Closed Ports

Discussion in 'other firewalls' started by Anth-Unit, Mar 18, 2013.

Thread Status:
Not open for further replies.
  1. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    I'm running Online Armor behind an ASUS router and when I run the GRC and PC flank tests it says a number of ports are listed as OPEN while the rest are all stealth. I'm wondering if this is typical, and if I need to fix it...


    GRC says:

    135 and 445 are closed

    PC flank says these ports are closed:

    135 closed RPC
    137 closed NETBIOS Name Service
    138 closed NETBIOS Datagram Service
    139 closed NETBIOS Session Service
    1080 closed SOCKS PROXY
     
    Last edited: Mar 18, 2013
  2. hogndog

    hogndog Registered Member

    Joined:
    Jun 9, 2007
    Posts:
    628
    Location:
    In His Service
    Have you tried opening a command prompt then enter.. "netstat -an" without the quotes, it will tell you which ports are listening

    I found this article helpful..

    http://stoicjoker.com/ClosePort445.html
     
  3. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    There's a bunch, but I think it might be my router. When I run the test on my phone I get the same result. I'm not sure why it would be doing this, or how to fix it. My last one didn't have these closed ports.
     
  4. hogndog

    hogndog Registered Member

    Joined:
    Jun 9, 2007
    Posts:
    628
    Location:
    In His Service
    You say there's a bunch, are 135-139 and 445 closed?
     
  5. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    This topic has been discussed to great lengths before, but from what I remember the GRC test will not return accurate results if your device is behind a router. You'll need to enable your router's stealth settings. Also from what I remember, there is no real advantage between closing ports or hiding them. If your worried about incoming or outgoing data, you could write rules for your firewall to further refine your control.
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    If I remember right, PC Flank was prone to giving inconsistent and flaky results. I would not trust it or take those results too seriously... Also, closed is fine...
     
  7. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    I don't get it... from what you list there all your ports are closed according to both sites. Yet you say your problem is that you have open ports. Which ones are open then? Or did you mean to say that these ports are open/listening, and not closed? And made a mistake?

    If you are behind a router then the tests are testing it, and not your firewall/computer. If you're not behind a router... you should be, yet still I think it's a good idea to have your ports closed at the OS level before any 3'rd party software and/or hardware to solve the problem. So I also recommend the "netstat -an" thing.

    You should be able to find out how to close all of them at the source via your trusty search engine. If not, or even if so I recommend a 2-way software FW with a nice, tight rule set. And again the router, with SPI (which most come with these days).

    137-139 can probably be closed by disabling NetBios over TCP/IP. 135 & 445 are a bit more tricky, and accomplished via a combination of disabling services and registry tweaks. But "make sure" it doesn't break any essential functionality before just going in there and winging it. 1080 sounds like a web scanner to an AV, or something of the sort.
     
  8. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    Sorry that was a typo. I meant closed. My old router used to have all of them as stealth, then I upgraded to this Asus one and I'm getting the above listed results. I didn't see anything in the firmware about stealth all ports. Was just wondering if it was safe.
     
  9. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Okay... those ports you listed are closed then. And the rest stealthed... correct?

    If so, you're perfectly safe, yes. Closed ports are just as good as stealthed ones. There are some cases with VPN's/proxies where they can't stealth certain ports or it'd create problems with clients trying to connect with them, so they end up closed instead of stealthed. 443 and 113 are 2 such ports. And this is just 1 example. There are other scenarios as well where it's prudent, for certain reasons not to stealth the ports. But as long as they're closed you're fine.
     
Loading...
Thread Status:
Not open for further replies.