I've been running the MS Baseline Security Analyzer on various machines the past few weeks to check securities - it's not a perfect tool, but for a busy server with a lot of patches and shares, it's quite nifty, has helped locate a few weak spots. And also fairly useful on desktops/laptops, once you learn how to decipher the MBSA report.

Question: On my home XP Pro, for my personal ISP, MBSA lists an "open port" (always, whether a connection is open or not), and suggests this is not good security. MBSA usually gives fairly good suggestions on how to fix things, but not for this. Note: My RAS connection is not "port-open" at all, despite a similar setup.

Anyone know if this is a concern, and if so, how to "close" the open port? Or is this something on the server-side I can do nothing about, maybe?