look at this pic,i wanna block 23 port ,although in lns's rules,it has 137-138 port rule,when i use x-scan,it told me there're some port are open,(139,135,123).

in fact,i found the rule "block about blocking 139",but it seems no available.

is there someone can help me,and told me how i can set it.

thanks!

oh ,if there's a picture show the set,i'm very appreciation.....

my purpose is blocking some ports connect my local port.

Hi,

I'm not sure to understand what you want to block.

If you want to block other computers from internet connecting to your PC on the port 23, the rule is correct. But you should indicate TCP for the IP protocol.
Also, normally the rule "Block incoming connections" from the enhanced ruleset should do the job for all ports, and you don't need this kind of rule (except if you want to allow everything and just block port 23).

If you want to block your computer to connect to a remote machine on port 23, then the 23 should be on the right part of the rule (because it is a destination port for a packet going from PC to internet).

Note that some local tools executed only on the PC with no remote side are not so relevant to check if a port is open or not.
Only online scans (or scans between two computers) can help you to determine if a port is open or not.
I don't know exactly how x-scan works.

Regards,

Frederic

Frederic
thank you

yeah,I want to block other computer to connect my port ....

and I'am in Local Area Network so if I use online checking, it will display the ports of my server.

Another problem is when I use OUTPOST2009 firewall,there's no port can be scaned and no service can be found on my computer....


When I scaned my computer,I use the IP Address of Local Area Network,not 127.0.0.1 I cann't understand why it is happened

Hi fd222

-{ Quote: "

yeah,I want to block other computer to connect my port ....

and I'am in Local Area Network so if I use online checking, it will display the ports of my server.

" }-

Help us to help you fd222... :wacko:

1) You're talking about LnS installed on the Gateway/Server of you LAN: is that right?

2) You're running some firewall tests such as The Gibson Research Shields UP:
https://www.grc.com/x/ne.dll?bh0bkyd2

and some ports are reported open or blocked instead of stealth. Is that right?

Question 1 : which rules set are you using with the PC used as Gateway/Server ?

Question 2 : what are you seeing in the LnS log?
Upload a copy of this log here using the manage attachment button down the editing window of this forum

Hope you give us these information ASAP and solve this problem...

:)

This is the logs of X-scan:
-{ Quote: "X-Scan Report
------------------



Scanning time

2008-11-20 13:02:17 - 2008-11-20 13:06:10



Scan Result

- Hosts which were alive and responding during test : 1
- Number of security holes found : 0
- Number of security warnings found : 0
- Number of security notes found : 5



Host List

10.109.20.111 (Security notes found)
. OS: Windows XP; PORT/TCP: 135, 139



Scan Details

+ 10.109.20.111 :
. List of open ports :
o netbios-ssn (139/tcp) (Security notes found)
o epmap (135/tcp) (Security notes found)
o netbios-ns (137/udp) (Security notes found)
o ntp (123/udp) (Security notes found)

. Information found on port netbios-ssn (139/tcp) :


Maybe the "netbios-ssn" service running on this port.

Here is its banner:

83 .
NESSUS_ID : 10330

. Information found on port netbios-ssn (139/tcp) :


An SMB server is running on this port
NESSUS_ID : 11011

. Information found on port epmap (135/tcp) :


Maybe the "epmap" service running on this port.

NESSUS_ID : 10330

. Information found on port netbios-ns (137/udp) :


The remote host has the following MAC address on its adapter :
00:19:e0:0a:ac:74

If you do not want to allow everyone to find the NetBios name
of your computer, you should filter incoming traffic to this port.

Risk factor : Low
CVE_ID : CAN-1999-0621
NESSUS_ID : 10150

. Information found on port ntp (123/udp) :



A NTP (Network Time Protocol) server is listening on this port.

Risk factor : Low
NESSUS_ID : 10884




------------------------------------------------------
This file was generated by X-Scan, the security scanner." }-


------------------

You can see something about it,and in the LNS,the rules is like this..

look at the pictures:
204166
204167

it exists in LNS,but it looks no useful...

————————————————————
In my gateway ,I think there's anything on it , I only on my computer installed the LNS.


even if I test on The Gibson Research Shields UP,it is not retrun me a real test result,because I'm in LAN,it can not get my IP Address,i think.

Hi fd222

Check your Gateway/Router configuration...

:)

Hi fd222,

For me X-Scan is just doing a local test probably on 127.0.0.1 and this is not relevant to verify the ports are stealth, for computers trying to connect to these ports from internet.

This kind of local interface is not present at NDIS level (this interface is not present in the list in the options tab), and so, packets sent on 127.0.0.1 are not visible to the packet filter.

Regards,

Frederic

Thank you