Security

[Sim]

Hello. Iam new here so i dont know what iam gonna
expected. Right as norton says they can help in any
issues and solve it. Yes they do but also they dont you
have to phone them for a price. I dont need that.

As i did a security checki got these vunerabilities that
i need help with.


1) SSH. TCP connections to this port might indicate a
search for SSH, which has a few exploitable features. SSH
is a secure replacement for Telnet. The most common uses
of SSH are to securely login and copy files from a server.

2)Ping. Ping is a network troubleshooting utility. It
asks your computer to acknowledge its existence. If your
computer responds positively to a ping, hackers are more
likely to target your computer.

3) HTTP (Hypertext Transfer Protocol). HTTP is used to
transfer Web pages over the Internet. Port 80 should be
open only if you're running a Web server

4)Unused Windows Services Block

now as i search norton knowlege base. Nothink oh the
listed itiem where there.

Can some one please help me to sort them out because i do
not know what they mean at all.
thanks

 

[Mike Bright MSP]

Hey Sim,

So the most important thing is do you have a Firewall?

Let's put it in the context of a house, you have doors
and windows (open/shut). So at the moment you house has a
few windows open. In this case SSH, Ping e.t.c.

You can use your firewall to tell anyone who tries to
open these windows that they are locked.

So to put it back to a PC context, the issue's stated are
Port's that are open on you PC when on the internet. So
just like a buglar would go through the window, the
hacker goes through the Port.

What you need to do is using you firewall is close the
port's down.

Once you have posted back if you have a firewall or not,
we can talk you through switching it on / locking those
ports.

Regards

Mike Bright MCP, MSP

e:[email protected]

 

[simon]

Yea i hava ive got the lastest

Norton personal Firewall.
Norton Inter Security 2004 installed and up and running.

Thanks for helping me. So what do i do next.

 

[Juergen Heinzl]

Hello. Iam new here so i dont know what iam gonna
expected. Right as norton says they can help in any
issues and solve it. Yes they do but also they dont you
have to phone them for a price. I dont need that.

As i did a security checki got these vunerabilities that
i need help with.


1) SSH. TCP connections to this port might indicate a
search for SSH, which has a few exploitable features. SSH
is a secure replacement for Telnet. The most common uses
of SSH are to securely login and copy files from a server. [-]
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci214091,00.html

2)Ping. Ping is a network troubleshooting utility. It
asks your computer to acknowledge its existence. If your
computer responds positively to a ping, hackers are more
likely to target your computer.

[-]
A successful ping tells me that yes, there is a machine listening there
and yes, it may make sense to do some further probing.

3) HTTP (Hypertext Transfer Protocol). HTTP is used to
transfer Web pages over the Internet. Port 80 should be
open only if you're running a Web server

[-]
As it is the case with any other port -- as long as you do not provide
any service to the world out there do not allow any incoming packets on
that port.

4)Unused Windows Services Block

[-]
Seems like some process(es) / service(s) are running Norton does not
know about. netstat -nao is going to tell you more and a decent process
viewer, the taskmanager does not show everything, you can identify what
it is.

Contrary to XP's current ICF personal "firewalls" may complain about
legit outgoing traffic, too.

Cheers,
Juergen