Hallo,
Vroeger scande ik mijn laptop online met deze link
SecuritySpace
bij xp windows 7, 8 8.1 waren alle poorten dicht en had ik altijd een perfecte uitslag
nu met windows 10 krijg ik dit
Port
[TD="class: xstitle"][/TD]
[TD="class: xstitle"]Protocol [/TD]
[TD="class: xstitle"]Probable Service [/TD]
[TD="bgcolor: #ff0000, colspan: 3"]
[/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] You appear to be to be running a mail gateway. You should make sure that your mail system cannot be used as a mail relay. Internet SPAM, also known as UBE (unsolicited bulk email) is a problem on the internet, and spammers (those that send this type of mail) will often use poorly configured mail systems to deliver mail on their behalf. This deflects the wrath of many system administrators to YOU, the owner/operator of the misconfigured service. It can also result in you being placed in one of several on-line databases that list you as allowing mail-relay, the end-result being that some mail systems will reject any mail you try to send. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] You appear to be running a Domain Name Server (DNS). You should be aware of the following potential problems: DNS Cache Poisoning
DNS Cache Poisoning is a mechanism whereby your DNS server is tricked into thinking that the IP address for a given name is something other than what it really is. This can result in users of this DNS server being "hijacked", or sent to sites that they really didn't want to go to. Worse yet, many secure web servers (SSL), if they offer their users a "login" to secure account data, could have their user's login credentials stolen. All versions of BIND prior to 8.1.1 (8.x series) and 4.9.6 (4.x series) are susceptible to this type of attack.
To determine if the DNS server you are currently using is susceptible to this attack, click here . If you get an error messaging back saying URL could not be retrieved (or similar), then your server is not vulnerable.
DNS Zone Transfer
You should disable DNS zone transfers - the only legitimate use of DNS zone transfers that we have seen is web survey companies that use it to get a list of hosts on your network. (By the way, E-Soft does NOT do that.) More often, DNS zone transfers is a convenient way for an attacker to get a list of the various machines that are running on your network.
If you have both an internal network and an external network visible to the internet, you should consider splitting DNS functionality over two servers if you have not already done so. That way, your internet visible servers are served by one DNS server (also visible to the internet), and your internal environment is served by a second DNS server (not visible to the internet).
[/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] Defined as a "Location Service" in RFC1060, pre-SP3 versions of Windows NT were susceptible to a denial of service attack on this port that would cause NT's rpcss.exe process to consume all available CPU cycles. The (easiest) recovery from this attack is to reboot your machine. You should do one of several things: a) upgrade/patch your operating system to make sure it is not susceptible to this attack; b) firewall your system so that port 135 is not visible from the internet c) configure your router to block port 135; d) Install one of several monitoring packages on your PC that block this denial of service.
[/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] Port 139 is used on Windows machines for NetBios name resolution, WINS, etc. A problem with older unpatched versions of Windows is that they are susceptible to receipt of Out-Of-Band (OOB) data. This means that someone can remotely send you OOB data on port 139 and can cause numerous problems on your machine, including but not limited to machine lockups, blue screens, loss of internet connection. You should do one of several things: a) upgrade/patch your operating system to make sure it is not susceptible to this attack; b) firewall your system so that port 139 is not visible from the internet c) configure your router to block port 139; d) Install one of several monitoring packages on your PC that block this denial of service.
[/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] This service, used in Windows 2000, provides an alternative to NetBIOS name resolution. By default, both NetBIOS and direct hosting support are enabled during install time. No exploits or vulnerabilities are known at this point in time concerning this service. Nevertheless, we recommend that you treat this service the same way as NetBIOS: a) firewall the system, and/or b) configure your router to block port 445. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"][/TD]
[TD="bgcolor: #ff0000, colspan: 3"]
[/TD]
[TD="colspan: 3"]Number of open ports found by port scan: 19 [/TD]
sorry voor het vele leeswerk maar hoe komt het dat er nu zoveel poorten open staan en zoveel kwetsbaarheden.
Moet ik commode firewall installeren of iets anders (suggestie) ik weet niet hoe dit komt van volledige bescherming naar nu een open poorten laptop.
