Port 23

shadha · December 31, 2006, 7:51am

Hi Guys
Hope you can help with this. I have just tried Zonealarm pro and outpost on my sisters computer and did the GRC test. With both of these programs port 23 was closed not stealthed and port 1026 was open. I then uninstalled these programs (i did a uninstall and install on both and didn’t run both together) and after installed CPF and it stealthed port 1026 but port 23 still remains closed not stealthed. How do I stealth this port
Your help would be muchly appreciated and to all who come to this forum I wish you ALL a great and safe New Year
shadha
(B)

Bluesman · December 31, 2006, 1:53pm

Do you connect thru a router or directly to the Internet?

shadha · December 31, 2006, 8:45pm

Hi Bluesman
I connect direct to the internet through a standard dsl modem. Also port 23 is Telnet (what ever that means).
shadha

(B)

shadha · January 3, 2007, 8:17pm

Hi Guys
Does anyone out there want to give me some idea on how to correct this problem. I really need some help.
shadha
(:SAD)

Little_Mac · January 3, 2007, 9:12pm

shadha,

I think this is probably another case of how the online scanners (such as GRC, PCFlank, etc) do their scans and report their findings. Although they provide some good information, and point users in the right direction, they are generally not the best indicator of a PC’s security.

A better option is a resident scanner such as Superscan4 from Foundstone (free), to scan your localhost (127.0.0.1) as this gives a much better indication of what’s really happening on your machine.

Using some good, free tools it’s possible to track down what may be occuring on Port 23 - things like
SuperScan by Foundstone
TcpView by Sysinternals
PortQuery by Microsoft
or FPort by Foundstone (this one will only work if the port is open, but it tells you which app is controlling it).

Here’s something else you can do: In CPF’s Network Monitor, make sure your bottom “block” rule is set to create an alert if it’s fired. In fact, for the moment, turn all the Network Rules to create an alert. Clear the Activity Logs in CPF. Then go to Security/Advanced/Miscellaneous, uncheck the box for “Do not show alerts for applications certified by Comodo” and move the Alert Frequency slider to High or Very High; click OK. Reboot for good measure, to make sure your rules are firmly set.

Go test GRC again. You may get alerts for some of your “normal” activity with your browser, etc, referring to specific ports; especially when GRC pings you. Look at your Activity Logs in CPF again. See if anything’s been allowed, if there are High Severity events See what’s been allowed, what’s been denied. (Don’t rule anything out, but keep your eye open for ICMP on Port 23…)

Hope that helps. If you have any questions, please ask.

LM

shadha · January 4, 2007, 6:06am

Thanks for your help Little Mac, I will give it a try on the weekend.
shadha