Ports Tests - New User [Resolved]

Hi all!
Am trying this firewall. I have Windows XP sp2, dsl connection through modem and no router. Installed firewall as is with no new rules, etc. scanned online with Hacker Guardian and found 3 open ports. I passed the Injection Leak Test. The Shields UP scan revealed 2 Stealth, 3 Open and the remaining Closed. I’m running version 2.3.6.81. Is the firewall working correctly? Thanks.
Pat

Welcome to the forum.
All your ports should be stealthed if you use the default network rules…
Which ports where open/closed?

Ports opened are 21, 23, 53.

Thanks.

Please go to http://www.pcflank.com/ and do the tests there and check if you get the same results.
Post back when you have completed the tests.
Thanks

AOwL:
Results of the tests:
Leaktest: Failed.
Quick Test: Open Ports: 21,23; Visible Ports: 80,135,137,138,139,1080,3128; 27374,12345,1243,31337,12348
Stealth Test: TCP “ping” Stealthed, TCP NULL Stealthed, TCP FIN Stealthed, TCP XMAS Stealthed, UDP Stealthed.
Browser Test: Didn’t like my cookies/referrer on Firefox.
Trojans Test: No Open Ports Trojans’ ports. Following are non-stealthed: 123,146,623,901,903,1243,1560,2001,2002,2800,3000,3700,5151,6776,7000,7410,9696,10100,10528,11051,12345,12346,12348,12349,15094,17569,20034,25685,25686,27374,31337,34763,35000.
Advanced Port Scanner: Open Port: 21; Closed Ports: 23,80,135,137,138,139,1080,1243,3128,12345,12348,27374,31337.
Exploits Test: Your system successfully defended itself from this attack.

Thanks.
Pat

Port 21 is for FTP
Port 23 is for TELNET
Port 53 UDP is often a DNS service and so is it if it’s TCP, but it can also be used by
tcp [trojan] ADM worm
tcp [trojan] Lion

Wow… :o
I would reinstall Comodo firewall and see if it helps.
It shouldn’t be like that… if you have default rules…
Be sure to choose auto when you install it.

AOwL:
Did as you said and reinstalled CPF on auto (as I did previously, I might add). Nothing has changed regarding the tests. Is my system that incompatible with CPF or for that matter any firewall?? Windows XP Firewall is not Stealth either.
Thanks.
Pat

Well it should work… :THNK
What other security programs do you have installed?
Antivirus? Antispyware?

AOwL:

I’ve got the following (not all running at the same time):
NOD32
A-Squared
BoClean
Spybot S&D
Spy Sweeper
Ad-Aware SE

I seldom use IE7 and basically for windows updates. I use Opera and Firefox.
Pat

Are you certain that the ports being measured are actually the ports on your PC?

Are you behind a router?

If you’re behind a router, online scans will test the first port it finds on the return path - PC or router, it doesn’t care which - it just sees ports. This, of course, isn’t the case if you have ports forwarded on your router to your PC.

Hope this helps,
Ewen :slight_smile:

panic:
I have a dsl connection through a modem that sits right on my desk - I have no router.
Pat

Hey Pat,

OK, just wanted to rule a possibility out.

Can you do the following;

  1. Open a DOS window and type the following (minus the quotation marks);
    “netstat -a >c:\netstat_log.txt”
  2. The above command will create a text file called netstat_log.txt in the root of your C: drive.
  3. Open this file in notepad, or any other text editor, and carefully compare the results with those of your previous posting.
  4. Alternatively, run the online tests and then immediately after, run steps 1-3.

Let us know of any discrepancies.

HTH
Ewen :slight_smile:

okay…but how do I open a DOS window?

Sorry, should have explained fully.

  1. Click start button
  2. Click RUN
  3. In RUN window, type in (minus the quoatation marks" “cmd” and click ok.
  4. This will open a “DOS” window with an eagerly awaiting prompt.

Hope this helps,
Ewen :slight_smile:

Okay, I did figure that out…however, what do I click on to open in notepad? There’s a short listing of a,b,e,n,o,p,r,s,v,and interval. Thanks

The quickest way to open the log file in notepad is (and this assumes that you used the filename originally sepcified below)

  1. Click the START button
  2. Click RUN and type in “notepad c:\netstat_log.txt”
  3. Click OK.

This will open the file called netstat_log.txt in Notepad, providing it was called that and was saved to the root of your C: drive.

HTH
Ewen :slight_smile:

Something is not working…I get the DOS window, enter the netstat…hit enter and I get the listing. But when I try to run notepad c:\netstat_log.txt, notepad opens and there’s nothing in the nestat_log.txt file.

Have another ■■■■■ at it please. Ive checked the instructions and they do work.

You should end up with something like this;

[i]Active Connections

Proto Local Address Foreign Address State
TCP new1:epmap new1:0 LISTENING
TCP new1:microsoft-ds new1:0 LISTENING
TCP new1:52250 new1:0 LISTENING
TCP new1:59165 new1:0 LISTENING
TCP new1:1035 new1:0 LISTENING
TCP new1:netbios-ssn new1:0 LISTENING
TCP new1:2160 forums.comodo.com:http TIME_WAIT
TCP new1:2162 forums.comodo.com:https CLOSE_WAIT
TCP new1:2163 forums.comodo.com:https CLOSE_WAIT
TCP new1:2164 forums.comodo.com:https CLOSE_WAIT
TCP new1:2165 forums.comodo.com:http ESTABLISHED
UDP new1:microsoft-ds :
UDP new1:1026 :
UDP new1:1106 :
UDP new1:1178 :
UDP new1:ntp :
UDP new1:1027 :
UDP new1:1161 :
UDP new1:1900 :
UDP new1:ntp :
UDP new1:netbios-ns :
UDP new1:netbios-dgm :
UDP new1:1900 : [/i]

I’ll check back in later and see how you got on.

cheers,
EWen :slight_smile:

panic:
My bad…Got it to work this time. I am not sure how to read this and what exactly am I suppose to be looking for? I’m sorry but this is confusing to me.
Pat