Hello: I recall a year or so back I hit on a site which described the purpose/usage of a port and I think gave hints on blocking, which ones have/are being used by malware etc. Does anybody hear have a link to such a site? Thanks in advance.
Hi, Some examples:- such as a port ref can be downloaded http://lists.thedatalist.com/portlist/lookup.php Trojan port list http://www.simovits.com/trojans/trojans.html As to how accurate that info is, I have not checked. Have a search on google for "port lists" and "trojan ports" - Stem
And if you go to Steve Gibson's site, be careful of what you do if you have Threatfire. I just tried the leak test. Was reminded of it when I saw his name here. Threatfire gave me this big red pop up warning me of the end of the universe. I clicked on 'Proceed' and it shut down FF3. When I opened it again I was unable to bookmark anything. I had used Bookmarks just before trying this my latest experiment in frustration. Uninstalled FF and installed new copy with saved settings from the old one. Nothing lost. Just a pain. Also, this is causing me to rethink what I use for security. I thought I had a decent package since I don't go to porn or crack sites, but now I'm not so sure. I have a router/hardware firewall, have installed Harden-it, set up XP Pro's software firewall using Stem's excellant guide, Threatfire, Avira Personal Classic and Geswall Pro for fultime protection. However, the leaktest waltzed right past the hardware firewall and the software firewall. If I understand GW correctly, it didn't respond because nothing was changing the system.(?) I'm enjoying myself in this forum but sometimes just keeping my pc out of trouble is a real pain. Hugger
Hello Hugger: If you want some thoughts on how to improve your set up I will be glad to do that if you PM. If we do it here it wlll push the thread OT.
Hi: An update. Using the Trojan port list site I found: It's was interesting as I had already entered the AOL IM and the Yahoo M in my restricted port list. What can you tell us about ICQ, MS MSN Messager and IRC? can we do anything port wise or service wise to shut off those?
Hi Stem: When users see these ports lists and Trojans for each are they the source ports on user setup or are they destination ports that the Trojans use back at their mother ships? If this seems a dumb question then so be it! I am wondering if users enter these or some of these into a restricted ports list which port type is being referred to? See ya