|
|
#1
February 12th, 2005, 01:35 PM
|
|||
|
|||
Jetico leaves ports open ?
folks,
I installed jetico and went to grc.com to test it, for some reason grc claims port 1025 is open. I also went to pcflank for another test and there, the results showed port 135 and 1025 open. any idea how to close those ports with jetico ? I really don't understand what's causing this. I should also point out that when I first installed jettico the "system" asked for inbound access to port 445..I didn't know what to do so I blocked it.  any help appreciated |
|
#2
February 13th, 2005, 05:22 AM
|
|||
|
|||
Re: Jetico leaves ports open ?
Hi, you have to create a rule to block port 135 (rpc) and I believe 445 (MS DS service) which is used for shares. For some reason Jetico didn't create a 'block all other ports and protocols' rule, most likely for the people that need those ports. But, they should have given users a choice... I tried it for a week and found it to be a good fw. But was a little concerned with the 'Optimal' rule set not blocking all other ports and protocols not currently being used. Especialy if you are on a DMZ or a stand alone workstation... Creating a rule for those ports is easy, just create a rule in the system networking section to 'reject' the packets on those ports you mention. Overall, a good fw that I will keep my eye on.
CU Jazzie
__________________
++++Software-Security-Central++++ |
|
#3
February 13th, 2005, 09:07 AM
|
|||
|
|||
|
Re: Jetico leaves ports open: and port 1025 ?
hello Jazzie,
thanks for your response. How did u block port 1025 ? did u make a rule for that too ? tia |
|
#4
February 13th, 2005, 09:16 AM
|
|||
|
|||
|
Re: Jetico leaves ports open ?
HI Banshee, that is the odd part! I didn't have to make a rule for that port. I am normally behind a spi router. I wanted to test Jetico in a 'real time' enviornment and placed myself on a DMZ without any filtering . That is where I was getting slammed with 135 and 445 inbound attempts. If you want to make a rule for that port just go to the system network side and make a rule to block (reject) inbound tcp on a single port of 1025. It should work fine...
I am currently back to CHX-I. (very good SPI packet filter).. So I can't export a rule to you... CU Jazzie
__________________
++++Software-Security-Central++++ |
|
#5
February 13th, 2005, 11:08 PM
|
||||
|
||||
|
Re: Jetico leaves ports open ?
Quote:
I like it too and will follow it as it changes. Right now they still seem to be making a lot of changes and fixes to it, so I'll probably wait till things settle down a little before looking at it further.. |
|
#6
February 14th, 2005, 04:01 AM
|
|||
|
|||
Re: Jetico leaves ports open ?
Quote:
I hear you that! They are making good progress though... CU Jazzie
__________________
++++Software-Security-Central++++ |
|
#7
February 16th, 2005, 02:13 AM
|
||||
|
||||
|
Re: Jetico leaves ports open ?
Hi, Banshee
Windows Worms Doors Cleaner by gkweb a Expert Firewall Tester will close them:- WWDC Take Care, TheQuest 
__________________
When Nothing is Certain, Anything is Possible. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
