Azu

Oops.. forgot to sanitize that on the profile page.. should be working right now ^^ thanks again

Thanks.. fixed warning What do you enter in the field to make the XML error?

Okay so I take it no one has found any more problems?

Okay thanks I will try that. If all it takes is a pentium 2 it should be pretty affordable

Okay.. I will stick with my current firewall for now then. I would like to clarify though that my computer is on the internet 24/7 and is a server, so although I probably shouldn't be paranoid if all I use it for is normal surfing, I think that I should try to make it secure since I run servers on it. And also I want to see if it is possible to make a Windows server secure. I'd use Linux but it doesn't really run games very good even with wine, and duel booting would mean restarting over and over (which I don't want to do since I run some servers) and don't really have the money for multiple computers.. so I am stuck with Windows and want to try to make it as secure as I can ^^ Also, what kind of hardware firewall would you recommend? Like which kind are the most secure for website/PHP servers? I think this is probably the best place to get an answer for this since this forum is mostly devoted to PHP servers oh and it would be good if it wasn't to expensive.. I don't care if it will take forever to set it up as long as it will be very secure and won't cost a whole lot. Edit: P.S. I don't really care if something would be against the microsoft EULA or whatever. I'm using a pirated version Windows anyways (I did buy Windows legitimately but it didn't want to validate -.- so I gave up trying to install it legitly, I mean I paid for it so no problems right ^^).

Hello I know that there are easy ways to compile PHP into a stand alone executable in 32bit.. but does anybody know of a program that works for doing this in XP 64bit with 64bit PHP so that it will generate a 64bit executable? P.S. Yes I have searched but haven't been able to find any for 64bit it seems that most people who make software hate us 64bit users lol..

Okay.. thanks for the explanation guys.. I guess there just isn't a way to do this without killing the process (which I don't want to do). In that case I want to be sure that the firewall I am using is good. And also I am not sure what kind of hardware firewall I should you? I'm guessing that you mean a router, but I'm not sure which kind are the most reliable? I know I could probably find a lot of opinions about this on Google, but I would trust an opinion from here much more then from random people on websites that I don't know. So which would be the best hardware firewall? And is Jetico a good software firewall for XP 64bit? Or is there a more secure one that I should use instead? P.S. is there by any chance a way to edit these Microsoft services so that they will stop listening? Like through hex editing or disassembling? I'm guessing that there isn't but I figured I may as well ask ^^

Maybe something like this? for($i=0,$<15,++$i)if($_POST['field_'.$i])obdc_query("insert into table('foo','bar')values('blah','$_POST[field_$i]')"; (obviously just an example ^^)

$_GET['file'] maybe. Not sure. Post the PHP code that is outputting it and I can tell you.

I don't think the problem is with the part in green. I think the problem is with this; while (!feof ($f)) { $line = fgets ($f, 1024); if (ereg ("already exists", $line, $out)) { You might want to make absolutely sure that it is properly searching for the actual user name and that it doesn't return false negatives.

If you want your login system to be secure then you probably shouldn't store anything related to login on the client-side. Instead handle it server side (MySQL). This makes it almost impossible for there to be a security problem (unless of course someone has directly access to the victim's computer.. in which they are screwed no matter WHAT kind of login system you use). This will basically mean that it will be impossible to steal sessions (or cookies through javascript attacks).

http://www.digitaljunkies.ca/dompdf/ should do the job. Enjoy ^^

Simple Wherever you echo/print user submitted data, just be sure to escape it with something like htmlspecialchars So instead of echo $_GET['variable']; do echo htmlspecialchars($_GET['variable']); This also applies to $_POST and $_SERVER and data retrieved from databases (if people can put stuff into the database, such as in a forum system for example).

Instead of select date from table Use select date + interval 1 day from table And voila it will be the day after. And of course you can replace the 1 with another number, or day with a different unit of time (E.G. second) and negative value to make it go back in time instead of ahead.

Thank you for trying to be helpful, I really appreciate it. I'm not sure who posted the answer or where though, could you please tell me? In case you missed it, my question is how do I prevent the RPC service from trying to accept outside connections (obviously besides KILLING the RPC service). In otherwords so that it will stop trying to listen on port 135. Please forgive me for being such an idiot and being inferior to you, I just can't find where anybody has told me how to actually do this, so please tell me where, that would be very nice Also you might want to look into www.alt.com if you like to try to insult people and put them down. This forum is not really meant for that ^^

Sorry I forgot to say, I already have one. The problem is that these services are still listening on these ports, and this can be dangerous especially if the firewall is not 100% perfect and something gets through. So I am trying to find a way to make these services stop accepting outside connections on these ports (especially the RPC service since it controls a lot of stuff that happens in Windows)

Thank you! I'm still not sure how to make it stop listening on the port without killing the process though (which I've already explained I can't do since lots of things on my computer are dependant on that process)

Thanks for trying to be helpful. I'm not sure how to use any of have to make these services stop listening on those ports though? I'm pretty sure that they don't NEED to be listening on them, since my computer doesn't crash if I unplug my modem. So if someone could please actually try to answer my question instead of just being a smartass troll, that would be greatly appreciated ^^

