't show up.
However, I note that using the Windows Firewall included in SP2 on XP
Pro, if the firewall is disabled, ShieldsUp! reports that telnet port 23
is "closed" meaning that my machine replied and said that the service is
not available, instead of stealthed, which means my machine didn't reply
at all.
If I enable the Windows Firewall, then port 23 is stealthed. The telnet
service is disabled on my machine. The Microsoft Baseline Security
Analyzer also complains about telnet service when it isn't running,
probably for the same reason. XP replies to telnet connection requests,
even when the telnet server isn't running or isn't installed (Home).
So set your firewall to explicitly stealth port 23. And check some other
scan sites to make sure that port 23 really is reporting itself as
closed, instead of keeping its mouth shut.
-- Kent W. England, Microsoft MVP for Windows Security
- Next message: anonymous_at_discussions.microsoft.com: "Privacy Tools 2004 is a rogue!"
- Previous message: Steven L Umbach: "Re: remote access"
- In reply to: Darren: "telnet, do i need it and is it safe?"
- Next in thread: N. Miller: "Re: telnet, do i need it and is it safe?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
