From: Digest <deadmail>
To: "OS/2GenAu Digest"<deadmail>
Date: Sat, 4 Sep 2004 00:01:06 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600
Subject: [os2genau_digest] No. 931
Reply-To: <deadmail>
X-List-Unsubscribe: www.os2site.com/list/

**************************************************
Friday 03 September 2004
 Number  931
**************************************************

Subjects for today
 
1   Broadband Internet Security : Dennis Nolan <dennik at swiftdsl dot com dot au>
2  Re:  Broadband Internet Security : Ken Laurie <ken.laurie at graeleah dot com>

**= Email   1 ==========================**

Date:  Fri, 03 Sep 2004 19:34:13 +1000
From:  Dennis Nolan <dennik at swiftdsl dot com dot au>
Subject:   Broadband Internet Security

Hi all

I come across a reference to www.grc dot com doing connection security 
scans, and so gave it a go.

I went into the "ShieldsUp!" link and had it do various scanns.

What surprised me is that I have three ports perminately OPEN

The ports are Port 80 and Ports 254 and 255.

Now Port 80 is the http server port, I've disabled the http server in 
the router/modem from the WAN side.  For now I'll keep it enabled from 
the  LAN  side.

So somewhere in eCS a  http server seems to be running.

Ports 254 and 255 are reserved, and should not be used.

I can only think that I have allowed Remote Configuration to be 
installed during installation.

Is there any way of finding out if a default eCS installation is 
enabeling and using these ports.

Or am I or have I been paranoid/stupid???

Regards

Dennis.

 
----------------------------------------------------------------------------------
 

**= Email   2 ==========================**

Date:  Fri, 03 Sep 2004 20:37:28 +1000
From:  Ken Laurie <ken.laurie at graeleah dot com>
Subject:  Re:  Broadband Internet Security

Dennis

ShieldsUp is a good product to use to check what is seen from the 
Internet. If port 80 is open there could be a number of reasons:

    * The port is not closed on the router, the http server may not be
      running but the port is still open.
    * You might have DTOC running, which defaults to port 80.

You can check by telneting to the box on port 80, by using the telnet 
program under Internet utilities. Use vt100 and I got mine to give info 
by hitting ctrl-c and then enter. If you cannot telnet to the box on 
port 80 then port 80 is not open. You could also try one of the port 
scanning programs such as JPSCAN (Java) or Portscan (native os/2 
program) to check what ports are open.

Remember just because the router doesn't have port 80 explicitly open it 
may be open by default.

hth

Ken

Dennis Nolan wrote:

> Hi all
>
> I come across a reference to www.grc dot com doing connection security 
> scans, and so gave it a go.
>
> I went into the "ShieldsUp!" link and had it do various scanns.
>
> What surprised me is that I have three ports perminately OPEN
>
> The ports are Port 80 and Ports 254 and 255.
>
> Now Port 80 is the http server port, I've disabled the http server in 
> the router/modem from the WAN side.  For now I'll keep it enabled from 
> the  LAN  side.
>
> So somewhere in eCS a  http server seems to be running.
>
> Ports 254 and 255 are reserved, and should not be used.
>
> I can only think that I have allowed Remote Configuration to be 
> installed during installation.
>
> Is there any way of finding out if a default eCS installation is 
> enabeling and using these ports.
>
> Or am I or have I been paranoid/stupid???
>
> Regards
>
> Dennis.
>
>
 
>
> 

>
>

----------------------------------------------------------------------------------
 

