Can anyone provide info on ALL of the known dangerous ports? I'm setting up my firewall to block them, and I'm looking for a comprehensive list of well-known dangerous ports.
They're easy to find if you Google for them. Also, you don't need to block them with your firewall. Using the "whitelist" approach is easiest. Everything else will be blocked by default.
See this site http://lists.thedatalist.com/portlist/lookup.php It comes from the stickies at the top of the forum.
Online Armor Pro says it restricts by default these ... Both - 7 Both - 9 Both - 13 Both - 17 Both - 19 TCP - 113 UDP - 123 TCP - 135 Both - 137 Both - 138 TCP - 139 Both - 389 Both - 445 UDP - 500 UDP - 520 TCP - 1002 TCP - 1024 TCP - 1025 TCP - 1026 TCP - 1027 TCP - 1028 TCP - 1029 TCP - 1030 TCP - 1433 TCP - 1444 UDP - 1701 TCP - 1720 TCP - 1723 TCP - 2869 UDP - 4500 I guess you need seperate rules for local network connections with some of these.
The best protection is anyway to block all and to allow only the very few necessary, both using a fw and an HIPS.
there are many best you can go to pc flank norton port scan and securitymetrics https://www.securitymetrics.com/ http://security.symantec.com http://www.pcflank.com/ http://www.grc.com and block all common trojan ports from inside going outside (lan to wan) and best thing is scan your ports on grc.com and stop if any port is default open on outside coming to inside unless youre running a server (wan to lan ) http://www.sans.org/security-resources/idfaq/oddports.php and some google cached site links http://74.125.153.132/search?q=cach...19&t=6352 known trojan port list 2009&cd=5&hl http://74.125.153.132/search?q=cach...nter/portlist/ known trojan port list&cd=9&hl 74.125.153.132 = google ip
Just tried the ShieldsUP! scan. My PC failed, since it replied to Ping (ICMP Echo) requests. I'm using Online Armor, how do you block this Ping requests?
It may be the router that replied if you have one. http://onlinearmorpersonalfirewall.blogspot.com/2008/03/what-is-shields-up-test.html
hello nomarjr3 Some modem works as basic nat in short they act like a router but not fully router or in your router setting ping enable It might be your modem/router which is responding to ping requests can you give us name of modem/router. There are many people here would like to help you to close it properly
Block: Type 0, echo reply Really, though, you don't need to worry about blocking ping replies. Those tests that respond with: "your firewall failed because it responded to ping requests..." are completely misleading and irresponsible.
Is only blocking dangerous ports useful?Ports are permanent,but human beings are alive.Any ports could be dangerous if someone wants to use them to do something bad.
This is entirely based on the fact that most of the kiddie hackers consider that if a host times out when you ping it, that means that it's offline. So blocking ping can deter them. If the attacker is more determined, blocking ping is not enough.
As long as the ports are closed, no vulnerable services listening on them, it's not easy, unless the target machine is infected with something that achieves this.
Agree, however I was considering the situation when not all ports were closed, just ICMP blocked. In the case you are describing, it doesn't really matter if ping is blocked or not.