Wie weet raad, het zal voor velen misschien ook een interessant onderwerp zijn, en nogmaals sorry voor het leeswerk.
alvast bedankt
groetjes
ed
Vroeger scande ik mijn laptop online met deze link
SecuritySpace
bij xp windows 7, 8 8.1 waren alle poorten dicht en had ik altijd een perfecte uitslag
nu met windows 10 krijg ik dit
Port
| 25 | smtp |
| 53 | domain |
| 135 | msrpc |
| 137 | netbios-ns |
| 138 | netbios-dgm |
| 139 | netbios-ssn |
| 161 | snmp |
| 162 | snmptrap |
| 445 | microsoft-ds |
| 1080 | socks |
| 1234 | hotline |
| 1999 | tcp-id-port |
| 2140 | |
| 3137 | |
| 4444 | krb524 |
| 6776 | |
| 20034 | |
| 27374 | subseven |
| 65301 | pcanywhere |
[TD="class: xstitle"][/TD]
[TD="class: xstitle"]Protocol [/TD]
[TD="class: xstitle"]Probable Service [/TD]
[TD="bgcolor: #ff0000, colspan: 3"]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] You appear to be to be running a mail gateway. You should make sure that your mail system cannot be used as a mail relay. Internet SPAM, also known as UBE (unsolicited bulk email) is a problem on the internet, and spammers (those that send this type of mail) will often use poorly configured mail systems to deliver mail on their behalf. This deflects the wrath of many system administrators to YOU, the owner/operator of the misconfigured service. It can also result in you being placed in one of several on-line databases that list you as allowing mail-relay, the end-result being that some mail systems will reject any mail you try to send. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] You appear to be running a Domain Name Server (DNS). You should be aware of the following potential problems: DNS Cache Poisoning
DNS Cache Poisoning is a mechanism whereby your DNS server is tricked into thinking that the IP address for a given name is something other than what it really is. This can result in users of this DNS server being "hijacked", or sent to sites that they really didn't want to go to. Worse yet, many secure web servers (SSL), if they offer their users a "login" to secure account data, could have their user's login credentials stolen. All versions of BIND prior to 8.1.1 (8.x series) and 4.9.6 (4.x series) are susceptible to this type of attack.
To determine if the DNS server you are currently using is susceptible to this attack, click here . If you get an error messaging back saying URL could not be retrieved (or similar), then your server is not vulnerable.
DNS Zone Transfer
You should disable DNS zone transfers - the only legitimate use of DNS zone transfers that we have seen is web survey companies that use it to get a list of hosts on your network. (By the way, E-Soft does NOT do that.) More often, DNS zone transfers is a convenient way for an attacker to get a list of the various machines that are running on your network.
If you have both an internal network and an external network visible to the internet, you should consider splitting DNS functionality over two servers if you have not already done so. That way, your internet visible servers are served by one DNS server (also visible to the internet), and your internal environment is served by a second DNS server (not visible to the internet).
[/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] Defined as a "Location Service" in RFC1060, pre-SP3 versions of Windows NT were susceptible to a denial of service attack on this port that would cause NT's rpcss.exe process to consume all available CPU cycles. The (easiest) recovery from this attack is to reboot your machine. You should do one of several things: a) upgrade/patch your operating system to make sure it is not susceptible to this attack; b) firewall your system so that port 135 is not visible from the internet c) configure your router to block port 135; d) Install one of several monitoring packages on your PC that block this denial of service.
[/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] Port 139 is used on Windows machines for NetBios name resolution, WINS, etc. A problem with older unpatched versions of Windows is that they are susceptible to receipt of Out-Of-Band (OOB) data. This means that someone can remotely send you OOB data on port 139 and can cause numerous problems on your machine, including but not limited to machine lockups, blue screens, loss of internet connection. You should do one of several things: a) upgrade/patch your operating system to make sure it is not susceptible to this attack; b) firewall your system so that port 139 is not visible from the internet c) configure your router to block port 139; d) Install one of several monitoring packages on your PC that block this denial of service.
[/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] This service, used in Windows 2000, provides an alternative to NetBIOS name resolution. By default, both NetBIOS and direct hosting support are enabled during install time. No exploits or vulnerabilities are known at this point in time concerning this service. Nevertheless, we recommend that you treat this service the same way as NetBIOS: a) firewall the system, and/or b) configure your router to block port 445. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"] [/TD]
[TD="width: 15%"]TCP [/TD]
[TD="colspan: 2"] No description available for this port at this time. [/TD]
[TD="colspan: 3"][/TD]
[TD="bgcolor: #ff0000, colspan: 3"]
[TD="colspan: 3"]Number of open ports found by port scan: 19 [/TD]
sorry voor het vele leeswerk maar hoe komt het dat er nu zoveel poorten open staan en zoveel kwetsbaarheden.
Moet ik commode firewall installeren of iets anders (suggestie) ik weet niet hoe dit komt van volledige bescherming naar nu een open poorten laptop.
Wie weet raad, het zal voor velen misschien ook een interessant onderwerp zijn, en nogmaals sorry voor het leeswerk.
alvast bedankt
groetjes
ed
