Hi there,
I just tested my Norton Internet Security firewall and got the message that ports 80 and 113 are closed, not stealthed.
1. Is this a security risk?
2. Can I stealth those ports?
3. If I stealth port 80, can I still surf the internet?
4. If i stealth port 113, can I still use Skype to make internet calls or use chat sessions to get online support?
5. Will people on skype still see my online status?
6. I was just thinking, lets say I start sufring the internet I use port 80, so after sending I should also be able to recieve on port 80. Even though it was stealthed before. Right?
By the way I am NOT running any kind of server or service that gives others any access to my computer.
That's it. Thanks in advance.
BL
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Typically, firewalls allow all outbound port's to all destination ports. Port 80 or http is a destination, and the source ports have been explained. When you go to google.com from your pc, your establishing a connection to google.com:80 (port 80) and the firewall keeps track of the fact that you initiated the connection to google.com, so google.com can send data back to you. Established connections make firewall administration 1000 times easier, because they assume you want the data back from whom you've requested a connection.
Skype http://support.skype.com/i
Port 80 (http) and the like are called listening ports. http://www.skype.com/help/
-rich
Sorry to post again, the reason you don't have to open any port's is because your establishing a connection to skype's servers, and they listen for the calls, and tell your pc (over the established connection) that a call is coming in. It's the same with IM, you sign into MSN or AIM or other, to the servers they provide, and you do not need to open any port's because the IM servers will get you the data over the established connections to them.
-rich
> Everyone has those open
> That's no problem by itsself
NO (I'm repeating)
neither 80 nor 113 has to be open, as any other port too (except you're running a server, somehow)
kneH, read the TA title ;-)
<off-topic>
"Hoegaarden" jltari where did you get that from, are you dutch?
nice to see this rare word (Hoagascht, Hoagarten) in other languages too :-)
</off-topic>
And yeah I am dutch.
Mais je parlez un tres petit peu Francais aussie.
(parlez! my writing is crap)
So we might even be able to have a proper convo on the terrace.
But if yall have something against Hoegaarden just pass me an Erdinger. :)
Ontopic.
I must be getting mad then cos I was sure fport showed my port 80 as open. Or was it the box at work?!
Kinell that Hoegaarden and Erdinger got me Korsakov :(
>>Mais je parlez un tres petit peu Francais aussie
--> Mais je parle un petit peu Français aussi
:)
I've got nothing against Hoegaarden (I should have a pack at home, as a matter of fact)
If you see port 80 open somewhere, you've got a web server running, or some kind of service that wants to look like it.
Some Windows versions have IIS installed and running almost by default, so that might be it.
I can bloody talk it some... I write it like Forrest Gump would.
As for the c with the curl at the bottom... I just couldn;t be arsed to look up the alt code for that one... And I erckoned being lazy was part of the French culture so I should fit right in LOL ;)
And come to think of it it prolly WAS the box at work... running the webserver indeed. Guess I was already stealing office supplies in my head LOL.
As for the author... I'd reply quickly before we hijack your thread completely ;)
Let's repeat this ...
An average client computer like mine should never get any kind of data from the internet "just like that". I don't have a server. Therefore nobody tries to connect, exept hackers.
When I go on the internet, then I connect with a server on port 80 and then as long as I am surfing my port 80 is open to get data from the internet that I requested. So the "google.com" server or any other can send data over my port 80.
This is the same with other applications. when they are not running then they don't open ports and everything is secure. But when I use them, for example internet telephone, messenger services, ftp, ... then a specific port will be opened and data transfer both ways is possible on one specific port.
But now I send a request to the "google.com" server and then a hacker decides to use port 80 while I am surfing the internet. Can he access my computer over the open port 80? Or only the servers I connect to?
Am I on the right track? Or did I make a mistake?
BL
> Therefore nobody tries to connect,
well, not exactly true. I'd rephrase it like: all my ports are closed, so nobody can connect
Sorry for being pedantic ;-)
> .. as long as I am surfing my port 80 is open to get data from the internet that I requested.
you still did not understand.
port 80 on your computer does not count. Simply forget it, it's closed (hopefully).
Your oubound connection is a port >1024, just the remote server's port might be 80
your-computer:4242<-------
> So the "google.com" server or any other can send data over my port 80.
no (except you have a server listening, but I doubt that google will connect it:-)
> .. then they don't open ports and everything is secure.
hmm, could be pedantic then no, but i.g. we can say yes now: if ther is no application running (including your OS) then you're secure
> Can he access my computer over the open port 80?
no, not this way, see explanations above
> Or did I make a mistake?
you made mistakes, sorry.
Hope that you get more used to it now. Feel free to ask, we help ..
That's right. Another way to say it :
For 2 computers to connect, you need 2 open doors. One to get out (>=1024), the other to get in (80 for google.com).
When you surf on google.com, you open an outbound connection from, let's say, port 1028, to connect to a distant port 80 (inbound, looked from google's point of view. Their port 80 must be open). Then google sends data back to your port 1028. This data is not considered as inbound for you because you've requested it. That's how a stateful firewall works.
So, basically : Close and stealth all the ports you want on your local computer, you'll be that much safer. Let some programs initiate outbound connections (browsers, mail software, Skype, etc.) , and do not let any receive any inbound.
My-PC:1025 (or above) Google.com:80
This is what I was saying about established connections. Your firewall allows all ports OUT, but should allow no ports IN, EXCEPT if you've initiated the connection from inside.
do a (in a cmd window)
netstat -a
Go to GRC.com and look at the shields up test to see what ports you have open. If it's none, then your all set.
-rich
Business Accounts
Answer for Membership
by: jltariPosted on 2005-03-15 at 23:55:58ID: 13553001
The port 80 you're talking about is a local port, so you can stealth it, close it, or do whatever you want with it, it will not stop you from using its distant counterpart. When your browser connects to port 80, it's the Web server's port 80 , not yours. You port is probably some port in the 1024+ range, and OUTBOUND.
It's another story with skype. This probably needs an open local port, which cannot be stealthed.
I don't use Norton Internet Security, but, with some other firewalls (Zone Alarm, Outpost, Kerio, etc.), the ports seem to be stealthed because if the IP packets that are sent to such or such port aren't recognized by the software that has the rights to receive them (skype in this case), they are just dropped.