Sorry if this questions is very basic but here goes; I have a pc which is a gateway for two pcs which share an internet connection via MS ICS and have file/printer sharing on (not on the net connecion of course), both running XP. Looking in my firewall, I see that ports 53, 67 and 68 are always open on the gateway pc. I know these have to do with bootpc, bootps and dns, I was just wondering if they should be open all the time. Thanks in advance
maybe you can do a check to see if there are any other ports open here: https://grc.com/x/ne.dll?bh0bkyd2 bye
I should have been a little clearer. When I say open, not to the internet. They are open, behind the firewall but listening I guess would be the more accurate term. All ports are stealthed if scanned from outside. Thanks
OP 2.1 When I look at open ports, they show as open all the time. I'm just wondering if its a normal function of netbios or ICS or if there is something else holding them open.
have you tried outpost support forum? netbios and ics are internal processes. it is needed if you use your pc as a router for other pc's. if they weren't open I guess you couldn't use it as a gateway. that is how I see it. you could close these ports using the method on shields up website explained. but I think you cannot route your pc's any longer. there is a plugin super stealth for OP. that can hide your mac behind a router/gateway that way you would be more secure.
Yes. ICS provides DHCP and DNS services for the internal network, but as others have essentially stated these services should not be open on the external, internet-facing network. The DHCP service allows you to configure the internal client computers in such a way so that they can get their IP address automatically from the gateway computer, and the DNS service allows the gateway computer to act as a name resolution proxy for the internal computers.
"When ICF and Internet Connection Sharing act as a gateway for the rest of the computers on your network, they provide DHCP and DNS services to the private network on the internal network interface. They do not provide these services on the external-facing interface." http://support.microsoft.com/default.aspx?scid=kb;en-us;832017 Regards, CrazyM
See the Outpost forum Online Scans - What to do with Open and Closed Ports FAQ for more details on what Outpost's Open Ports section means. As long as they are not visible on the Internet, there should be little cause for concern however. You could disable the DHCP/DNS services on your ICS gateway - but you would also need to reconfigure your ICS clients and this can be somewhat tricky.