From: Digest To: "OS/2GenAu Digest" Date: Sat, 4 Sep 2004 00:01:06 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Subject: [os2genau_digest] No. 931 Reply-To: X-List-Unsubscribe: www.os2site.com/list/ ************************************************** Friday 03 September 2004 Number 931 ************************************************** Subjects for today 1 Broadband Internet Security : Dennis Nolan 2 Re: Broadband Internet Security : Ken Laurie **= Email 1 ==========================** Date: Fri, 03 Sep 2004 19:34:13 +1000 From: Dennis Nolan Subject: Broadband Internet Security Hi all I come across a reference to www.grc dot com doing connection security scans, and so gave it a go. I went into the "ShieldsUp!" link and had it do various scanns. What surprised me is that I have three ports perminately OPEN The ports are Port 80 and Ports 254 and 255. Now Port 80 is the http server port, I've disabled the http server in the router/modem from the WAN side. For now I'll keep it enabled from the LAN side. So somewhere in eCS a http server seems to be running. Ports 254 and 255 are reserved, and should not be used. I can only think that I have allowed Remote Configuration to be installed during installation. Is there any way of finding out if a default eCS installation is enabeling and using these ports. Or am I or have I been paranoid/stupid??? Regards Dennis. ---------------------------------------------------------------------------------- **= Email 2 ==========================** Date: Fri, 03 Sep 2004 20:37:28 +1000 From: Ken Laurie Subject: Re: Broadband Internet Security Dennis ShieldsUp is a good product to use to check what is seen from the Internet. If port 80 is open there could be a number of reasons: * The port is not closed on the router, the http server may not be running but the port is still open. * You might have DTOC running, which defaults to port 80. You can check by telneting to the box on port 80, by using the telnet program under Internet utilities. Use vt100 and I got mine to give info by hitting ctrl-c and then enter. If you cannot telnet to the box on port 80 then port 80 is not open. You could also try one of the port scanning programs such as JPSCAN (Java) or Portscan (native os/2 program) to check what ports are open. Remember just because the router doesn't have port 80 explicitly open it may be open by default. hth Ken Dennis Nolan wrote: > Hi all > > I come across a reference to www.grc dot com doing connection security > scans, and so gave it a go. > > I went into the "ShieldsUp!" link and had it do various scanns. > > What surprised me is that I have three ports perminately OPEN > > The ports are Port 80 and Ports 254 and 255. > > Now Port 80 is the http server port, I've disabled the http server in > the router/modem from the WAN side. For now I'll keep it enabled from > the LAN side. > > So somewhere in eCS a http server seems to be running. > > Ports 254 and 255 are reserved, and should not be used. > > I can only think that I have allowed Remote Configuration to be > installed during installation. > > Is there any way of finding out if a default eCS installation is > enabeling and using these ports. > > Or am I or have I been paranoid/stupid??? > > Regards > > Dennis. > > > > > > ----------------------------------------------------------------------------------