Ports 7, 9, 13, 17, and 19 are opened

Discussion in 'other firewalls' started by notageek, Jan 19, 2006.

Thread Status:
Not open for further replies.
  1. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I did a scan a GRC Shields UP, PC Flank and Auditmypc.com and all 3 says ports 7, 9, 13, 17 and 19 are opened. How do I closed them with ZAP6?
    Auditmypc.com says this about the ports.
    "tcp 7 Echo. Used to trouble-shoot remote TCP/IP stacks (telnet to remote echo port; then type. all keystrokes will echo back if target stack is working thru app layer. DOS Threat: Attackers use it to relay flooding data. If relayed to a network broadcast; entire subnet can flood. To a syslog-loghost; logs can flood. Returns it to whatever you forged as your source socket. Any data sent can flood; but looping data output ports (eg: chargen; time; daytime) create deadly streaming floods. Disable on all hosts; enable only for brief trouble-shooting.

    tcp 9 Discard. Port equiv to /dev/null. Reads pkts; then discards them. Allows knowledge the host is alive and processing pkts. Used while trouble-shooting local stack's transmit ability (telnet to discard on remote host; knowing all transmitted keystrokes will just be discarded. no worry of corrupting host processes). No threat; but block on hosts and perimeter network devices as general rule.

    tcp 19 Character Generator. Used to trouble-shoot TCP/IP stacks. Generates random characters at a high rate. DOS Threat: Attackers will loop it to the echo port; creating a very effective host and subnet DOS. Disable this port on all hosts; enable only for brief trouble-shooting tests.

    tcp 17 Quote of the Day (QOTD). Used to receive remote QOTDs. Used for social engineering attacks; where users receive fake instructions to verify passwords ; etc. Disable this port on all hosts.

    tcp 13 Daytime. Returns the time of day in machine language; can return OS version. Provides host time; which can be useful in timing attacks. Also creates a DOS threat when its output is looped echo port (7). Disable this port on all hosts. "
     
  2. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I got it fixed.
     
  3. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    And the answer was?

    Regards,

    CrazyM
     
  4. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I Removed all the apps in program control/ porgrams in ZAP and I letZAP ask me if I wasnted to allow each program again and when it asked about tcpsvcs.exe, I blocked tcpsvcs.exe when ZAP asked if I wanted to allow it. I didn't think I alllowed it the first time but I guess I did.
     
Loading...
Thread Status:
Not open for further replies.