Re: XP SP2 with firewall actived and run symantec security check tools...
From: Stephen Cartwright [MSFT] (scart_at_online.microsoft.com)
Date: 09/20/04
- Next message: cjha: "Re: Client Authentication in IE"
- Previous message: Mike Wilkinson: "How to remove this trojan"
- In reply to: José Joye: "Re: XP SP2 with firewall actived and run symantec security check tools..."
- Next in thread: José Joye: "Re: XP SP2 with firewall actived and run symantec security check tools..."
- Reply: José Joye: "Re: XP SP2 with firewall actived and run symantec security check tools..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 20 Sep 2004 10:01:28 -0700
It sounds like you have File and Print sharing exception enabled at least
for ports 139 and 445, this would also account why ICMP echo request is
being seen.. If you do not need to share this out then you can disable the
exception as this does expose your machine as reported by the symantec port
scan
-- Stephen Cartwright [MSFT] "This posting is provided "AS IS" with no warranties, and confers no rights." "José Joye" <jose.joye@KILLTHESPAMSbluewin.ch> wrote in message news:edecnVtnEHA.3876@TK2MSFTNGP15.phx.gbl... > Thanks! > José > "PA Bear" <PABear@mvps.org> wrote in message > news:e1lp02PnEHA.3196@TK2MSFTNGP10.phx.gbl... >> The WinXP firewall is a one-way (incoming) firewall. >> >> For more help, see... >> >> Troubleshooting Your Installation of SP2 >> http://support.microsoft.com/default.aspx?scid=fh;[ln];xpsp2insttshoot >> >> Changes to Functionality in Microsoft Windows XP Service Pack 2 >> Network Protection >> >> http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx >> >> Troubleshooting Windows Firewall settings in Windows XP Service Pack 2 >> http://support.microsoft.com/default.aspx?kbid=875357 >> -- >> ~Robear Dyer (PA Bear) >> MS MVP-Windows (IE/OE), AH-VSOP >> >> Are You Ready for WinXP SP2? >> http://www.microsoft.com/athome/security/protect/default.aspx >> >> WinXP SP2 Release Notes >> http://support.microsoft.com/default.aspx?scid=kb;en-us;835935 >> >> AumHa Forums >> http://forum.aumha.org >> >> José Joye wrote: >>> First, sorry if this has already been asked before. I goooooooogled to >>> find >>> it but did not get a clear evidence ;-) >>> >>> >>> I installed the SP2 and activated the firewall. >>> Then I went to Symantec and run their security checker >>> http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym >>> >>> It tells me that it is open to acker exposures: >>> >>> - ICMP ping --> Open (In the advanced >>> tab, >>> of my firewall for ICMP, this is not allowed???) >>> - 135 Location Service (loc-srv) --> Open >>> - 139 NetBios --> Closed >>> - 445 WindowNT/2000 SMB --> Open >>> >>> >>> I tried to look at the docs (...not sure where to find a good one) to >>> see if >>> I can close/hidde these ports --> but did not find any... >>> >>> >>> Could someone tell me if it is possible to close these ports and how to >>> amend the setting so as to be as safe as possible with the integrated >>> firewall. >>> >>> >>> Thanks, >>> José >> > >
- Next message: cjha: "Re: Client Authentication in IE"
- Previous message: Mike Wilkinson: "How to remove this trojan"
- In reply to: José Joye: "Re: XP SP2 with firewall actived and run symantec security check tools..."
- Next in thread: José Joye: "Re: XP SP2 with firewall actived and run symantec security check tools..."
- Reply: José Joye: "Re: XP SP2 with firewall actived and run symantec security check tools..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
