Old 19-05-2006   #1
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Port 22...can I close it?

I post here since I couldn't find a "Network" section.

After a Internet port scanning, it appears that my port 22 is open. How can I close it?
I have a D-Link 504T Router.

Thanks.
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #2
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
I post here since I couldn't find a "Network" section.

After a Internet port scanning, it appears that my port 22 is open. How can I close it?
I have a D-Link 504T Router.

Thanks.

Do a port scan using Gibson Research. If it finds a problem they usually offer a solution

http://www.grc.com/intro.htm

Shields up is what your looking for, down the page a bit.

The other thing you could do right away is forward the port 22 to a fake address like 192.168.1.10. Then it talks to empty space.
Attached Images
 
bkf is offline   Reply With Quote
Old 19-05-2006   #3
New on Forum
 
Join Date: May 2006
Location: Ottawa, CA
Posts: 8
Re: Port 22...can I close it?

Not sure what this has to do with CD/DVDs, but port 22 being open is an indicator that you are running some form of Secure Shell (SSH) server.

What OS are you using?

It should basically just be a matter of shutting down your SSH service for your OS. You could also always open up your router admin page and block incoming access to port 22.
JoeDuncan is offline   Reply With Quote
Old 19-05-2006   #4
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Quote:
Originally Posted by bkf
Do a port scan using Gibson Research. If it finds a problem they usually offer a solution

http://www.grc.com/intro.htm

Shields up is what your looking for, down the page a bit.
Thanks. It was with the "Common Ports" test of Shields up that I've found out of the opened 22 port .

Quote:
Originally Posted by bkf
The other thing you could do right away is forward the port 22 to a fake address like 192.168.1.10. Then it talks to empty space.
I have to find out how to do this.
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #5
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
Thanks. It was with the "Common Ports" test of Shields up that I've found out of the opened 22 port .



I have to find out how to do this.
.
Attached Images
 
bkf is offline   Reply With Quote
Old 19-05-2006   #6
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Quote:
Originally Posted by JoeDuncan
...
What OS are you using?
I have Windows Xp with SP2.
Quote:
Originally Posted by JoeDuncan
It should basically just be a matter of shutting down your SSH service for your OS. You could also always open up your router admin page and block incoming access to port 22.
I have to find out how to do that too .
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #7
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
I have Windows Xp with SP2.

I have to find out how to do that too .
router user manual, OS has nothing to do with it
bkf is offline   Reply With Quote
Old 19-05-2006   #8
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Quote:
Originally Posted by bkf
router user manual, OS has nothing to do with it
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #9
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Quote:
Originally Posted by bkf
...
.
The other thing you could do right away is forward the port 22 to a fake address like 192.168.1.10. Then it talks to empty space.
I tried this and the "Common Port" test reports that the 22 port it's now in Stealth mode, but strangely the complete test Failed (even if the other port were closed or in stealth )
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #10
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Even the "All Service Ports" gave me a Failed!
Attached Images
 
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #11
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
I tried this and the "Common Port" test reports that the 22 port it's now in Stealth mode, but strangely the complete test Failed (even if the other port were closed or in stealth )
Then you got something still open in the first 1056 ports, 113 closed?

Don't do commen, do all
bkf is offline   Reply With Quote
Old 19-05-2006   #12
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Quote:
Originally Posted by bkf
Then you got something still open in the first 1056 ports, 113 closed?

Don't do commen, do all
Look previous post .
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #13
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

The TEXT SUMMARY:

GRC Port Authority Report created on UTC: 2006-05-19 at 16:33:19

Results from scan of ports: 0-1055

0 Ports Open
850 Ports Closed
206 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be STEALTH were: 2, 6, 15, 20, 22, 24, 25, 26,
32, 39, 43, 48, 51, 56, 60,
64, 70, 75, 78, 83, 88, 91,
96, 103, 110, 111, 116, 119,
124, 134, 135, 138, 139, 143,
144, 147, 156, 159, 171, 172,
174, 179, 182, 187, 192, 198,
201, 206, 210, 215, 218, 227,
234, 241, 247, 250, 255, 265,
270, 273, 276, 279, 287, 291,
295, 306, 310, 313, 319, 321,
329, 332, 338, 342, 345, 355,
366, 369, 374, 378, 387, 397,
400, 406, 409, 416, 421, 432,
442, 445, 446, 450, 456, 459,
462, 467, 474, 486, 490, 495,
501, 505, 506, 510, 520, 524,
529, 533, 538, 543, 552, 556,
560, 563, 567, 569, 578, 584,
587, 592, 593, 599, 608, 615,
620, 624, 628, 631, 646, 649,
654, 660, 667, 671, 678, 681,
687, 692, 696, 700, 704, 710,
715, 719, 722, 724, 736, 740,
746, 749, 758, 762, 768, 769,
777, 779, 783, 796, 807, 809,
812, 819, 823, 831, 837, 840,
844, 855, 859, 862, 866, 874,
878, 882, 887, 891, 895, 901,
903, 908, 915, 923, 927, 933,
936, 940, 951, 955, 959, 963,
970, 978, 982, 986, 991, 997,
1005, 1010, 1018, 1023, 1028,
1035, 1041, 1046, 1050, 1055

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.


