Results 1 to 4 of 4

Thread: Ports not being blocked?

  1. #1
    ThomasKilburn Guest

    Question Ports not being blocked?

    I have been scanning my own windows operating system with Nmap, only to find the following port are always open regardless of settings and expert rules:

    1025-1030, 1033, 445 All of which pertain to Microsoft RPC

    Is this supposed to happen?

    Info:
    Windows 7 64bit
    Zonealarm version:10.2.073.000

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Ports not being blocked?

    Hi and welcome to the ZA user forum!

    Not at all an expert on networks but to allow other users to provide a reasoned feedback you should post full information about your your issue. The exact version of ZA used (right click the ZA icon near the clock --> about --> copy to clipbard --> paste it here). The precise messages by nmap about ports. The way you connect to internet (plug into the wall? Plug into a router? Wireless? USB stick? 3G? Modem.... etc.)

    Then you should report the status of your ports using an external service. For example, GRC shieldsup at http://www.grc.com/x/ne.dll?rh1dkyd2 and report here. As with nmap you probably mapping the ports and their status (listening to X.X.X.X.X port XXX, closed, open to listening to localhost, connected, etc), nothing to do with open ports towards the internet.

    Windows 7 is much more "connection" aware then previous OSs, both inside and outside. You will lost your time if you want to block them as the end results is instability and blockage for other programs. More important is to keep WIN7 fully up to date.

    Thanks,
    Fax
    Last edited by fax; August 4th, 2012 at 02:41 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    ThomasKilburn Guest

    Default Re: Ports not being blocked?

    Quote Originally Posted by fax View Post
    Hi and welcome to the ZA user forum!

    Not at all an expert on networks but to allow other users to provide a reasoned feedback you should post full information about your your issue. The exact version of ZA used (right click the ZA icon near the clock --> about --> copy to clipbard --> paste it here). The precise messages by nmap about ports. The way you connect to internet (plug into the wall? Plug into a router? Wireless? USB stick? 3G? Modem.... etc.)
    ZoneAlarm Pro version: 10.2.073.000
    Vsmon version: 10.2.073.000
    Driver version: 10.0.217.000
    ZoneAlarm Browser Security: 1.5.395.0

    I use a router, however, the firewall is installed on a “mobilized” version of Windows 7. It can be booted via external usb from basically anywhere. Thus I expect the firewall to be effective and flexable.

    Could this possibly be a quirk with how Nmap is used to scan Windows locally?



    Quote Originally Posted by fax View Post
    Then you should report the status of your ports using an external service. For example, GRC shieldsup at http://www.grc.com/x/ne.dll?rh1dkyd2 and report here. As with nmap you probably mapping the ports and their status (listening to X.X.X.X.X port XXX, closed, open to listening to localhost, connected, etc), nothing to do with open ports towards the internet.
    All the port tests (file sharing, common ports and all service ports) have passed. All ports detected as stealthed.

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Ports not being blocked?

    So, it's good that your ports are all closed/stealthed to the internet and this is what you need to be concerned with. Your router is rejecting all unsolicited calls already. Anyway, nowadays malware spread via web surfing rather than by vulnerability of open ports. In fact, if your windows 7 is fully updated the risk is basically null. Unless you are targeted by espionage, CIA, etc. In that case there is no firewall that will help you. Just matter of time

    Services listening to localhost or open port to your LAN are normal and may be needed for the OS and running applications to work properly. The only way to get rid of them is to turn OFF those services and this may cause problem to your system. You can review a guide on how to minimize services in windows 7 here. However, watch out for undesired effects that may not be easily traced back to those changes.

    I don't know if your USB mobilized windows 7 is supported by ZA. The only way to know is to test with GRC once on that configuration. Some modem, USB stick may come with a mini-firewall others not. Some may need open ports by design others not.

    The basic principle in ZA is that, if you are on a public network, you will need to ensure that in the ZA firewall zones, the network is set as INTERNET. Also watch out not to misconfigure ZA firewall configuration. ZA Internet zone should be set to HIGH while Trusted Zone should be set to MEDIUM (and not high).

    Hope this helps.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. printer ports blocked?
    By ldess in forum ZoneAlarm Configuration
    Replies: 4
    Last Post: December 6th, 2009, 12:33 PM
  2. Blocked access to ports
    By raideron in forum Security Issues
    Replies: 0
    Last Post: June 10th, 2007, 04:26 PM
  3. TCP & UDP Ports being blocked?
    By matttaylor in forum Access Issues
    Replies: 4
    Last Post: December 24th, 2005, 11:54 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •