notageek
January 19th, 2006, 12:37 PM
I did a scan a GRC Shields UP, PC Flank and Auditmypc.com and all 3 says ports 7, 9, 13, 17 and 19 are opened. How do I closed them with ZAP6?
Auditmypc.com says this about the ports.
"tcp 7 Echo. Used to trouble-shoot remote TCP/IP stacks (telnet to remote echo port; then type. all keystrokes will echo back if target stack is working thru app layer. DOS Threat: Attackers use it to relay flooding data. If relayed to a network broadcast; entire subnet can flood. To a syslog-loghost; logs can flood. Returns it to whatever you forged as your source socket. Any data sent can flood; but looping data output ports (eg: chargen; time; daytime) create deadly streaming floods. Disable on all hosts; enable only for brief trouble-shooting.
tcp 9 Discard. Port equiv to /dev/null. Reads pkts; then discards them. Allows knowledge the host is alive and processing pkts. Used while trouble-shooting local stack's transmit ability (telnet to discard on remote host; knowing all transmitted keystrokes will just be discarded. no worry of corrupting host processes). No threat; but block on hosts and perimeter network devices as general rule.
tcp 19 Character Generator. Used to trouble-shoot TCP/IP stacks. Generates random characters at a high rate. DOS Threat: Attackers will loop it to the echo port; creating a very effective host and subnet DOS. Disable this port on all hosts; enable only for brief trouble-shooting tests.
tcp 17 Quote of the Day (QOTD). Used to receive remote QOTDs. Used for social engineering attacks; where users receive fake instructions to verify passwords ; etc. Disable this port on all hosts.
tcp 13 Daytime. Returns the time of day in machine language; can return OS version. Provides host time; which can be useful in timing attacks. Also creates a DOS threat when its output is looped echo port (7). Disable this port on all hosts. "
Auditmypc.com says this about the ports.
"tcp 7 Echo. Used to trouble-shoot remote TCP/IP stacks (telnet to remote echo port; then type. all keystrokes will echo back if target stack is working thru app layer. DOS Threat: Attackers use it to relay flooding data. If relayed to a network broadcast; entire subnet can flood. To a syslog-loghost; logs can flood. Returns it to whatever you forged as your source socket. Any data sent can flood; but looping data output ports (eg: chargen; time; daytime) create deadly streaming floods. Disable on all hosts; enable only for brief trouble-shooting.
tcp 9 Discard. Port equiv to /dev/null. Reads pkts; then discards them. Allows knowledge the host is alive and processing pkts. Used while trouble-shooting local stack's transmit ability (telnet to discard on remote host; knowing all transmitted keystrokes will just be discarded. no worry of corrupting host processes). No threat; but block on hosts and perimeter network devices as general rule.
tcp 19 Character Generator. Used to trouble-shoot TCP/IP stacks. Generates random characters at a high rate. DOS Threat: Attackers will loop it to the echo port; creating a very effective host and subnet DOS. Disable this port on all hosts; enable only for brief trouble-shooting tests.
tcp 17 Quote of the Day (QOTD). Used to receive remote QOTDs. Used for social engineering attacks; where users receive fake instructions to verify passwords ; etc. Disable this port on all hosts.
tcp 13 Daytime. Returns the time of day in machine language; can return OS version. Provides host time; which can be useful in timing attacks. Also creates a DOS threat when its output is looped echo port (7). Disable this port on all hosts. "