blocking a specific port

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

indigowindow

Thread Starter
Joined
Oct 24, 2001
Messages
211
how can i block specific ports manually? for instance, in another thread someone mentioned port 135. is this done in the dos window? batch file? internet options? what instructions would i type?
 

indigowindow

Thread Starter
Joined
Oct 24, 2001
Messages
211
savvy lady - i will check out the portblock utility. what i meant was i want to do this without the aid of any other programs. i'm on a dial up 56k modem. not on a network. just 1 computer. but any network information will be relevant for the future.
 

eddie5659

Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Hiya

If you're after the blocking of the main file sharing port, 139, then this can be done manually:

http://grc.com/su-bondage.htm

Just scroll down to the end, and pick your OS.

Also, get a firewall, as you're on a dialup. A free and good one is ZoneAlarm www.zonelabs.com

And test the firewall out at www.grc.com

Use the Test my Shields and Probe my ports.

You can try this before you do the first bit of manually blocking, to see if you're still stealth. I am and I'm on a cable modem.

Regards

eddie
 

indigowindow

Thread Starter
Joined
Oct 24, 2001
Messages
211
although i've read the su-bondage information before, it sounds complicated and i probably don't need to do it since i have the zone alarm. although i should reread it and try it just so i know how to do it. there are many ports on these computers. i can type in a dos command and see which ones are open, right? so if port x is open and i want to close it, how do i go about doing that (without using 3rd party utilities)?
 

eddie5659

Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Okay

To see what ports you have open at the time that you're on the web, go to a DOS prompt and type the following

netstat -a

this will then bring up a list. Just tried it here at work and was a bit worried then. You won't have many, hopefully, on a dialup.

Can't show you fully, but here is what you'll get:

TCP wt-05236-gbbr:1389 localhost:2301 TIME_WAIT

Now, the first is your connection, TCP. You can have others, FTP is port 21 and so on.
The next is your IP address. It can be as a number, 255.255.255.0 or as this address wt-05236-gbbr. That is mine at work
The next is the port number. 1389. I have quite a lot open, but I'm on a server.
The next two are who you're connecting to and their port. Mines on a server, so thats this bit.
The last, TIME_WAIT or LISTENING, is what the PC is doing.

What I would do, is get ZA, go to GRC, scan and that should be all you need to do.

I'm on a cable modem at home, have ZA and thats it, and so far, I'm okay.

You shouldn't need to manually close ports, as you're not on a server or network of your own yet.

btw, the bondage stuff is pretty easy. I think there's a step by step somewhere in this Security forum that someone posted.

Regards

eddie
 

indigowindow

Thread Starter
Joined
Oct 24, 2001
Messages
211
so far everyone is providing a lot of useful and interesting information, but no one is answering my question.
 

eddie5659

Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Hiya

Its just that with a dialup and having a firewall, you shouldn't need to manually block ports, as the firewall does this for you. A server or a network needs to do them seperately as you have to have file sharing, etc.

This is what is written for the manually blocking of port 139:

http://forums.techguy.org/showthread.php?threadid=61918

You can purchase firewalls, which will have rules on which port(s) to block or open.

eddie
 
Joined
Aug 17, 2000
Messages
54
Hi indigowindow.

It's not really possible to block ports without the aid of other programs like firewalls or PortBlock programs mentioned by eddie5659 and SavvyLady.

The closest one can come to doing this is to disable or close the program opening the port.
You can sometimes alter the program that is opening the port and/or alter it's dependencies and registry entries.
It can depend on the port that's open, but the above is usually not easy or advised.

Some ports can be closed through the use of a more spartan network neighborhood configuration.

If you just desire a quick and easy way to close the NetBios file sharing ports 137, 138 and 139, you can download and run Close139 which can be found here.

Hope this answers your question...

.
 

indigowindow

Thread Starter
Joined
Oct 24, 2001
Messages
211
it's just that since i first started playing with the computer and downloading various tweaking and optimizing utilities, i've learned there are ways to do things manually. not only are there batch files that can boost performance and add enhancements, but there are entries in places like the system.ini and the registry that can be altered, added or deleted. also there are programs in windows itself that are not completely explained or utilized. so what i'm getting at here might be labelled Manual Port Control or something like that.
 
Joined
Jan 17, 2003
Messages
8
Simply rename the NetBios file VNBT.386 in the
c:\windows\system directory to VNBT-386.
This disables the NetBios services and keeps the file intact
for future use if needed.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Members online

Top