Ports question

Discussion in 'other security issues & news' started by nikheff, Aug 28, 2004.

Thread Status:
Not open for further replies.
  1. nikheff

    nikheff Registered Member

    Joined:
    Apr 10, 2004
    Posts:
    36
    Location:
    Independence, Missouri
    Hello all--

    Am using XP Pro with all SP1 updates (haven't installed SP2 yet), Zone Alarm Pro, a bunch of other security programs (inc. NOD32), and just installed Trojan Hunter because of a new trojan found on my pc last night (it got on my system in the space of one day!).

    In looking at the ports in Trojan Hunter's Netstat Viewer, I'm seeing the following and wondering if they should be there (in addition to my Comcast IP address):

    TCP--0.0.0.0:135, listening
    TCP--0.0.0.0:445, listening
    TCP--0.0.0.0:1030, listening
    UDP--0.0.0.0:445, listening
    UDP--0.0.0.0:500, listening
    UDP--0.0.0.0:1026, listening
    UDP--0.0.0.0:1037, listening
    UDP--0.0.0.0:1043, listening
    UDP--127.0.0.1:123, listening
    UDP--127.0.0.1:1141,listening

    Should these be there, and how do I find out who/what they are? And if they should not be there, should I kill the connection from Trojan Hunter?

    Also, is there a post somewhere on Wilders (I thought I read a couple of weeks ago) about what ports should not be open? Of course, I can't find that thread now!

    Thanks for any help

    Nikki
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
  3. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Follow this link to see a list of common ports and what they are used for.

    I've found DCS's Port Explorer very handy in these situations. With that app you can actually monitor (document) activity to/from a specific port and then go back and see what is being transmitted. It will also allow you to restrict the bandwidth used by any port. Give it a try. :)
     
Loading...
Thread Status:
Not open for further replies.