Strange.
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #14
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
Look previous post .
your showing alot of closed ports, not stealth but dead to the rest of the world
Attached Images
 
bkf is offline   Reply With Quote
Old 19-05-2006   #15
New on Forum
 
Join Date: May 2006
Location: Ottawa, CA
Posts: 8
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
I have Windows Xp with SP2.
Goto "Control Panel==>Admin Tools=>Services"

Disable any service called "SSH" or "Remote Login".

To close port 22 completely you will have to check in your router manual on how to close ports. It should be fairly straight forward.

By redirecting port 22 to a non-existant machine, you have effectively "stealthed" that port.

I am a little concerned at the *huge* number of stealthed ports being reported for your machine. You should only ever have a handful at most. I would immediately close down all unknown incoming ports on your router (unless you are running a server, shutdown everything), disconnect your PC from the net and run a full virus and spyware scan. After that, hook it back up and re-open ports on your router as you need them.

Also installing a personal firewall like Kerio or ZoneAlarm would be a good idea.
JoeDuncan is offline   Reply With Quote
Old 19-05-2006   #16
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by JoeDuncan
Goto "Control Panel==>Admin Tools=>Services"

Disable any service called "SSH" or "Remote Login".

To close port 22 completely you will have to check in your router manual on how to close ports. It should be fairly straight forward.

By redirecting port 22 to a non-existant machine, you have effectively "stealthed" that port.

I am a little concerned at the *huge* number of stealthed ports being reported for your machine. You should only ever have a handful at most. I would immediately close down all unknown incoming ports on your router (unless you are running a server, shutdown everything), disconnect your PC from the net and run a full virus and spyware scan. After that, hook it back up and re-open ports on your router as you need them.

Also installing a personal firewall like Kerio or ZoneAlarm would be a good idea.
Yep that is an ugly scan
bkf is offline   Reply With Quote
Old 19-05-2006   #17
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

*OFF Topic*
Quote:
Originally Posted by bkf
your showing alot of closed ports, not stealth but dead to the rest of the world, your safe
Did I imagined the Huston phrase? I'm being six hours on the PC and I'm afraid I'm imagining things .
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #18
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Quote:
Originally Posted by Vampire666
*OFF Topic*


Did I imagined the Huston phrase? I'm being six hours on the PC and I'm afraid I'm imagining things .

Has to be the drugs
bkf is offline   Reply With Quote
Old 19-05-2006   #19
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

*Off Topic*

Quote:
Originally Posted by bkf
Has to be the drugs
Or a combination of the two .
P.S. I'm just kidding...
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #20
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

Freaking strange!
I've stopped all the "useless" programs and look at the results...even more stealth ports .

Every night I scan my PC with Ad-Aware SE Professional and Spybot - Search & Destroy (both up to date).
Attached Images
 
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #21
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

GRC Port Authority Report created on UTC: 2006-05-19 at 16:54:48

Results from scan of ports: 0-1055

0 Ports Open
827 Ports Closed
229 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be STEALTH were: 0, 7, 12, 16, 20, 22, 24, 25,
29, 33, 39, 43, 48, 52, 61,
64, 71, 75, 79, 84, 88, 92,
97, 103, 107, 110, 111, 116,
120, 124, 128, 134, 135, 139,
140, 143, 144, 151, 156, 160,
166, 171, 175, 184, 187, 192,
197, 202, 207, 215, 219, 230,
234, 239, 242, 247, 251, 255,
262, 266, 271, 274, 279, 283,
287, 294, 298, 302, 306, 311,
319, 326, 329, 334, 338, 342,
351, 355, 361, 366, 374, 379,
383, 387, 393, 397, 402, 406,
410, 418, 425, 429, 434, 438,
442, 445, 447, 452, 457, 461,
465, 470, 474, 478, 484, 489,
493, 497, 502, 505, 510, 516,
520, 525, 529, 533, 537, 542,
548, 552, 557, 560, 565, 569,
573, 580, 584, 588, 592, 593,
597, 601, 605, 612, 615, 620,
624, 628, 633, 637, 641, 648,
652, 655, 660, 665, 668, 673,
679, 683, 688, 692, 696, 701,
704, 711, 715, 720, 724, 728,
732, 736, 743, 747, 751, 756,
760, 764, 768, 775, 779, 783,
788, 791, 796, 800, 807, 810,
815, 820, 823, 828, 832, 838,
843, 847, 851, 855, 860, 864,
870, 875, 878, 883, 887, 891,
896, 902, 906, 910, 915, 919,
923, 933, 938, 942, 946, 951,
955, 959, 965, 970, 974, 978,
987, 991, 998, 1001, 1006, 1010,
1014, 1019, 1023, 1029, 1033,
1038, 1046, 1051, 1054

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #22
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

At this page http://www.speedguide.net/portscan.php it looks that a Stealth port is even better than a Closed one, because it "appears" invisible, instead a close port is detected.

