Just curious how ports work. I got a port scanner to check what my comps have open. It let's you can scan any given IP address. But if I scan my external IP address, shouldn't it show the same ports being open, as compared to if I scan my internal router's IP address? Also, why does it show different ports being open when i scan the local host, as compared to when I scan my comps internal IP address? (BTW the scanner is called BluePortScan).

Also, why is SMTP and POP3 open, when they only mail service I use is Yahoo's ?! How do I close these?

ROUTER
TCP: 192.168.1.1 [25-smtp]
TCP: 192.168.1.1 [80-www-http]
TCP: 192.168.1.1 [110-pop3]
TCP: 192.168.1.1 [2468-qip-msgd]
TCP: 192.168.1.1 [5678-rrac]
TCP: 192.168.1.1 [6688]
TCP: 192.168.1.1 [8080-http-alt]

Main
TCP: 127.0.0.1 [25-smtp]
TCP: 127.0.0.1 [110-pop3]
TCP: 127.0.0.1 [135-epmap]
TCP: 127.0.0.1 [445-microsoft-ds]
TCP: 127.0.0.1 [1025-blackjack]
TCP: 127.0.0.1 [1030-iad1]
TCP: 127.0.0.1 [3389-ms-wbt-server]
TCP: 127.0.0.1 [5000-commplex-main]

Main
TCP: 192.168.1.25 [25-smtp]
TCP: 192.168.1.25 [110-pop3]
TCP: 192.168.1.25 [135-epmap]
TCP: 192.168.1.25 [139-netbios-ssn]
TCP: 192.168.1.25 [445-microsoft-ds]
TCP: 192.168.1.25 [1025-blackjack]
TCP: 192.168.1.25 [3389-ms-wbt-server]
TCP: 192.168.1.25 [5000-commplex-main]

Server
TCP: 192.168.1.30 [21-ftp]
TCP: 192.168.1.30 [25-smtp]
TCP: 192.168.1.30 [80-www-http]
TCP: 192.168.1.30 [110-pop3]
TCP: 192.168.1.30 [135-epmap]
TCP: 192.168.1.30 [139-netbios-ssn]
TCP: 192.168.1.30 [443-https]
TCP: 192.168.1.30 [445-microsoft-ds]
TCP: 192.168.1.30 [1025-blackjack]
TCP: 192.168.1.30 [1028-icq]
TCP: 192.168.1.30 [1029-icq]
TCP: 192.168.1.30 [1033-backdoor]
TCP: 192.168.1.30 [1801-msmq]
TCP: 192.168.1.30 [2103-zephyr-clt]
TCP: 192.168.1.30 [2105-minipay]
TCP: 192.168.1.30 [2107-bintec-admin]
TCP: 192.168.1.30 [5000-commplex-main]

Family
TCP: 192.168.1.35 [25-smtp]
TCP: 192.168.1.35 [80-www-http]
TCP: 192.168.1.35 [110-pop3]
TCP: 192.168.1.35 [135-epmap]
TCP: 192.168.1.35 [139-netbios-ssn]
TCP: 192.168.1.35 [445-microsoft-ds]
TCP: 192.168.1.35 [1025-blackjack]
TCP: 192.168.1.35 [1214-kazaa]
TCP: 192.168.1.35 [3389-ms-wbt-server]
TCP: 192.168.1.35 [3538]
TCP: 192.168.1.35 [5000-commplex-main]

EXT IP
TCP: XX.XX.XX.XX [25-smtp]
TCP: XX.XX.XX.XX [80-www-http]
TCP: XX.XX.XX.XX [110-pop3]

What model router do you have?

oops :/ It's a Linksys BEFSRV41

Well, I think what a port is is just a "pathway" for communication with various other computers. Different programs use these different pathways to get/send what they need to for what you request. Open ports of course can be a vulnerable thing that can easy up an attack on your computer. su root may pop in here to give a more in depth explanation...and maybe someone else could better explain it than I can, for my information may be invalid.

But about closing the ports, have you looked in your router manual?? That will usually tell you how to get intot he config utility of your router, and if you search in there a bit then you should be able to find out how to turn off access to the ports you dont want. And if you havent already, change the defualt password to your router config...thats what a lot of the "vulnerable scanning" programs do...mostly used by script kiddies..at least I think they do/still do that. And a default password on anything is bad.

Fold and Frag on
Brian

Do you mean the BEFSR41? Googling for BEFSRV41 only brings up 1 hit and the suggestion of BEFSR41. (www.linksys.com shows nothing for BEFSRV41 as well)