Free Web Hosting by Netfirms
 Web Hosting by Netfirms | Free Domain Names by Netfirms

BlackICE Fix

Fix for Open Port 113 in BlackICE

Home
The Perl Game 21
Calendar

Vulnerabilities/Exploits:
BlackICE Port 113
BlackICE Way's Changed?


Contact The Web-Master

Problem:
Blackice has a little known vounerability from the first version all the way to latest version (2.9.Car as of writing) It allows port probes from 113 through. This can be a major security risk to all users because all a hacker need's to do is scan port 113 and even a computer that doesn't respond to ping commands or scan's on any other port(s) will show port 113 as "open" or "listening."

This can leave you vounerable to a wide range of attacks and scans. Under normal circumstances when a firewall is running it should drop the packet that was sent to that port (113 in this case). Instead with blackice defender it leats that packet go by and the computer responds with either Closed or Open. This will make the hacker scaning you think that if everything is stealthed except port 113 then the computer has to be running Blackice Defender!! Then they will probably know of many holes in Blackice and break into your system. The hardest part for a hacker is Identifying what kind of computer the person is hacking and what kind of protection you have (If any). The rest after that is easy. The sad part of this is I am in high school and figured this out!

Contacting ISS:
I have attempted to contact ISS and have not gotten any information as to why they leave 113 unfiltered by default. I have Fixed my system and created this page to explain this to others so that they can fix their systems or get a different firewall (recomended). I have given ISS more than enough time to write me with an explination so now I will put this on them. We need companies like ISS to get more support staff and take responsibility for flaws in their programing, and most of all... They need to fix it.

Solution: There are two solutions: The first one I rcomend the most.
1.) Remove BlackICE Defender and find a different firewall.
or,
2.) Fix this problem by hand. (Note: You will need to do this after every re-install of BlackICE.)
To fix this follow these steps:

1.) Open BlackICE by double-clicking the blackice in your system tray.
or,
Go to Start>Programs>Network ICE>BlackICE Utility
or, on Windows XP go to:
Start>All Programs>Network ICE>BlackICE Utility

2.) Once BlackICE Defender Opens go to the top and select: Tools>Advanced Firewall Settings

3.) After the Advanced Firewall Settings Box has opened click on the one that says 113 under Ports.

4.) Next Click Delete

5.) Click OK

6.) Click Close

Thats It your done!