Puerto ICMP abierto

04/09/2004 - 12:27 por Tomás | Informe spam
Hola

He probado a hacerle un scan de puertos a mi máquina con el SP2 y me he
encontrado, con el ICMP abierto, cosa que antes no me pasaba con el SP1

He usado la página http://scan.sygate.com seccion quick scan

Po rlo que he visto en la configuracion del firewall de windows, eso se
refiere a solicitud de eco entrante que esta habilitada por defecto (no me
lo deja modificar).


Mi pregunta es si me debo preocupar por este tema



Service Ports Status Additional Information

ICMP 8 OPEN An ICMP ping request is usually used to test Internet
access. However, an attacker can use it to determine if your computer is
available and what OS you are running. This gives him valuable information
when he is determining what type of attack to use against you



Saludos

Preguntas similare

Leer las respuestas

#1 Tomás
04/09/2004 - 12:31 | Informe spam
Y estos son los resultados del stealth scan, que cuando tenía el SP1 daban
todos "blocked"


Debería de preocuparme?

Saludos y gracias


Tomás




Service Ports Status Additional Information
FTP DATA 20 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
FTP 21 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
SSH 22 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
TELNET 23 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
SMTP 25 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
DNS 53 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
DCC 59 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
FINGER 79 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
WEB 80 CLOSED This port has responded to our probes. This means that
you are not running any application on this port, but it is still possible
for someone to crash your computer through known TCP/IP stack
vulnerabilities.
POP3 110 CLOSED This port has responded to our probes. This means that
you are not running any application on this port, but it is still possible
for someone to crash your computer through known TCP/IP stack
vulnerabilities.
IDENT 113 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
NetBIOS 139 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
HTTPS 443 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
Server Message Block 445 OPEN In Windows 2000, Microsoft added the
possibility to run SMB directly over TCP/IP, without the extra layer of NBT.
SOCKS PROXY 1080 CLOSED This port has responded to our probes. This
means that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
SOURCE PORT 1370 CLOSED This is the port you are using to communicate
to our Web Server. A firewall that uses Stateful Packet Inspection will show
a 'BLOCKED' result for this port.
WEB PROXY 8080 BLOCKED This port has not responded to any of our
probes. It appears to be completely stealthed.
Respuesta Responder a este mensaje
#2 Tomás
04/09/2004 - 12:35 | Informe spam
Resuelto. Acabo de marcar la casilla "no permitir excepciones" en la
configuracion del firewall


Saludos


"Tomás" escribió en el mensaje
news:
Y estos son los resultados del stealth scan, que cuando tenía el SP1 daban
todos "blocked"


Debería de preocuparme?

Saludos y gracias


Tomás




Service Ports Status Additional Information
FTP DATA 20 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
FTP 21 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
SSH 22 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
TELNET 23 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
SMTP 25 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
DNS 53 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
DCC 59 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
FINGER 79 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
WEB 80 CLOSED This port has responded to our probes. This means that
you are not running any application on this port, but it is still possible
for someone to crash your computer through known TCP/IP stack
vulnerabilities.
POP3 110 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
IDENT 113 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
NetBIOS 139 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
HTTPS 443 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
Server Message Block 445 OPEN In Windows 2000, Microsoft added the
possibility to run SMB directly over TCP/IP, without the extra layer of
NBT.
SOCKS PROXY 1080 CLOSED This port has responded to our probes. This
means that you are not running any application on this port, but it is
still possible for someone to crash your computer through known TCP/IP
stack vulnerabilities.
SOURCE PORT 1370 CLOSED This is the port you are using to communicate
to our Web Server. A firewall that uses Stateful Packet Inspection will
show a 'BLOCKED' result for this port.
WEB PROXY 8080 BLOCKED This port has not responded to any of our
probes. It appears to be completely stealthed.



Respuesta Responder a este mensaje
#3 JM Tella Llop [MVP Windows]
04/09/2004 - 12:47 | Informe spam
Yo dejaría los valores por defecto, sobre todo si tienes red local a traves de un router ADSL y ademas salida a internet.. (en ese caso, si lees la documentacion se debe tener abierto). Además, hay ISP's que validan tu respuesta al ICMP 8 (eco local o ping) y si no respondes liberan la IP.

Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.




"Tomás" wrote in message news:
Resuelto. Acabo de marcar la casilla "no permitir excepciones" en la
configuracion del firewall


Saludos


"Tomás" escribió en el mensaje
news:
Y estos son los resultados del stealth scan, que cuando tenía el SP1 daban
todos "blocked"


Debería de preocuparme?

Saludos y gracias


Tomás




Service Ports Status Additional Information
FTP DATA 20 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
FTP 21 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
SSH 22 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
TELNET 23 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
SMTP 25 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
DNS 53 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
DCC 59 BLOCKED This port has not responded to any of our probes. It
appears to be completely stealthed.
FINGER 79 BLOCKED This port has not responded to any of our probes.
It appears to be completely stealthed.
WEB 80 CLOSED This port has responded to our probes. This means that
you are not running any application on this port, but it is still possible
for someone to crash your computer through known TCP/IP stack
vulnerabilities.
POP3 110 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
IDENT 113 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
NetBIOS 139 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
HTTPS 443 CLOSED This port has responded to our probes. This means
that you are not running any application on this port, but it is still
possible for someone to crash your computer through known TCP/IP stack
vulnerabilities.
Server Message Block 445 OPEN In Windows 2000, Microsoft added the
possibility to run SMB directly over TCP/IP, without the extra layer of
NBT.
SOCKS PROXY 1080 CLOSED This port has responded to our probes. This
means that you are not running any application on this port, but it is
still possible for someone to crash your computer through known TCP/IP
stack vulnerabilities.
SOURCE PORT 1370 CLOSED This is the port you are using to communicate
to our Web Server. A firewall that uses Stateful Packet Inspection will
show a 'BLOCKED' result for this port.
WEB PROXY 8080 BLOCKED This port has not responded to any of our
probes. It appears to be completely stealthed.







Respuesta Responder a este mensaje
#4 Waldin
04/09/2004 - 12:49 | Informe spam
Pues yo acabo de hacer el scan y me da los mismos resultados que con SP1.
Todos BLOCKED menos el ICMP 8 que sale OPEN.
(sin cambiar nada e nel firewall)

"Tomás" escribió en el mensaje
news:
Y estos son los resultados del stealth scan, que cuando tenía el SP1 daban
todos "blocked"


(...)
Respuesta Responder a este mensaje
#5 Kermin
04/09/2004 - 12:55 | Informe spam
entonces algo hay mal no?, porque a mi me sale eso igual
y creo que antes estaba todo blocked.

A ver si nos ayudan


Pues yo acabo de hacer el scan y me da los mismos


resultados que con SP1.
Todos BLOCKED menos el ICMP 8 que sale OPEN.
(sin cambiar nada e nel firewall)

"Tomás" escribió en el mensaje
news:
Y estos son los resultados del stealth scan, que cuando




tenía el SP1 daban
todos "blocked"


(...)


.

Respuesta Responder a este mensaje
Ads by Google
Help Hacer una preguntaSiguiente Respuesta Tengo una respuesta
Search Busqueda sugerida