I've got an open port in w2k and can't seem to close it. I know it's due to mstask listening on port 1025 for task scheduling and can close it by doing services>task scheduler>disable But... I want task scheduling. I have another w2k that show mstask as listening, but does not show as open in dslreports Can some help fix this. I'm accessing the internet via dsl through a dlink i604 router (I've run cwshredder, avast, avg, tds, ewidos, spybot, adaware and the computer is clean) Here is the report http://www.dslreports.com/scan shows TCP 1025 : OPEN The port is open. 24 - Read
Hi georgepds ... and welcome to Wilders If you want to continue using task shceduler, then the easiest solution is to use a firewall to protect services like these. Are you running a software firewall on the system? Any difference in how this system is set up? How do you have your router configured? The default should be to drop unsolicited inbound connections and you should not be showing any open ports. Are you doing any port forwarding or have the system in a DMZ? Regards, CrazyM
"How do you have your router configured?" I have it configured as PPOE "The default should be to drop unsolicited inbound connections and you should not be showing any open ports." Not sure how to do this. It is a dlink i604, the physical config is internet> dsl modem> dlink router > computer(s). Can you tell me where I can read to chk this setting "Are you doing any port forwarding or have the system in a DMZ?" No, it was a clan install of w2k with all the security upgrades. My potential problem is that active ports shows odd connections on port 1025 when I leave it open. By odd, I mean conmnections shown from shaw cable. I suspect a worm/virus/trojan but the vast array of cleaners, including cwshredder, says the computer is clean What is DMZ? ~~~ BTW, when I ___CLOSE___ mstask, I get this result from dslreports TCP default : CLOSED We received a response packet that no service is available TCP 80 : FILTERED No response packet was received. 31 - Read TCP 135 : FILTERED No response packet was received. 23 - Read UDP ALL : FILTERED No response packet was received ~~~~ When I leave mtask ___OPEN___, I get this rreport TCP default : CLOSED We received a response packet that no service is available. TCP 80 : FILTERED No response packet was received. 31 - Read TCP 135 : FILTERED No response packet was received. 23 - Read TCP 1025 : OPEN The port is open. 24 - Read UDP ALL : FILTERED No response packet was received. ~~~~
For more weirdness... I disabled mstask from the services, and then started it once windows was going. It then grabbed port 1072 . If I run dslreports port scan, I do not get 1072 open. I suspect dslreports is just not probing the port DSL reports with mstask on 1072 ~~~~ TCP default : CLOSED We received a response packet that no service is available. TCP 80 : FILTERED No response packet was received. 31 - Read TCP 135 : FILTERED No response packet was received. 23 - Read UDP ALL : FILTERED No response packet was received.
I apologize for the multiple posts... but this has me baffled. In trying to answer the question.. wat's different I ran neststat-an on the two computers On the "good" computer, the one that passes the dsl portscan, netstat -an shows a udp connection directly to the adress of the router. On the "bad" computer this is missing Hmmmm dose this help. I set up the "good" computer first, and ran the dlink install softwre on it. i did not do this on the second. Does the dlink software set up the udp ports?
Found it... the router had decided the second computer was in the dmz. Disabled dms, and once more I pass dsl reports. Thank you crazyM for the clue --G
That system being in the DMZ would explain your results. Any idea how it got configured that way? Glad to hear all is as it should be now. Regards, CrazyM