Doug,
The point I was making, he said to blanket close all ports above
1024 - the respected audience if following these instructions,
especially on a networked PC (Home network reference say with a
standalone network printer and/or a few Linux machines), the user
may/may not relate closing the ports to say a database connection to
an MySQL database on another PC quit working, I believe 1040 is used
there, at least mine does, also, I have several other svhost services
running of other ports such as 1034, 1042, etc - which have nothing to
do with "Task Scheduler", which if disabled, completely prevents
connections to VNC hosts on my home network, and access to my
standalone network HP Printer on the router - and many of these
readers have hired people to come setup these home networks and now
they are going to have to pay to have someone fix it - all because
they blindly followed - close all ports above 1024 - true they
shouldn't blindly follow instructions they don't understand, but if
they did that, most of us would be out of a job :-)
--
Star Fleet Admiral Q @ your service
--------------------------------------------------------
"Doug Knox MS-MVP" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
I don't see why, if he's one of these experiencing this issue, he
doesn't use
NETSTAT -A -B
To see what program is trying to access port 1025. It may be task
scheduler, but I doubt it. Probaly something that's running as a
task.
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Star Fleet Admiral Q"
<Star_Fleet_Admiral_Q(NO-SPAM)@(FORGET-SPAM)hotmail.com> wrote in
message news:%(E-Mail Removed)...
> Question - if task scheduler is using port 1025, then why are you
> telling everyone to block all the other ports 1024 and 1026-65535?
> They may have other important applications running on those ports
and
> what you've told them just broke them - and yes, most people on
these
> groups are not "tech savey" so next there will be a post "My
> such-n-such all of sudden quit working" - be mindful of your
audience
> when suggesting.
>
> --
>
> Star Fleet Admiral Q @ your service
> --------------------------------------------------------
> "Erwin Michiels" <(E-Mail Removed)> wrote in
> message news:E2B7FF8B-0FC3-47FF-A25F-(E-Mail Removed)...
>> Many people seem to have noticed heavy traffic on port 1025. This
> traffic is caused by the task scheduler service hosted by
svchost.exe.
> This service opens port 1025 by default. There are two ways to block
> this traffic:
>>
>> 1) disable task scheduler service and reboot; be aware it is
> possible that prefetch, system restore and bootvis won't work
properly
> anymore;
>>
>> 2) deny inbound traffic for svchost.exe using TCP on the local
ports
> 1024-65535; you can use a firewall like Agnitum Outpost 1.0
(freeware)
> to configure your system this way (
> http://www.agnitum.com/download/outpost1.html ).
>>
>> To exploit task scheduler listening on port 1025, you can even
> download a tool from the net: remoxec from
> http://www.securityfriday.com/tools/Remoxec.html . This explains
> probably the amount of scans of port 1025.
>
>
Similar Threads
