How to close open ports manually?

[maheshr]

How to close open ports manually in windows xp(SP2)?
can anyone plz tell?

 

[6pack]

enable the inbuilt firewall or download a freeware firewall like comodo

 

[sarang]

rather than thinking about "Closing" unwanted ports, think about getting a decent personal firewall like Comodo or ZoneAlarm to block all ports and open only those which are needed.

 

[nukeu666]

firewall for dirty and easy

find which apps have that port open (google for netstat options) and shut them down

 

[maheshr]

firewall for dirty and easy
find which apps have that port open (google for netstat options) and shut them down

netstat -aso will list all the ports opened.But
which command is used to shut down the port?

 

[sarang]

@mahesh: a firewall is a safe and reliable option, stick to it. What nukeu is saying is same.

 

[viridian]

I've mentioned this before. You can't shutdown a port per se. You either block access to it or ensure that the application bound to the said port is killed. Remember, I can have port 80 open on my firewall and have nothing running on my system bound to port 80. While this is not a 100% good idea because if someone has exploited your system by say rooting an application running on another port (say XYZ application running on port 2000, which was allowed by firewall), she may be able to run a terminal on port 80 and have more fun with your system.

Point in case is that network ports are similar to physical ports (like USB, PS/2) only upto an extent. If someone sends a network packet to a network port that has nothing listening, the RFC for TCP/IP states that the OS must reply with a RST (rest) packet. In the case of physical ports, four pegs later, one might decided to repeatedly to plug in a USB device the wrong way and end up breaking damaging the pins.

 

[The Sauron]

Why you want to close ports? Any way use netstat -b to see all exe files associated with open ports.Close desired applications from task manager.

Zone Alarm Firewall can make system as ghost on Internet.No need to manually watch ports.

 

[hatter]

do a bit of googling... see what services you need and what not. Close all services that you don't need, then go to your router/modem configuration page and configure it.

Firewalls can help but if there are ports opened by your ISPs by default, you will have to tinker with your router/modem.

Most importantly, there will be open ports as you use the net but they should be hidden and should not respond to the WWW probes (if any) unless you have allowed them to (like when you use torrents).

 

[andy_shah_2000]

yea thts a good option "COMODO"

 

[maheshr]

I installed COMODO and it is working fine.

Thanx guys for your valuable suggestions.