Thanks so can anyone try to help? That would be very nice ^^

Thanks I still don't know how to make the programs stop listening on these ports though without making the programs stop working though.. And the command scrolls way off the page so that it doesn't show most of the stuff.. TCP none:http r2d2.satgate.net:60424 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http r2d2.satgate.net:39574 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http r2d2.satgate.net:55438 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http r2d2.satgate.net:38088 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 85.195.164.175:1320 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 85.195.164.175:1319 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http vip32.ign.cz:45206 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http hp4gamers.de:49009 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http hp4gamers.de:48862 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 86-39-156-1.tactics.be:58218 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http 86-39-156-1.tactics.be:58207 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http 87-248-174-36.starnet.md:52528 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http ip-89-102-129-76.karneval.cz:3841 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http euro.radiohost.pl:34527 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http euro.radiohost.pl:34517 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:14932 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:16169 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:13638 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:13868 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:25007 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:19835 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http proxy.gcn.ua:50309 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy.gcn.ua:51340 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy.gcn.ua:49792 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 18-85-113-92.pool.ukrtel.net:59926 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 18-85-113-92.pool.ukrtel.net:59927 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 18-85-113-92.pool.ukrtel.net:59924 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http jessica.w3.org:57581 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http websauce.net:43421 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http w3cache.polsl.pl:50723 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http h73n199.biveg.ru:62577 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http h73n199.biveg.ru:62355 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 195.205.214.163:47263 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 195.205.214.163:47270 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http hbzphp.deep-thoughts.com:2156 CLOSE_WAIT 2 564 [lighttpd.exe] TCP none:http mail.iab.com.ar:60640 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http mail.iab.com.ar:46855 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http mail.iab.com.ar:60594 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 202-45-102-164-static.spacecentre.com.au:52674 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 202-45-102-164-static.spacecentre.com.au:52669 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http psf-p2.singnet.com.sg:59071 CLOSE_WAIT 256 4 [lighttpd.exe] TCP none:http psf-p2.singnet.com.sg:34200 CLOSE_WAIT 256 4 [lighttpd.exe] TCP none:http psf-p2.singnet.com.sg:55953 CLOSE_WAIT 256 4 [lighttpd.exe] TCP none:http owghosting.com:40371 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http owghosting.com:39636 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http owghosting.com:39639 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http owghosting.com:40382 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:34885 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:35267 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:57284 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:44472 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:35626 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:54690 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:36045 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:44489 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy8.netis.ru:47863 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy8.netis.ru:54545 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http str.bashnet.ru:41035 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http str.bashnet.ru:41083 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 213.226.196.173:23417 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 213.226.196.173:23414 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 213.226.196.173:23416 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http gaja.tpnet.pl:39787 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http ns.4nets.lv:55625 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:48880 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:48525 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:29412 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:39129 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:59732 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:58161 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:13504 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:25492 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:17940 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:58516 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:43943 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:18586 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:48763 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:31274 opium2.msg.vip.dcn.yahoo.com:http TIME_WAIT 0 UDP none:isakmp *:* 436 [lsass.exe] UDP none:3726 *:* 1816 [voicechat.exe] UDP none:1059 *:* 792 Dnscache [svchost.exe] UDP none:1044 *:* 792 Dnscache [svchost.exe] UDP none:microsoft-ds *:* 4 [system] UDP none:1060 *:* 792 Dnscache [svchost.exe] UDP none:1061 *:* 792 Dnscache [svchost.exe] UDP none:ipsec-msft *:* 436 [lsass.exe] UDP none:8730 *:* 2564 [lighttpd.exe] C:\Documents and Settings\Administrator>

k? Meaning that.. that's right.. that I searched! Meaning that the results do not solve my problem.. That rules out killing the RPC process, which is the only way mentioned to make it stop listening on that port. If you know of a search that describes how to do this without messing up RPC and thus my computer, please do share it. k? So in other words I searched and what I found basically says that I need to kill the RPC process to make it stop trying to listen on port 135.. and as I've already said, I'm not going to do that, since it will make a lot of stuff stop working. That's all I've found out about the ports around 1025 and 1024 and 1026 etc etc.. that they vary.. I know that.. I found that out by searching.. I want to know how to find out what is listening on it though. And how to make it stop listening on it without breaking said program. And I'm definitely sure that I've never seen any search results that hint at answering this one. So ya, if you don't want to come across as a sarcastic troll that is playing dumb.. then try to read and/or comprehend what you read (no offense) And if you STILL find a way to misinterpret what I am saying even when I have spelled it out this much.. then forget it.. I'm sorry but I don't know of any simpler/more straight forward ways to put it, and will just wait for (hopefully) someone to come along that understands what I am saying. It shouldn't be that hard to understand..

Okay I first I thought that maybe you just couldn't understand my first post for some reason. But now it is apparent that you are just flat out trolling. Please stop.

Sorry I tried to make it clear that I did I guess I wasn't clear enough. Yes.

Hello.. I'm sorry if this has been asked a million times (it probably has) but I've been searching for a long time and nothing I've found has been of much help. On my computer there are process(es) always listening on port 135 and 1025. These are the only ports that show up as open on the GRC "full port scan" besides port 80 when my firewall is off. How can I find out exactly what is listening on these ports? And how can I prevent it from listening on these ports without messing up my system? I've heard that Windows RPC listens on port 135 and ending that process isn't really an option for me.. and I have no clue what is using port 1025.. I've heard that it varies a lot.. So how can I prevent my computer from listening on these ports? And possibly find out why it is listening on them/what it is doing with them? (this isn't all that important though, the main issue is just getting it to stop doing this) Any help would be very very appreciated. This is on 64bit XP SP2. Oh and one more little question.. not all that important but it would be nice.. is there a way to make it so that my computer doesn't say port 80 is open unless a VALID http request is being made to it? I think this would prevent most port scans from finding it open maybe.