Ports 7, 9, 13, 17, and 19 are opened

Discussion in 'other firewalls' started by notageek, Jan 19, 2006.

Thread Status:
Not open for further replies.
  1. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I did a scan a GRC Shields UP, PC Flank and Auditmypc.com and all 3 says ports 7, 9, 13, 17 and 19 are opened. How do I closed them with ZAP6?
    Auditmypc.com says this about the ports.
    "tcp 7 Echo. Used to trouble-shoot remote TCP/IP stacks (telnet to remote echo port; then type. all keystrokes will echo back if target stack is working thru app layer. DOS Threat: Attackers use it to relay flooding data. If relayed to a network broadcast; entire subnet can flood. To a syslog-loghost; logs can flood. Returns it to whatever you forged as your source socket. Any data sent can flood; but looping data output ports (eg: chargen; time; daytime) create deadly streaming floods. Disable on all hosts; enable only for brief trouble-shooting.

    tcp 9 Discard. Port equiv to /dev/null. Reads pkts; then discards them. Allows knowledge the host is alive and processing pkts. Used while trouble-shooting local stack's transmit ability (telnet to discard on remote host; knowing all transmitted keystrokes will just be discarded. no worry of corrupting host processes). No threat; but block on hosts and perimeter network devices as general rule.

    tcp 19 Character Generator. Used to trouble-shoot TCP/IP stacks. Generates random characters at a high rate. DOS Threat: Attackers will loop it to the echo port; creating a very effective host and subnet DOS. Disable this port on all hosts; enable only for brief trouble-shooting tests.

    tcp 17 Quote of the Day (QOTD). Used to receive remote QOTDs. Used for social engineering attacks; where users receive fake instructions to verify passwords ; etc. Disable this port on all hosts.

    tcp 13 Daytime. Returns the time of day in machine language; can return OS version. Provides host time; which can be useful in timing attacks. Also creates a DOS threat when its output is looped echo port (7). Disable this port on all hosts. "
     
  2. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I got it fixed.
     
  3. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    And the answer was?

    Regards,

    CrazyM
     
  4. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I Removed all the apps in program control/ porgrams in ZAP and I letZAP ask me if I wasnted to allow each program again and when it asked about tcpsvcs.exe, I blocked tcpsvcs.exe when ZAP asked if I wanted to allow it. I didn't think I alllowed it the first time but I guess I did.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.