Windows Firewall Exploitable?

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I had an interesting question in a TechNet Briefing I delivered yesterday. A
customer was wondering what would happen to ports that are open on behalf of
an exception defined by application (an .exe listening for unsolicited
ports), and that application did not close gracefully.

The assumption is that if the .exe is not running, the ports aren't open.
But is there any difference if the application crashed suddenly? Would the
ports remain open?

Thanks!
--
Kevin Remde
IT Pro Evangelist
Microsoft Corporation
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

The ports might remain open for a few seconds after the app crashed, but
will eventually get cleaned up/closed.

--
David
Microsoft Windows Networking
This posting is provided "AS IS" with no warranties, and confers no rights.


"Kevin Remde" <KevinRemde@discussions.microsoft.com> wrote in message
news:A7CEBEBA-C06C-4F91-988E-71F08D826FC8@microsoft.com...
>I had an interesting question in a TechNet Briefing I delivered yesterday.
>A
> customer was wondering what would happen to ports that are open on behalf
> of
> an exception defined by application (an .exe listening for unsolicited
> ports), and that application did not close gracefully.
>
> The assumption is that if the .exe is not running, the ports aren't open.
> But is there any difference if the application crashed suddenly? Would
> the
> ports remain open?
>
> Thanks!
> --
> Kevin Remde
> IT Pro Evangelist
> Microsoft Corporation
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

David or Kevin, I currently have Windows XP SP2 and both the
forewall/antivirus is ON. I performed a "shieldsUP!" test in www.grc.com and
the 23,80 and 443 ports are wide open. Linksys has verified my router and
appears to be in good condition (properly secure). What can I do to
close/stealth those 3 ports ? Please advise.

"David Beder [MSFT]" wrote:

> The ports might remain open for a few seconds after the app crashed, but
> will eventually get cleaned up/closed.
>
> --
> David
> Microsoft Windows Networking
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> "Kevin Remde" <KevinRemde@discussions.microsoft.com> wrote in message
> news:A7CEBEBA-C06C-4F91-988E-71F08D826FC8@microsoft.com...
> >I had an interesting question in a TechNet Briefing I delivered yesterday.
> >A
> > customer was wondering what would happen to ports that are open on behalf
> > of
> > an exception defined by application (an .exe listening for unsolicited
> > ports), and that application did not close gracefully.
> >
> > The assumption is that if the .exe is not running, the ports aren't open.
> > But is there any difference if the application crashed suddenly? Would
> > the
> > ports remain open?
> >
> > Thanks!
> > --
> > Kevin Remde
> > IT Pro Evangelist
> > Microsoft Corporation
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

do a "netsh firewall show state verbose=enable" and look through the list of
open ports (eg Ports currently open on all network interfaces). If you find
these in the list, you'll see what app has probably configured the firewall
to let it listen. These ports are for telnet and web serving, which it
sounds like you aren't expecting to have the machine do.

--
David
Microsoft Windows Networking
This posting is provided "AS IS" with no warranties, and confers no rights.


"Email from database" <Emailfromdatabase@discussions.microsoft.com> wrote in
message news:D3664CB7-1083-4E98-987D-791CBB732159@microsoft.com...
> David or Kevin, I currently have Windows XP SP2 and both the
> forewall/antivirus is ON. I performed a "shieldsUP!" test in www.grc.com
> and
> the 23,80 and 443 ports are wide open. Linksys has verified my router and
> appears to be in good condition (properly secure). What can I do to
> close/stealth those 3 ports ? Please advise.
>
> "David Beder [MSFT]" wrote:
>
>> The ports might remain open for a few seconds after the app crashed, but
>> will eventually get cleaned up/closed.
>>
>> --
>> David
>> Microsoft Windows Networking
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>>
>> "Kevin Remde" <KevinRemde@discussions.microsoft.com> wrote in message
>> news:A7CEBEBA-C06C-4F91-988E-71F08D826FC8@microsoft.com...
>> >I had an interesting question in a TechNet Briefing I delivered
>> >yesterday.
>> >A
>> > customer was wondering what would happen to ports that are open on
>> > behalf
>> > of
>> > an exception defined by application (an .exe listening for unsolicited
>> > ports), and that application did not close gracefully.
>> >
>> > The assumption is that if the .exe is not running, the ports aren't
>> > open.
>> > But is there any difference if the application crashed suddenly? Would
>> > the
>> > ports remain open?
>> >
>> > Thanks!
>> > --
>> > Kevin Remde
>> > IT Pro Evangelist
>> > Microsoft Corporation
>>
>>
>>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom