Hello you All im here Coz i am conserned with some open Ports in my system and i wonder if some one Can help me ou with them i have tried everithing included Blocking this ports on the firewall But i ddint add sucess this are the ports that are open on my laptop if some one knows What i can do to block them or close them For ever Please Let me know this are my Netstat -ant
Special atention to the port number 50359 "ESCUTA Means LISTEN"
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:631 0.0.0.0:* ESCUTA
tcp 0 0 0.0.0.0:50359 0.0.0.0:* ESCUTA
tcp 0 0 88.210.73.177:57303 209.85.227.165:80 ESTABELECIDO
tcp 0 0 88.210.73.177:35294 209.85.227.154:80 ESTABELECIDO
tcp 0 0 88.210.73.177:35291 209.85.227.154:80 ESTABELECIDO
tcp 0 0 88.210.73.177:57301 209.85.227.165:80 ESTABELECIDO
tcp 0 0 88.210.73.177:57304 209.85.227.165:80 ESTABELECIDO
tcp 0 0 88.210.73.177:57306 209.85.227.165:80 ESTABELECIDO
tcp6 0 0 :::139 :::* ESCUTA
tcp6 0 0 ::1:631 :::* ESCUTA
tcp6 0 0 :::445 :::* ESCUTA
Consernerd with some open ports
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Consernerd with some open ports
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Consernerd with some open ports
Which application that you have installed requires port 50359 ? and is it a Linux connection or a window connection ?Monarch wrote:Hello you All im here Coz i am conserned with some open Ports in my system...
Special atention to the port number 50359 "ESCUTA Means LISTEN"
http://www.mysql-apache-php.com/importa ... _ports.htm
port numbers..
http://www.cyberciti.biz/tips/linux-dis ... owner.html
http://www.cyberciti.biz/faq/how-do-i-f ... sd-server/
http://blogs.techrepublic.com.com/security/?p=443
Your list
Code: Select all
]tcp 0 0 88.210.73.177:57303 209.85.227.165:80 ESTABELECIDO
tcp 0 0 88.210.73.177:35294 209.85.227.154:80 ESTABELECIDO
tcp 0 0 88.210.73.177:35291 209.85.227.154:80 ESTABELECIDO
Are you running a web server on your system
- http://ws.arin.net/whois/?queryinput=88.210.73.177
http://en.wikipedia.org/wiki/RIPE
http://www.ripe.net/
--that's Ripe, you use the Ripe network ?
http://ws.arin.net/whois/?queryinput=209.85.227.165
--that's google
--plus various other browser tweaks to eliminate cookies, history etc
--also install bleachbit, chkrootkit and rkhunter
bleachbit to clean history, thumbnails (images or ad pictures viewed), cache of browsers etc
chkrootkit to check for rootkits on the OS
rkhunter same reason..
I am also using an /etc/hosts file to block unwanted advertising or Mal-ware sites like doubleclick
- /etc/hosts
127.0.0.1 stats.adobe.com
127.0.0.1 goog-phish-shavar
127.0.0.1 goog-malware-shavar
http://www.mvps.org/winhelp2002/hosts.htm
This is mine
Code: Select all
netstat -aNt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:ipp 0.0.0.0:* LISTEN
tcp6 0 0 ::1:ipp :::* LISTEN
http://developer.novell.com/wiki/index. ... l_AppArmor
http://ubuntuforums.org/showthread.php?t=1008906
--available in repository
on terminal, check
- apt search apparmor
p apparmor - User-space parser utility for AppArmor
p apparmor-docs - Documentation for AppArmor
p apparmor-profiles - Profiles for AppArmor Security policies
p apparmor-utils - Utilities for controlling AppArmor
http://www.linuxsecurity.com/docs/harde ... ep.en.html
- in order to do a service hardening, make a list of services currently awake in your system.
$ ps -aux
$ netstat -pn -l -A inet
# /usr/sbin/lsof -i | grep LISTEN
http://almosteffortless.com/2009/05/15/ ... ian-lenny/
Re: Consernerd with some open ports
Hi
Port 445 is Microsoft Directory Services
Port 139 is Windows NetBIOS
Port 631 is IPP (Internet Printing Protocol)
127.0.0.1 and 0.0.0.0 are loopback addresses being
used by your firewall.
209.85.227.165 is Google.com
There's really nothing at all unusual about
your configuration.
If you want to permanently close ports 139 and 445
you have to modify the registry.
Are you really sure you want them closed
Port 445 is Microsoft Directory Services
Port 139 is Windows NetBIOS
Port 631 is IPP (Internet Printing Protocol)
127.0.0.1 and 0.0.0.0 are loopback addresses being
used by your firewall.
209.85.227.165 is Google.com
There's really nothing at all unusual about
your configuration.
If you want to permanently close ports 139 and 445
you have to modify the registry.
Are you really sure you want them closed
Re: Consernerd with some open ports
Which application that you have installed requires port 50359 ? and is it a Linux connection or a window connection ?
Hello ther i really dont know What aplication is using that port if i knew i would delete it i have instaled avira under Mint yes this is under linux
And Avira is not detecting virus or malware or rootkits i am familiarized with ports and theyr services under windows they are not diferent here what is conserning me is that this kinda of ports are always related to virus.....
Im not used to Linux this is something new to me so im going ahead to see if your advices fix my problem.
Hello ther i really dont know What aplication is using that port if i knew i would delete it i have instaled avira under Mint yes this is under linux
And Avira is not detecting virus or malware or rootkits i am familiarized with ports and theyr services under windows they are not diferent here what is conserning me is that this kinda of ports are always related to virus.....
Im not used to Linux this is something new to me so im going ahead to see if your advices fix my problem.
Re: Consernerd with some open ports
DrHu just found The Problem with one of the commands you show me over ther "sudo netstat -pn -l -A inet "
the program using that port i Avira lol i ddint knew this im sorry for the confusion and thanks for the tips
i realy apreciate it many thanks if is ther somethig i can do for you let me know
$ sudo netstat -pn -l -A inet
Ligações de Internet Activas (só servidores)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:631 0.0.0.0:* ESCUTA 3081/cupsd
tcp 0 0 0.0.0.0:50359 0.0.0.0:* ESCUTA 2601/avgu_stats
the program using that port i Avira lol i ddint knew this im sorry for the confusion and thanks for the tips
i realy apreciate it many thanks if is ther somethig i can do for you let me know
$ sudo netstat -pn -l -A inet
Ligações de Internet Activas (só servidores)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:631 0.0.0.0:* ESCUTA 3081/cupsd
tcp 0 0 0.0.0.0:50359 0.0.0.0:* ESCUTA 2601/avgu_stats