- Posts: 4
- Thank you received: 0
Closing ports...
21 years 1 month ago #1745
by jwkcu
Here smoke this till you can speak my language!
Closing ports... was created by jwkcu
Is there a way someone could manually close a port. Command? Program? I do not feel like going through services and shutting them down, instead i want to be able to just shut down the port # itself.
Here smoke this till you can speak my language!
21 years 1 month ago #1747
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Closing ports...
Do you mean a TCP/UDP port ? Which port exactly ? Not all of them are shutdown through services, a lot are opened just by programs that are running (ok now someone will get technical on me and say that services are really just programs). Anyway you can't really just shut a port down..
What happens is when an application wants a port it 'binds' that port and starts listening on it. What you can do is block the port from being accessed, you can use a firewall or a personal firewall like zonealarm ( www.zonelabs.com ).
Don't just arbitrarily shut down ports unless you know what they do, you might break something. Drop me the port number and I'll give you an idea of what it probably is and how you can shut it down.
On a side note you know whats really fun ? setting up your own little program to listen on that port and just collect whatever data is sent to it.. kind of like a primitive honeypot. Somedays I like to setup netcat to listen on port 80 (HTTP) and when someone connects just send them some data which looks like a webserver answering.. its fun to see what wierd requests you get. I log all the requests to a file and then when I'm done for the day I just look through them. You never know.. you might even capture a new worm like this.
If you want netcat
www.atstake.com/research/tools/network_utilities/
You can set it up as a listener by typing
nc -lp <port> where <port> is the port you want it to bind to.
Wanna know what an HTTP request from your browser looks like ? Setup netcat
nc -lp 80
Then in your browser type 127.0.0.1 and see what data you can see in the netcat window. I got
[code:1]
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS>nc -lp 80
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shock
wave-flash, */*
Accept-Language: en-us
XXXXXXXXXXXXXXX: XXXXXXXXXXXXX
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: 127.0.0.1
Connection: Keep-Alive
C:\WINDOWS>
[/code:1]
Yknow this is actually a very nice way to learn the internal workings of protocols..
Of course that may be far more info than you wanted, I just like to point out interesting experiments you can do with low level networking.. to see what happens when you do day to day things..
Anyone notice how my 'on a side note' always gets longer than the answer itself ?
What happens is when an application wants a port it 'binds' that port and starts listening on it. What you can do is block the port from being accessed, you can use a firewall or a personal firewall like zonealarm ( www.zonelabs.com ).
Don't just arbitrarily shut down ports unless you know what they do, you might break something. Drop me the port number and I'll give you an idea of what it probably is and how you can shut it down.
On a side note you know whats really fun ? setting up your own little program to listen on that port and just collect whatever data is sent to it.. kind of like a primitive honeypot. Somedays I like to setup netcat to listen on port 80 (HTTP) and when someone connects just send them some data which looks like a webserver answering.. its fun to see what wierd requests you get. I log all the requests to a file and then when I'm done for the day I just look through them. You never know.. you might even capture a new worm like this.
If you want netcat
www.atstake.com/research/tools/network_utilities/
You can set it up as a listener by typing
nc -lp <port> where <port> is the port you want it to bind to.
Wanna know what an HTTP request from your browser looks like ? Setup netcat
nc -lp 80
Then in your browser type 127.0.0.1 and see what data you can see in the netcat window. I got
[code:1]
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS>nc -lp 80
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shock
wave-flash, */*
Accept-Language: en-us
XXXXXXXXXXXXXXX: XXXXXXXXXXXXX
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: 127.0.0.1
Connection: Keep-Alive
C:\WINDOWS>
[/code:1]
Yknow this is actually a very nice way to learn the internal workings of protocols..
Of course that may be far more info than you wanted, I just like to point out interesting experiments you can do with low level networking.. to see what happens when you do day to day things..
Anyone notice how my 'on a side note' always gets longer than the answer itself ?
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
21 years 1 month ago #1749
by jwkcu
Here smoke this till you can speak my language!
Replied by jwkcu on topic Re: Closing ports...
Actually that is exactly what I wanted. Thank you.
By the way, I am currently a student in college majoring in Computer Science and studying System Administration and Networking. I am just being curious about network security and would like to learn whatever more you have to offer.
By the way, I am currently a student in college majoring in Computer Science and studying System Administration and Networking. I am just being curious about network security and would like to learn whatever more you have to offer.
Here smoke this till you can speak my language!
Time to create page: 0.123 seconds