Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows VistaWindows XPWindows MeWindows 98Windows 95Virtual PCInternet ExplorerOutlook ExpressWindows MediaSecurity
Related Topics
MS Server ProductsMS OfficePC HardwareMore Topics ...
Windows Forum / Windows XP / Security and Administration / June 2005

Tip: Looking for answers? Try searching our database.

Windows Firewall Exploitable?

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Kevin Remde - 22 Jun 2005 14:19 GMT
I had an interesting question in a TechNet Briefing I delivered yesterday.  A
customer was wondering what would happen to ports that are open on behalf of
an exception defined by application (an .exe listening for unsolicited
ports), and that application did not close gracefully.

The assumption is that if the .exe is not running, the ports aren't open.  
But is there any difference if the application crashed suddenly?  Would the
ports remain open?

Thanks!
Signature

Kevin Remde
IT Pro Evangelist
Microsoft Corporation

Reply to this Message
David Beder [MSFT] - 27 Jun 2005 08:15 GMT
The ports might remain open for a few seconds after the app crashed, but
will eventually get cleaned up/closed.

Signature

David
Microsoft Windows Networking
This posting is provided "AS IS" with no warranties, and confers no rights.

>I had an interesting question in a TechNet Briefing I delivered yesterday.
>A
[quoted text clipped - 9 lines]
>
> Thanks!
Reply to this Message
Email from database - 29 Jun 2005 18:16 GMT
David or Kevin, I currently have Windows XP SP2 and both the
forewall/antivirus is ON. I performed a "shieldsUP!" test in www.grc.com and
the 23,80 and 443 ports are wide open. Linksys has verified my router and
appears to be in good condition (properly secure). What can I do to
close/stealth those 3 ports ? Please advise.

> The ports might remain open for a few seconds after the app crashed, but
> will eventually get cleaned up/closed.
[quoted text clipped - 12 lines]
> >
> > Thanks!
Reply to this Message
David Beder [MSFT] - 30 Jun 2005 08:53 GMT
do a "netsh firewall show state verbose=enable" and look through the list of
open ports (eg Ports currently open on all network interfaces). If you find
these in the list, you'll see what app has probably configured the firewall
to let it listen. These ports are for telnet and web serving, which it
sounds like you aren't expecting to have the machine do.

Signature

David
Microsoft Windows Networking
This posting is provided "AS IS" with no warranties, and confers no rights.

> David or Kevin, I currently have Windows XP SP2 and both the
> forewall/antivirus is ON. I performed a "shieldsUP!" test in www.grc.com 
[quoted text clipped - 22 lines]
>> >
>> > Thanks!
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.