Open: Open ports offer services that are potentialy vulnerable to attacks! All ports should be closed or filtered, unless you specifically require some open (and know exactly what they are).

Closed:
Ports in this category respond to our scan, however appear to be closed. This state offers medium security. It still reveals that your system is up, and might provide some additional fingerprinting information to potential intruders.

Filtered: Filtered ports do not respond to a portscan at all, they don't appear to exist. This is the best security level for your ports, as it provides no information about your system or its existence (a.k.a. black hole).

Filtered?: Filtered UDP ports do not respond to a scan as well. However, the UDP protocol is not lossless, and does not respond to all requests by definition. Therefore, the lack of response does not guarantee that a port is being filtered. We have send a few requests without response, and it is reasonable to believe the ports are filtered.
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #23
CD Freaks Member
 
Vampire666's Avatar
 
Join Date: Jan 2005
Location: Italy (Città: Dei mona e della Bora)
Posts: 210
Re: Port 22...can I close it?

This Closed VS Filtered port does sense to me. Imagine if the ports were external door of a mansion (the PC), if the doors are hidden (stealth mode) you don’t know the existence of them, so you won’t even think of try to enter trough them. A closed door (closed port) instead reveals its presents…if there’s a capable thief (hacker) it could open the door with a look pick (hacking software).

.....the bad thing is if the stealth port is somehow revealed (through adware)...letting even inexperienced hackers to enter.
Vampire666 is offline   Reply With Quote
Old 19-05-2006   #24
bkf
Banned
 
bkf's Avatar
 
Join Date: Aug 2004
Location: Earth
Posts: 1,685
Re: Port 22...can I close it?

Vamp it sure sounds like a router issue. A router blocks all on it's own. You got the latest firmware?
bkf is offline   Reply With Quote
Old 20-05-2006   #25
MyCE Resident
 
Nemesys's Avatar
 
Join Date: Jun 2002
Location: Florida, USA
Posts: 1,361
Re: Port 22...can I close it?

By default all router ports should be closed.
If your system does not respond to external Internet requests then the port is listed as Stealth.
If the system responds but indicates that the port is closed then the port is listed as such.

Routers themselves should be set to ignore WAN requests or Block Anonymous Internet Requests. By doing this, they do not respond and would be listed as Stealth.

Some router manufacturers had problems with Port 113. The routers would always respond that the port is closed instead of simply not responding. Manufacturers like Linksys have addressed this issue with firmware upgrades for the affected router models.

It appears that the Service Filtering on the routers Firewall Configuration is improperly set.
__________________
Case: Cooler Master HAF 932 Full Tower Motherboard: ASUS P8P67 Deluxe CPU: Intel Core i7-2600K 3.4GHz @ 4.8GHz (Cooler Master V8 CPU Cooling) RAM: 8GB Corsair Dominator DDR3 PC12800 Video Card: EVGA GTX460 1GB Sound Card: Creative X-Fi Xtreme Audio Monitor: HP 2711x (27” LED) Audio System: MASSIVE PSU: Silverstone Strider Plus 1000W
DVD-RAM: Lite-On iHAS524
DVD-RAM: Lite-On LH-20A1L BL06
Hard Drive (Internal Storage): Seagate Barracuda 1TB SATA II File Storage
Hard Drive (Removables): ICY DOCK MB877SK SATA Screw-Less Mobile Rack
Drive #1. 128GB OCZ Vertex 4 SSD Win 8 Professional
Drive #2. 90GB OCZ Vertex 2 SSD WIN 7 Ultimate
Drive #3. Seagate Barracuda 250GB SATA II WIN XP x64 Professional
Drive #4. Seagate Barracuda 320GB SATA II Testing

Last edited by Nemesys; 20-05-2006 at 02:58.
Nemesys is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
usb port not working denmick General Hardware Forum 14 15-02-2011 16:09
USB Port Problems Seven of Nine General Hardware Forum 2 11-11-2007 03:16
Help with opening port liljerry217 Downloading & File Sharing 11 11-06-2007 22:31
Scan port jenet Italian: Chat 2 08-04-2006 11:48
port 6881 MJL54 Downloading & File Sharing 2 02-02-2006 10:49


All times are GMT +2. The time now is 16:03.
Top