Sujet Précédent Sujet Suivant

Parametrage firewall Sygate?

Fermé
JC - 28 janv. 2005 à 06:57
 Mike - 29 janv. 2005 à 15:48
Bonjour, j'utilise sygate comme firewall, mais depuis quelque temps et je pense suite à un trojan je ne dispose plus du maximum de protection.
En effet j'ai testé mon firewall on line sur le site de Sygate qui me dit que certains ports ne sont que bloqués alors qu'ils devraient ne pas répondre à un scan, je souhaiterai savoir ce que je peux faire pour le reparametrer correctement, car il y a encore peu quand je faisais ce meme test ma sécurité était totale.
Ci joint le rapport du scan de sygate:

Service

Ports

Status

Additional Information
FTP DATA

20

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
FTP

21

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SSH

22

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
TELNET

23

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SMTP

25

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
DNS

53

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
DCC

59

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
FINGER

79

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
WEB

80

CLOSED

This port has responded to our probes. This means that you are not running any application on this port, but it is still possible for someone to crash your computer through known TCP/IP stack vulnerabilities.
POP3

110

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
IDENT

113

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
NetBIOS

139

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
HTTPS

443

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
Server Message Block

445

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SOCKS PROXY

1080

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SOURCE PORT

3319

CLOSED

This is the port you are using to communicate to our Web Server. A firewall that uses Stateful Packet Inspection will show a 'BLOCKED' result for this port.
WEB PROXY

8080

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.

You are not fully protected:
We have detected that some of our probes connected with your computer.
A voir également:

8 réponses

Réponse 1 / 8
Teddy-Bear Messages postés 758 Date d'inscription mercredi 12 janvier 2005 Statut Membre Dernière intervention 5 mars 2005 91
28 janv. 2005 à 09:43
Bonjour

Va dans Sygate .......Logs.......trafic log.....recherche l'application qui utilise le port 80......colonne Local port

@}
0
Réponse 2 / 8
JC
28 janv. 2005 à 10:01
Salut TEDDY BEAR et merci pour ton aide, j'ai vérifier ce que tu m'as dit mais que dois je faire ais-je moyen de retrouver l'état précedent à savoir "BLOCKED" afin d'accroitre la sécurité, en effet je ne peux pas juste interdire au port 3319 de communiquer car il s'agit de mozilla firefox, pour l'autre port le 80 c'est plus mysterieux (SYSTEM32/DRIVER/ndisiuo.sys) connait pas.
Qu'en penses tu???
0
Réponse 3 / 8
Teddy-Bear Messages postés 758 Date d'inscription mercredi 12 janvier 2005 Statut Membre Dernière intervention 5 mars 2005 91
28 janv. 2005 à 10:14
Re,

Refait un test pour voire si c'est toujours le port 80 qui est en cause (m'etonnerais) quand a SYSTEM32/DRIVER/ndisiuo.sys doit pas etre en cause because je l'ai aussi (today sur le port 137) et jamais de probleme.

@}
0
Réponse 4 / 8
JC
28 janv. 2005 à 10:26
nouveau scan:

Service

Ports

Status

Additional Information
FTP DATA

20

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
FTP

21

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SSH

22

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
TELNET

23

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SMTP

25

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
DNS

53

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
DCC

59

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
FINGER

79

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
WEB

80

CLOSED

This port has responded to our probes. This means that you are not running any application on this port, but it is still possible for someone to crash your computer through known TCP/IP stack vulnerabilities.
POP3

110

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
IDENT

113

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
NetBIOS

139

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
HTTPS

443

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
Server Message Block

445

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SOCKS PROXY

1080

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.
SOURCE PORT

4651

CLOSED

This is the port you are using to communicate to our Web Server. A firewall that uses Stateful Packet Inspection will show a 'BLOCKED' result for this port.
WEB PROXY

8080

BLOCKED

This port has not responded to any of our probes. It appears to be completely stealthed.

You are not fully protected:
We have detected that some of our probes connected with your computer.
???? ce qui est curieux c'est que le port 80 est toujours "closed" en revanche le port 4651 est "closed" l'application qui tourne sur ce port est firefox et ndisuio.sys alors que tout à l'heure elle tournait sur le port 3319 ?????
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Teddy-Bear Messages postés 758 Date d'inscription mercredi 12 janvier 2005 Statut Membre Dernière intervention 5 mars 2005 91
28 janv. 2005 à 10:39
Re pour le moment ne t'inquiete pas :

"un port "closed" (fermé) n'est pas nécessairement une faille de sécurité. Un port fermé ne peut pas être ouvert de l'extérieur mais il trahit quand même ta présence sur Internet."

Je cherche
0
Réponse 6 / 8
JC
28 janv. 2005 à 10:53
ok je te remercie sincèrement, parce que moi je suis à la ramasse.
Je m'absente pour la matinée mais tu peux poster je serai de retour cet après midi
JC
0
Réponse 7 / 8
JC
29 janv. 2005 à 13:16
up
0
Réponse 8 / 8
Mike
29 janv. 2005 à 15:48
Lu,
Fais toi meme un scan port avec superscan ou un autre et tu verra tout tes ports ouverts!!
++
Mike
0

Discussions similaires

Blocage sécurité
Utilisateur anonyme -
Utilisateur anonyme -

4 réponses
Paramétrage des cookies "Nous avons détecté un problème'' Firefox
HumanBonb -
pistouri -

2 réponses
Problème driver réseau ethernet
airsoftmomo -
kaneagle -

12 réponses
Matrice de flux
SEM94 -
vignemail1 -

3 réponses