BTW, what is the need to open 80 port or 110 to scan the traffic? The
traffic which going to be scanned should go to remote IP + remote port. Not
the local ones.
--
V.
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Volodymyr M. Shcherbyna" wrote in message
news:eMS3pOhmIHA.3780@TK2MSFTNGP06.phx.gbl...
>> A trojan won't use 80 and 110, the chance of colliding with real
>> applications would be too high. I'm willing to bet that those two ports
>> are opened by your virus scanner which is trying to scan your web
>> traffic and email downloads...
>
> I don't think so. This is a stupid approach from the point of view of
> security software. Antivirus or whatever will try to enumerate all opened
> ports, this operation is less costly then binding, and listening on some
> port.
>
> Even if the above solution would not be suitable for antivirus, it could
> always call bind (...) on a specified port., and if it busy, it will get
> WSAEACCES error . So, as you can, see, there is no need to create a fully
> functional server to check some port (because listen (...) and accept
> (...) are not called in this case)
>
>
> --
> V.
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> "Juergen Nieveler" wrote in message
> news:Xns9A7AE0724445juergennieveler@nieveler.org...
>> dos wrote:
>>
>>> i have two local trojan ports open. I found that using LPS program.
>>> The ports are 80 and 110. I have winXP firewall and a router. Can i
>>> somehow close this two ports only by using xp firewall?
>>
>> a) If it's really a trojan, merely installing a firewall will not help
>> you
>>
>>
A trojan won't use 80 and 110, the chance of colliding with real
>> applications would be too high. I'm willing to bet that those two ports
>> are opened by your virus scanner which is trying to scan your web
>> traffic and email downloads...
>>
>> Juergen Nieveler
>> --
>> Take my advice, I don't use it anyway.
>
>