PA
Thu Sep 23 02:03:51 CDT 2004
Port 135 is used by Exchange, among other applications.
TCP Ports and Microsoft Exchange: In-depth Discussion
http://support.microsoft.com/?kbid=176466
Again, see...
Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
http://support.microsoft.com/default.aspx?kbid=875357
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE)
José Joye wrote:
> Thanks,
>
> That's better now...
>
> However, I still have the port 135 which is open. I look at the exception
> and did not find anything related.
> Is there a way to close this port?
>
> José
>
> "Stephen Cartwright [MSFT]" <scart@online.microsoft.com> wrote in message
> news:%23npS5NznEHA.4056@TK2MSFTNGP09.phx.gbl...
>> It sounds like you have File and Print sharing exception enabled at least
>> for ports 139 and 445, this would also account why ICMP echo request is
>> being seen.. If you do not need to share this out then you can disable
>> the
>> exception as this does expose your machine as reported by the symantec
>> port scan
>>
>> --
>> Stephen Cartwright [MSFT]
>>
>> "This posting is provided "AS IS" with no warranties, and confers no
>> rights."
>>
>> "José Joye" <jose.joye@KILLTHESPAMSbluewin.ch> wrote in message
>> news:edecnVtnEHA.3876@TK2MSFTNGP15.phx.gbl...
>>> Thanks!
>>> José
>>> "PA Bear" <PABear@mvps.org> wrote in message
>>> news:e1lp02PnEHA.3196@TK2MSFTNGP10.phx.gbl...
>>>> The WinXP firewall is a one-way (incoming) firewall.
>>>>
>>>> For more help, see...
>>>>
>>>> Troubleshooting Your Installation of SP2
>>>>
>>>>
http://support.microsoft.com/default.aspx?scid=fh;[ln];xpsp2insttshoot
>>>>
>>>> Changes to Functionality in Microsoft Windows XP Service Pack 2
>>>> Network Protection
>>>>
>>>>
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx
>>>>
>>>> Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
>>>>
http://support.microsoft.com/default.aspx?kbid=875357
>>>> --
>>>> ~Robear Dyer (PA Bear)
>>>> MS MVP-Windows (IE/OE), AH-VSOP
>>>>
>>>> Are You Ready for WinXP SP2?
>>>>
http://www.microsoft.com/athome/security/protect/default.aspx
>>>>
>>>> WinXP SP2 Release Notes
>>>>
http://support.microsoft.com/default.aspx?scid=kb;en-us;835935
>>>>
>>>> AumHa Forums
>>>>
http://forum.aumha.org
>>>>
>>>> José Joye wrote:
>>>>> First, sorry if this has already been asked before. I goooooooogled to
>>>>> find
>>>>> it but did not get a clear evidence ;-)
>>>>>
>>>>>
>>>>> I installed the SP2 and activated the firewall.
>>>>> Then I went to Symantec and run their security checker
>>>>>
http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym
>>>>>
>>>>> It tells me that it is open to acker exposures:
>>>>>
>>>>> - ICMP ping --> Open (In the advanced
>>>>> tab,
>>>>> of my firewall for ICMP, this is not allowed???)
>>>>> - 135 Location Service (loc-srv) --> Open
>>>>> - 139 NetBios --> Closed
>>>>> - 445 WindowNT/2000 SMB --> Open
>>>>>
>>>>>
>>>>> I tried to look at the docs (...not sure where to find a good one) to
>>>>> see if
>>>>> I can close/hidde these ports --> but did not find any...
>>>>>
>>>>>
>>>>> Could someone tell me if it is possible to close these ports and how
>>>>> to
>>>>> amend the setting so as to be as safe as possible with the integrated
>>>>> firewall.
>>>>>
>>>>>
>>>>> Thanks,
>>>>> José