SANS Institute - Building a More Secure Network::
Routers connect traffic between two different networks, bridges merely pass packets from . Intranet access on TCP port 80, pop mail on TCP port 110, etc.
http://www2.sans.org/reading_room/whitepapers/modeling/1415.phpHOME |
I have Outpost 1.0.1807 on a Win98SE PC, with IE6, Norton Utils 2002 and NAV 2002. I also use POPFile, a Baysian spam filter, which operates through Port 110.
Hitherto, Gibson's 'Shields Up' said all ports stealthed. Today, Port 110 is merely closed.
Whatever you think about 'Shields Up', the fact is it said this port was stealthed, now it is not.
Only change I have made recently is have installed Spybot S&D, and SpywareBlaster.
I don't understand these things -
Is it possible that Spybot, or SpyBlaster have caused Port110 to announce it exists?
If it is merely closed, does that matter???
You could try creating a global rule denying incoming connections on port 110. Alternatively, tighten up the application rules for POPFile - it should only need to allow incoming POP3 traffic from 127.0.0.1 (it is running as a proxy, right?) and only needs POP3 Outgoing allowed to your mail server(s) to retrieve your emails (although it is pulling data in, it is initiating the connection so it does count as outgoing). Steve Jobs on Lack of Firewire in MacBooks - Page 110 - Mac Forums::
Jan 1, 2009 "Reality is merely an illusion, albeit a very persistent one. If Apple want's to rectify this, they could add a FW800 port to the MB,
http://forums.macrumors.com/showthread.php?t=583377&page=110HOME |
Michael Broadbent's Wine Vintages - Google Books Result::
href=http://books.google.com/books?id=Fs2GCkJZhxAC&pg=PA204&lpg=PA204&dq=Port+110+merely+'closed'&source=web&ots=Y7nIT5QgPe&sig=0BNIZmVUMyvf9GM86HEabohGzVE&hl=en&sa=X&oi=book_result&resnum=61&ct=result class=l onmousedown=return clk(this.href,,,res,76,)>Michael Broadbent's Wine Vintages - Google Books Resultby Michael Broadbent - 2003 - Cooking - 223 pagesThe reason I have not produced detailed vintage notes is not merely White port, never popular in the United Kingdom though delicious before lunch in a
http://books.google.com/books?id=Fs2GCkJZhxAC&pg=PA204&lpg=PA204&dq=Port+110+merely+'closed'&source=web&ots=Y7nIT5QgPe&sig=0BNIZmVUMyvf9GM86HEabohGzVE&hl=en&sa=X&oi=book_result&resnum=61&ct=resultHOME |
Global rules are created using the Options/System/Global Application and System Rules Settings. If wperl.exe is the executable used by POPFile, then I would suggest setting up rules in the following order:
Michael Covington's Daily Notebook::
After probing around a while, I determined that port 110 (POP3) was blocked. .. definitely not a first-person account from Judas, but merely another
http://www.covingtoninnovations.com/michael/blog/0712/index.htmlHOME |
Protocol TCP, Inbound, Pop3, Local Host 127.0.0.1, Allow (allow incoming requests from email client)
Protocol TCP, Inbound, Deny (block all other incoming traffic)
README file for the Spade v021031.1 ::
It merely knows that certain packets are relatively unusual and has an idea how as is often the case for port 110 (POP3) and port 53 (DNS) on client
http://www.cs.luc.edu/~pld/courses/447/sum08/class6/README.SpadeHOME |
Closed Cell Foam Pads Or Panels | Foam Rubber Pads | Foam Core Panels::
In vulgar parlance the condiments within his power; but merely deceived in his cell closed foam gaskets. I had little cell closed foam gaskets in forcing it
http://7.kdobtvkm.com/41HOME |
Protocol TCP, Outbound, Pop3, Allow (retrieve mail from server)
If a port is closed, attempts to connect to it result in an ICMP Port Unavailable message being returned to the sender. A stealthed port returns no such message. Although no connection is allowed in either case, stealthing is considered better as it provides no evidence that you even exist at a specific address and it makes it more difficult for an attacker to scan you (since they need to wait for a couple of seconds per port for a timeout, rather than getting an rapid response).
I would suggest, if you are concerned, that you rerun the test with POPFile off - this seems to be the most likely cause. The anti-trojan tools you list should have no reason to use port 110.
Thanks again. Did this, but I'm afraid to no effect.
So removed Wperl from list and allowed Wizard mode to create rule (s) for it, whereupon 110 stealthed!
POPFile Guide says it can be affected by spyware programs - have just installed Spybot and SpyBlaster
"You could try creating a global rule denying incoming connections on port 110"
I have tried to do this. I can't create a global rule, at all. So I created a rule for Wperl.exe for TCP, inbound, POP3, deny it, whereupon no change to emails (send and receive ok), and no change to Shields Up! - 110 still closed.
:confused:
Thank you for this:)
Correct. When I exit and shutdown POPFile, port 110 stealthed: when I reactivate it, closed.
I have not changed POPFile settings, at any time, so why it should now cause this, I don't know.
Assuming you are not familiar with POPFile, do you think it should be possible to tweak such a program so 110 is stealthed? It is a simple configuration, and I use just two plug-ins.
 Red Hat's Rough Recovery From CFO Exit
 Windows Live Finds a New, Pre-installed Home |
HOME
PRINT
Add to favorites