You're probably going to start loathing my questions but if I ask "the guys" at work they don't respond. Either they don't know or they're laughing at my email. In any event I noticed some traffic going to port 17 so I look it up and it says it's used for QOTD or "Quote of the Day". Since this traffic is coming in, but not coming from, let's say, http://www.QOTD.org" onclick="window.open(this.href);return false;, then is it important to ask the guy in charge of the firewall to take a look?
Or maybe I'm googling it wrong?
When one cat leaves, another mysteriously shows up.
garbsmj wrote:You're probably going to start loathing my questions but if I ask "the guys" at work they don't respond. Either they don't know or they're laughing at my email. In any event I noticed some traffic going to port 17 so I look it up and it says it's used for QOTD or "Quote of the Day". Since this traffic is coming in, but not coming from, let's say, http://www.QOTD.org" onclick="window.open(this.href);return false;, then is it important to ask the guy in charge of the firewall to take a look?
Or maybe I'm googling it wrong?
I don't know if you have ever used Gibson Research and Shields Up before, but it is a good test of the first 1056 ports in your system. If they show up as all green, then they are "stealth" ports and not visible to probes. Red and blue mean they are open and you should look further to close them possibly.
I did check port 17 specifically and it was closed but it used that port for whatever reason? ( if it was open )
GRC.JPG
Did I make any sense in my rather poor explanation?
yes you made sense. We have a product that tracks the traffic that I took over from someone who kept 0 documentation so I'm trying to figure out how to get it working efficiently. I found that in the "olden days" this port actually sent something (yes the quote of the day). Now it's just a port where hackers, ethical or not, find and try to attack. So what I need is a list of ports we actually use, and then have them lock down the ones we don't. Sounds easy, right?
When one cat leaves, another mysteriously shows up.
Another handy feature of GRC scan is when the results of the scan is shown, you can just hover the cursor over any individual port number and it will show you what that port is usually used for, In the case of port 17 it shows Quote of the Day.
I very much doubt that anybody uses port 17 for quote of the day any more. If it is in use then it is likely to be by something that is not entirely appropriate.
I've never checked my system before (doh!). I followed Viking Bob's information and ran the Shields Up test only to find 2 ports red (all others green). The 2 red ports are used for world wide web HTTP protocol and secure HTTP protocol. What, if any, action should I take?
I also ran the router test. It passed.
Bob's yer Uncle
(1/2)(1+√5)
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
Hmm.. I just ran ShieldsUP and found that while ports 80 (HTTP) and 443 (HTTPS) were in 'stealth' mode, ports 135 (RPC) and 445 (Msft DS) were reported as 'closed'. All other ports reported stealth. The GRC site provides some information, but I can't determine from this whether or not I should be concerned and what, if any, action I should take. Thoughts, anyone?
Regards,
Paul
The pessimist complains about the wind. The optimist expects it to change. The realist adjusts his sails.
On my computer, ports 80, 135, 443 and 445 are all in Stealth Mode, without any adverse effects as far as I can tell. So I'd say there is need to leave them visible to the outside world.
HansV wrote:On my computer, ports 80, 135, 443 and 445 are all in Stealth Mode, without any adverse effects as far as I can tell. So I'd say there is need to leave them visible to the outside world.
All my ports are Stealth Mode but I would think that you may well have some app running on your machines that required those port be open?
As we all know, some systems may have a unique need that would change them.
Stealth means that the port doesn't advertise to the outside world that it's there. Applications on your PC can still use them.
There may be situations in which it's necessary for a port to be visible to the interwebs, but I don't know what those could be.
All my PC's have been operating in full stealth mode since I got broadband internet...