Need advice re Ewido security suite 3.5

Discussion in 'other anti-trojan software' started by privateperson, Oct 29, 2005.

Thread Status:
Not open for further replies.
  1. Under analysis/connections ewido reports the following as listening
    Protocol TCP /Local address0.0.0.0:445 /remote address LISTENING
    Protocol TCP/Local address 127.0.0. 1:1025/remote address LISTENING
    Protocol TCP/Local adddress address LISTENING
    Is this a threat? None of my programs have server status and I have ZA firewall high setting and in stealth mode
    Thanks in advance
  2. RipVanTinkle

    RipVanTinkle Registered Member

    Oct 20, 2005
    check these websites for minimizing your services
    on Black Viper's site he lists which services you
    can safely turn off and the 2nd site gives an
    excellent guide to closing services/ports

    Black Vipers usual URL is this - but his site is down

    use this instead - turn on Java or it will re-direct you to
    Black Vipers site

    an excellent guide to closing services

    445 = Microsoft_DS
    1025/1027 are used by various things. I make a rule in my firewall
    to not allow these ports as there are so many exploits associated
    with them. You'd need to check what program/service is listening
    could be a normal thing like services.exe

    see here for more info on & for closing - port 445
    Last edited: Oct 29, 2005
  3. TopperID

    TopperID Registered Member

    Oct 1, 2004
    For me they correspond to the following:-

    Kaspersky is 1027

    ZA (vsmon.exe) is 1025

    System (microsoft-ds) is 445

    Why don't you try TCPView from Sysinternals or Active Ports from here:-

    That will give you more info.
Thread Status:
Not open for further replies.