Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: GRC Test - Port 1025 Open

  1. #1
    vette Guest

    Default GRC Test - Port 1025 Open

    About once a month I check through www.grc.com to make sure all my ports are stealth.This last time, it showed that port 1025 was open. I have not seen this before.Any help anyone can give me on how to close this port will be greatly appreciated.Thank you in advance.

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: GRC Test - Port 1025 Open

    Hi Did you follow that port scan for 1025 into the report area and find out exactly what issues are involved. If I remember well it is involved with DCOM. There is a complete and informative report on this port and it's related ports. I use the ZA Pro and rules can be used for ports. Take care Oldsod
    Best regards.
    oldsod

  3. #3
    ad_hock Guest

    Default Re: GRC Test - Port 1025 Open

    Hi Vette
    By default and with internet zone security setted to high ZA should stealth all your ports. So, if ZA is working and is properly setted, there are only two reasons for in a scan test like shields up to appear open ports:
    -You are behind a router or a modem with NAT and in this case it's the hardware and not your computer that is scanned.
    -You gave internet server rights to one or more programs.See in the programs list in the column server internet if there are any green tick.
    Best regards

  4. #4
    arson Guest

    Default Re: GRC Test - Port 1025 Open



    Greetings Cor-Vette (pardon me, I just couldn't help myself
    :8} ), Ad-Hock and Oldsod ...

    Since Windows last Security/Critical Updates, particularly
    KB902400 Security Update,
    there have been a few things I've noticed
    with Windows DCOM
    and
    one item in particular
    that was added to ZA's Programs List
    ( I can't rember the exact Item name or .exe
    at the moment ,
    because I'm on another computer, but it was related to Windows DCOM ).... but I had ZA's 'Smart Defense Advisor' (SDA) set to Auto for experimental purposes that day ( I usually keep it on Manual or OFF) and this item had all Green Checkmarks across the board in ZA's Program List, configured by the SDA's Database
    ... I went in and removed it's Server (Trusted & Internet)
    Green checks
    and gave them ?'s ...

    ... but I just wanted to add that little info, just in case it may be related to this issue and maybe if anyone else has
    noticed this since Windows Update
    ...

    Take Care and best regards ...

    Arson D. Dragon

  5. #5
    balders Guest

    Default Re: GRC Test - Port 1025 Open



    Hi vette

    Had the same problem with 3 ports reported as open/not stealthed by ShieldsUP.
    The guidance in the following post by rotty

    http://forums.zonelabs.com/zonelabs/board/message?board.id=cfg&message.id=30913&quer y.id=575#M30913

    on setting up expert rules to deal with this was what I used to resolve this issue.

    Hope that this helps!

    Regards




    Balders:8}

  6. #6
    ad_hock Guest

    Default Re: GRC Test - Port 1025 Open

    Hi ARSON
    Nice to hear from you. I couldn't check your explanation as I have DCOM disabled by grc tool and as I'm behind a wireless G Linksys router I use ZAPro 5.5 with PG (paid) in all the computers. But what you say is perfectly in line with what I suggested in the previous post,to check in the programs list if there are any green ticks under server internet.The difference is in this case it wouldn't be a volunteer permission.
    All the best and nice carnival
    Ps: As you say or think and I totally agree,nothing like manual or OFF...

  7. #7
    arson Guest

    Default Re: GRC Test - Port 1025 Open


    <blockquote><hr>Balders wrote:


    Hi vette

    Had the same problem with 3 ports reported as open/not stealthed by ShieldsUP.
    The guidance in the following post by rotty

    http://forums.zonelabs.com/zonelabs/board/message?board.id=cfg&amp;message.id=30913&amp;quer y.id=575#M30913

    on setting up expert rules to deal with this was what I used to resolve this issue.

    Hope that this helps!

    Regards




    Balders:8}<hr></blockquote>

    Greetings Balders ....

    Yes, I agree
    this is
    one of
    good suggestions
    to
    customize individual ports and protocols for those
    just closed or open ports that may be
    not stealthed
    and hard to figure
    out why,
    but to make a statement that this has worked for you or setting up expert rules to deal with this issue is what you used to resolve this issue, is too definitive and too narrow right now in my opinion, because their may be several causes for this
    and suggesting and/or applying Firewall Expert Rules for one Port right now, may be not in the best interest of every user or Vette at this moment ...


    It's
    like trying to catch a guppy with
    a Side-of-Beef
    ... because
    it may be
    something as simple as a Program or App having
    a Green check mark under Server (Internet) in ZA's Program List ... that is why these Items were mentioned by Ad-Hock and myself first and if this still doesn't resolve this issue then you can look at
    your

    Modem/Router that may be NAT enabled (Hardware Firewalled) ,
    is there anything malicious on your system such as a worm or Trojan, etc ... after these things then you can possibly look at
    Expert Program Rules and then Expert Firewall Rules as you've mentioned ...

    My point being is FIRST look at what Programs or Apps have inadvertently or purposely been given Server Rights
    to the Internet, Automatically by ZA
    or Manually by you in
    the Programs Control List,
    then once this has been established and you haved Red X'ed or set Ask(?) for it, then you can recheck with a Site, such as GRC, S.O.S ... if the Port still remains Open and not stealthed, then move to the next simpler steps as
    mentioned above, before applying Expert Firewall Rules ...

    Again, this is a very good suggestion and I'm not knocking the usage of it, I'm just knocking the order in which it was given in comparison to the rest of the posts to Vette ... I hope you don't take this personal, but if you do, pardon me and I hope you accept my apology, but if you don't, oh well ... tough t1tty said the kitty, but the milk tastes good :8} ( it's not that serious)

    Take care and best regards Balders ...

    Arson D. Dragon

    Message Edited by ARSON on 02-25-200603:40 PM

  8. #8
    balders Guest

    Default Re: GRC Test - Port 1025 Open



    Arson

    No offence taken and no apology required.
    This is what a forum is for and how we all learn (well, at least those of us who need to).
    Your approach has merit and vette should follow it as it is more complete than mine.


    For myself I have programs that require server rights to operate (I have tried to run them without but they would not play), as a result the ports are seen as open/not stealthed and therefore the expert rules are the only way to go for me.

    Take care yourself.....and keep the advice coming.

    Best regards




    Balders

    PS.

  9. #9
    balders Guest

    Default Re: GRC Test - Port 1025 Open



    Arson

    No offence taken and no apology required.
    This is what a forum is for and how we all learn (well, at least those of us who need to).
    Your approach has merit and vette should follow it as it is more complete than mine.


    For myself I have programs that require server rights to operate (I have tried to run them without but they would not play), as a result the ports are seen as open/not stealthed and therefore the expert rules are the only way to go for me.

    Take care yourself.....and keep the advice coming.

    Best regards




    Balders

    PS. This

  10. #10
    balders Guest

    Default Re: GRC Test - Port 1025 Open



    Arson

    No offence taken and no apology required.
    This is what a forum is for and how we all learn (well, at least those of us who need to).
    Your approach has merit and vette should follow it as it is more complete than mine.


    For myself I have programs that require server rights to operate (I have tried to run them without but they would not play), as a result the ports are seen as open/not stealthed and therefore the expert rules are the only way to go for me.

    Take care yourself.....and keep the advice coming.

    Best regards




    Balders

    PS. This is a great community.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •