common port scan?

Paul · Admin Joined: Feb 22, 2002 Posts: 4471 Location: USA

What anti-virus kit are you using, and when was it last updated?

elcid123 · Trooper Joined: Mar 02, 2004 Posts: 14 Location: UK

Hello Paul, AVG 7 Pro , program version 7.0.225, virus base 262.1.4, release date 03/03/2004 .
Also Finjan surfinguard pro, version 5,70 (build 295)
Also Ad-aware 6 Pro, installed core application: 6.181, spybot s&d and The Cleaner pro 3.5 build 3528, and Webroots Spy sweeper (unsubscribed version) Hope this helps?

Steve

Paul · Admin Joined: Feb 22, 2002 Posts: 4471 Location: USA

Lets try a more detailed TCP Port scan then beyond the common ports.

elcid123 · Trooper Joined: Mar 02, 2004 Posts: 14 Location: UK

Hello Paul, Ive tried the 1000 tcp port scan and no open ports were detected
Also the Trojan scan: no Trojans detected.
The UDP scan will not run or respond also the nmap scan.
What else would you suggest?

P.S
It is now 6. 41 PM GMT in the UK so I'll not be at my PC till latter

Paul · Admin Joined: Feb 22, 2002 Posts: 4471 Location: USA

Try running this application:

http://www.diamondcs.com.au/portexplorer/

elcid123 · Trooper Joined: Mar 02, 2004 Posts: 14 Location: UK

It seems to be port 127.0.0.1 first it was highlighted in red and AVG's e-mail scanner was useing it so I killed it, Then I ran the commom port scan again and it was connection refused on ALL PORTS 6346 and 1214.
I closed my browser down and opened it up again ran the common port test and the 2 ports were open again, so I went back into diamondCS and found port 127.0.0.1 there again this time being in use by iexplore.exe?

Steve

elcid123 · Trooper Joined: Mar 02, 2004 Posts: 14 Location: UK

Hello Paul, port 127.0.0.1 is a loopback port for use with a dos window ping 127.0.0.1. I thought that I'd seen it before some where. So I still have no idea whats happening with my security and how the packets are getting thru ports 6346 1214, diamondCS shows all traffic in black?

elcid123 · Trooper Joined: Mar 02, 2004 Posts: 14 Location: UK

Hello Paul, have you given up? It seems that you have because you have not posted? I thought that you could have helped me to sort out these 2 open ports, can anyone help?

steve

Paul · Admin Joined: Feb 22, 2002 Posts: 4471 Location: USA

No not that... I've been somewhat busy coding enhancements to the site. Lets pick it back up this week.

elcid123 · Trooper Joined: Mar 02, 2004 Posts: 14 Location: UK

Thanks Paul, I do apologize I am grateful that you have taken the time to assist me with this problem, and forgot as an administratorstrator you are busy with other tasks also.
I was thinking of seeing whether I could configure zone alarm pro to block access to these two ports, however do not reply until you have the time.

Steve

Paul · Admin Joined: Feb 22, 2002 Posts: 4471 Location: USA

While we're at it, can you also show your HijackThis logfile?

http://computercops.biz/downloads-file-...11.03.html


	Home ˇ Topics ˇ Submit News ˇ Top 10 This entire site, Cops Themes, and Computer Cops are Š 2002 - 2004 Computer Cops, LLC. All rights reserved. You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0. Acceptable Use Policy. Use signifies your agreement. Engine Copyright Š 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member. Paul Laudanski, Member of Computer Cops, LLC Server Load: 639 pages served in previous 5 minutes. Page Generation: 0.373 seconds.