Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 12 of 12 Posts

·
Registered
Joined
·
211 Posts
Discussion Starter · #1 ·
how can i block specific ports manually? for instance, in another thread someone mentioned port 135. is this done in the dos window? batch file? internet options? what instructions would i type?
 

·
Registered
Joined
·
2,218 Posts
hi indigo
do you mean on a network? what connection to an isp do you use?
 

·
Registered
Joined
·
211 Posts
Discussion Starter · #4 ·
savvy lady - i will check out the portblock utility. what i meant was i want to do this without the aid of any other programs. i'm on a dial up 56k modem. not on a network. just 1 computer. but any network information will be relevant for the future.
 

·
Super Moderator
Joined
·
37,519 Posts
Hiya

If you're after the blocking of the main file sharing port, 139, then this can be done manually:

http://grc.com/su-bondage.htm

Just scroll down to the end, and pick your OS.

Also, get a firewall, as you're on a dialup. A free and good one is ZoneAlarm www.zonelabs.com

And test the firewall out at www.grc.com

Use the Test my Shields and Probe my ports.

You can try this before you do the first bit of manually blocking, to see if you're still stealth. I am and I'm on a cable modem.

Regards

eddie
 

·
Registered
Joined
·
211 Posts
Discussion Starter · #6 ·
although i've read the su-bondage information before, it sounds complicated and i probably don't need to do it since i have the zone alarm. although i should reread it and try it just so i know how to do it. there are many ports on these computers. i can type in a dos command and see which ones are open, right? so if port x is open and i want to close it, how do i go about doing that (without using 3rd party utilities)?
 

·
Super Moderator
Joined
·
37,519 Posts
Okay

To see what ports you have open at the time that you're on the web, go to a DOS prompt and type the following

netstat -a

this will then bring up a list. Just tried it here at work and was a bit worried then. You won't have many, hopefully, on a dialup.

Can't show you fully, but here is what you'll get:

TCP wt-05236-gbbr:1389 localhost:2301 TIME_WAIT

Now, the first is your connection, TCP. You can have others, FTP is port 21 and so on.
The next is your IP address. It can be as a number, 255.255.255.0 or as this address wt-05236-gbbr. That is mine at work
The next is the port number. 1389. I have quite a lot open, but I'm on a server.
The next two are who you're connecting to and their port. Mines on a server, so thats this bit.
The last, TIME_WAIT or LISTENING, is what the PC is doing.

What I would do, is get ZA, go to GRC, scan and that should be all you need to do.

I'm on a cable modem at home, have ZA and thats it, and so far, I'm okay.

You shouldn't need to manually close ports, as you're not on a server or network of your own yet.

btw, the bondage stuff is pretty easy. I think there's a step by step somewhere in this Security forum that someone posted.

Regards

eddie
 

·
Registered
Joined
·
211 Posts
Discussion Starter · #8 ·
so far everyone is providing a lot of useful and interesting information, but no one is answering my question.
 

·
Super Moderator
Joined
·
37,519 Posts
Hiya

Its just that with a dialup and having a firewall, you shouldn't need to manually block ports, as the firewall does this for you. A server or a network needs to do them seperately as you have to have file sharing, etc.

This is what is written for the manually blocking of port 139:

http://forums.techguy.org/showthread.php?threadid=61918

You can purchase firewalls, which will have rules on which port(s) to block or open.

eddie
 

·
Registered
Joined
·
54 Posts
Hi indigowindow.

It's not really possible to block ports without the aid of other programs like firewalls or PortBlock programs mentioned by eddie5659 and SavvyLady.

The closest one can come to doing this is to disable or close the program opening the port.
You can sometimes alter the program that is opening the port and/or alter it's dependencies and registry entries.
It can depend on the port that's open, but the above is usually not easy or advised.

Some ports can be closed through the use of a more spartan network neighborhood configuration.

If you just desire a quick and easy way to close the NetBios file sharing ports 137, 138 and 139, you can download and run Close139 which can be found here.

Hope this answers your question...

.
 

·
Registered
Joined
·
211 Posts
Discussion Starter · #11 ·
it's just that since i first started playing with the computer and downloading various tweaking and optimizing utilities, i've learned there are ways to do things manually. not only are there batch files that can boost performance and add enhancements, but there are entries in places like the system.ini and the registry that can be altered, added or deleted. also there are programs in windows itself that are not completely explained or utilized. so what i'm getting at here might be labelled Manual Port Control or something like that.
 

·
Registered
Joined
·
8 Posts
Simply rename the NetBios file VNBT.386 in the
c:\windows\system directory to VNBT-386.
This disables the NetBios services and keeps the file intact
for future use if needed.
 
1 - 12 of 12 Posts
Status
Not open for further replies.
Top