[pchelpers] Re: Stealth Scan, sent to both email addresses in case PCHelpers email is too long
- From: "DonBieber@xxxxxxxxxx" <DonBieber@xxxxxxxxxx>
- To: pchelpers@xxxxxxxxxxxxx, Ekhart.GEORGI@xxxxxxxxxxx
- Date: Mon, 25 Apr 2005 12:37:46 -0400
Thanks for giving this consideration, This is what appears in the Sygate
box:
ntoskrnl.exe, UDP, listen, port 445
ntoskrnl.exe, TCP, Listen, port 445
ntoskrnl.exe, UDP, listen, port 138
ntoskrnl.exe, UDP, listen, port 137
ntoskrnl.exe, TCP, listen, port 139
lsass.exe, UDP, listen, port 500
lsass.exe, UDP, listen, port 4500
svchost.exe, UDP, listen port 1032
svchost.exe, UDP, listen port 1069
Thunderbird.exe, TCP, Connect, port 1342, remote port 1341
wwDisp.exe, UDP, Connect, local port 1071, remote port 1071 (WindowWasher)
"hide Windows services" unchecked
"hide broadcast traffic" unchecked
I rechecked the Sygate port check at
http://scan.sygate.com/stealthscan.html
Port 80 now says closed, This port has responded to our probes. This
means that you are not running any application on this port, but it is
still possible for someone to crash your computer through known TCP/IP
stack vulnerabilities.
Port 113 now says closed, This port has responded to our probes. This
means that you are not running any application on this port, but it is
still possible for someone to crash your computer through known TCP/IP
stack vulnerabilities.
The rest say blocked, This port has not responded to any of our probes.
It appears to be completely stealthed.
Ekhart GEORGI (last name last) wrote:
>Are you sure that "hide Windows services" and "hide broadcast traffic" are not
>checkmarked in the main SPF window?
>Did you click View / Connection Details, and look for process /
>application names which are LISTENING on the LOCAL port numbers you have been
>told are open?
>
>Ek
>
>
Don Bieber
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 0517-0, 04/25/2005
Tested on: 4/25/2005 12:37:49 PM
avast! - copyright (c) 1988-2004 ALWIL Software.
http://www.avast.com
--
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.
- Follow-Ups:
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
- References:
- [pchelpers] Stealth Scan
- From: DonBieber@xxxxxxxxxx
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
- [pchelpers] Re: Stealth Scan
- From: DonBieber@xxxxxxxxxx
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
- [pchelpers] Re: Stealth Scan
- From: DonBieber@xxxxxxxxxx
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
Other related posts:
- » [pchelpers] Re: Stealth Scan, sent to both email addresses in case PCHelpers email is too long
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
- [pchelpers] Stealth Scan
- From: DonBieber@xxxxxxxxxx
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
- [pchelpers] Re: Stealth Scan
- From: DonBieber@xxxxxxxxxx
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)
- [pchelpers] Re: Stealth Scan
- From: DonBieber@xxxxxxxxxx
- [pchelpers] Re: Stealth Scan
- From: Ekhart GEORGI (last name last)