S
Thu Apr 29 05:56:47 CDT 2004
There are numerous online port scanners - they all are pretty much the same.
But using netstat -an from local computer or telnetting to local TCP port
(telnet your_IP_address 25 for SMTP), as indicated by Lanwench , is a good
start. Or you can run a port scanner agains yourself!
--
Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-
"Lem Lo" <asdf@asdf.com> wrote in message news:40905A5E.9050602@asdf.com...
> Thanks Ozone. I will try webattack. How is it different from SHIELDS UP?
>
> This was a new computer out of the box with AOL added. IIS is not
> running as far as I can tell.
>
> Any other ideas?
>
> Ozone wrote:
> > IIS 5 installs the SMTP service if selected during the install of IIS.
This
> > could be what is listening on that port. Also, take a look at active
ports
> >
http://www.webattack.com/get/activeports.shtml
> > to see what process is using that port.
> >
> > HTH
> > Ozone
> > "Lanwench [MVP - Exchange]"
> > <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in
message
> > news:uKeHt7uJEHA.232@TK2MSFTNGP12.phx.gbl...
> >
> >>Did you see my reply and my suggestion that you telnet to localhost on
> >
> > port
> >
> >>25 to see what's listening?
> >>
> >>Lem Lo wrote:
> >>
> >>>Good information Norman. Thanks from all of us. I have a similar
> >>>problem on one of my computers, but Sheilds up always shows port 25
> >>>open. I am using a Linksys router with NAT, so it shouldn't be a
> >>>problem, just wondering why port 25 should be open like that.. any
> >>>ideas?
> >>>
> >>>Thanks again for your knowledgable answers
> >>>
> >>>N. Miller wrote:
> >>>
> >>>>In article <0e3501c42604$58e39110$a401280a@phx.gbl>,
> >>>>anonymous@discussions.microsoft.com says...
> >>>>
> >>>>
> >>>>
> >>>>>Shields Up security scans show that at various times of
> >>>>>the day my port 25 is open. Other times it is closed.
> >>>>
> >>>>
> >>>>That is suspicious.
> >>>>
> >>>>
> >>>>
> >>>>>My isp is AOL and i use the AOL e-mail program.
> >>>>
> >>>>
> >>>>Even more so because, AFAIK, AOL does not install any program which
> >>>>would be listening on port 25.
> >>>>
> >>>>
> >>>>
> >>>>>I also have a Hotmail account but can only recieve Hotmail,
> >>>>>I can not send it because Outlook Express does not work with AOL.
> >>>>
> >>>>
> >>>>MSOE requires HTTP access to the Hotmail servers for sending, as
> >>>>well as receiving. Outgoing Hotmail messages don't go anywhere near
> >>>>port 25 when using MSOE. Not really relevant to your problem, but I
> >>>>don't know why it shouldn't work with AOL.
> >>>>
> >>>>
> >>>>
> >>>>>I have scanned for trojans and found none(NORTON).
> >>>>
> >>>>
> >>>>Norton? As in anti virus? Because I am not aware that Norton can
> >>>>find all Trojans. And it certainly can't find proxies, which this is
> >>>>starting to look like.
> >>>>
> >>>>
> >>>>
> >>>>>I also use Zone Alarm as my firewall.
> >>>>
> >>>>
> >>>>And ZA doesn't pop up a permission window when port 25 is active? Try
> >>>>resetting ZA so it starts asking for permissions again, and pay close
> >>>>attention to what is requesting server rights.
> >>>>
> >>>>
> >>>>
> >>>>>What could be causing port 25 to open and how do I close it.
> >>>>
> >>>>
> >>>>Not having access to your system, I can't say exactly. But it sounds
> >>>>like it could be some kind of hijack of your system. If you can find
> >>>>the process which is opening port 25, you can either kill it, if it
> >>>>is just a part of the WinOS, or remove it, if it is something else.
> >>>>
> >>>>If it really does appear to be a Trojan hijack, your best course is
> >>>>probably to salvage your data and rebuild your system from scratch.
> >>>>Learn how you were compromised so you can secure your rebuilt system.
> >>>
> >>
> >
> >
>
>