[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 691
  • Last Modified:

Is It Possible To Stealth Port 80 and 113

Hi there,

I just tested my Norton Internet Security firewall and got the message that ports 80 and 113 are closed, not stealthed.

1. Is this a security risk?
2. Can I stealth those ports?
3. If I stealth port 80, can I still surf the internet?
4. If i stealth port 113, can I still use Skype to make internet calls or use chat sessions to get online support?
5. Will people on skype still see my online status?
6. I was just thinking, lets say I start sufring the internet I use port 80, so after sending I should also be able to recieve on port 80. Even though it was stealthed before. Right?

By the way I am NOT running any kind of server or service that gives others any access to my computer.

That's it. Thanks in advance.

BL
0
beni_luedi
Asked:
beni_luedi
  • 7
  • 7
  • 4
  • +2
2 Solutions
 
jltariCommented:
The port 80 you're talking about is a local port, so you can stealth it, close it, or do whatever you want with it, it will not stop you from using its distant counterpart. When your browser connects to port 80, it's the Web server's port 80 , not yours. You port is probably some port in the 1024+ range, and OUTBOUND.
It's another story with skype. This probably needs an open local port, which cannot be stealthed.
I don't use Norton Internet Security, but, with some other firewalls (Zone Alarm, Outpost, Kerio, etc.), the ports seem to be stealthed because if the IP packets that are sent to such or such port aren't recognized by the software that has the rights to receive them (skype in this case), they are just dropped.

0
 
ahoffmannCommented:
1. might be, not for experiance people
2. yes
3. yes
4. not shure, you need to check skype docs
5. I guess yes
6. > right? no
  as already explained you outbound port is >1023, just the remote port might be 80, same on way back
0
 
kneHCommented:
Port 80 is htp
port 113 is pop3 If I am not mistaken.

Everyone has those open

That's no problem by itsself
If you stealth em and people still know you are online... they have a 99% probability of being sure you have them ports open.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
jltariCommented:
>>Everyone has those open
NOOO!!

Every Web or mail server has these open, not client computers!
0
 
Rich RumbleSecurity SamuraiCommented:
Typically, firewalls allow all outbound port's to all destination ports. Port 80 or http is a destination, and the source ports have been explained. When you go to google.com from your pc, your establishing a connection to google.com:80 (port 80) and the firewall keeps track of the fact that you initiated the connection to google.com, so google.com can send data back to you. Established connections make firewall administration 1000 times easier, because they assume you want the data back from whom you've requested a connection.
Skype http://support.skype.com/index.php?_a=knowledgebase&_j=questiondetails&_i=148&nav2=Technical says that you do not need any listening ports to use this service...
Port 80 (http) and the like are called listening ports. http://www.skype.com/help/guides/firewall.html
-rich
0
 
Rich RumbleSecurity SamuraiCommented:
Sorry to post again, the reason you don't have to open any port's is because your establishing a connection to skype's servers, and they listen for the calls, and tell your pc (over the established connection) that a call is coming in. It's the same with IM, you sign into MSN or AIM or other, to the servers they provide, and you do not need to open any port's because the IM servers will get you the data over the established connections to them.
-rich
0
 
kneHCommented:
@ jltari
your right bout 113...
soz beni_luedi for misinforming you.

But port 80 is open.

Anyways FYI I use kaspersky antihacker and every port on my puter is stealthed.
0
 
kneHCommented:
and where did my T go?

Port 80 is http LOL

Sheesh... it's to warm to give proper answers.
I need a to sit on a terrace with a cold Hoegaarden.
0
 
jltariCommented:
If you have port 80 open, it means you have a web server running.
That's usally not the case with client computers.

I suggest we discuss this, at your terrace, you with your Hoegaarden, and I with a good Grimbergen.
:)
0
 
ahoffmannCommented:
> Everyone has those open
> That's no problem by itsself
NO (I'm repeating)
neither 80 nor 113 has to be open, as any other port too (except you're running a server, somehow)
kneH, read the TA title ;-)

<off-topic>
"Hoegaarden" jltari where did you get that from, are you dutch?
nice to see this rare word (Hoagascht, Hoagarten) in other languages too :-)
</off-topic>
0
 
jltariCommented:
I'm French, and this is not a word to me, is a beer name.
I do like beer a lot :)
0
 
kneHCommented:
And yeah I am dutch.

Mais je parlez un tres petit peu Francais aussie.
(parlez! my writing is crap)
So we might even be able to have a proper convo on the terrace.

But if yall have something against Hoegaarden just pass me an Erdinger. :)


Ontopic.
I must be getting mad then cos I was sure fport showed my port 80 as open. Or was it the box at work?!

Kinell that Hoegaarden and Erdinger got me Korsakov :(
0
 
kneHCommented:
>>and this is not a word to me, is a beer name

It's a way of life LOL
0
 
jltariCommented:
>>Mais je parlez un tres petit peu Francais aussie
--> Mais je parle un petit peu Français aussi

:)

I've got nothing against Hoegaarden (I should have a pack at home, as a matter of fact)

If you see port 80 open somewhere, you've got a web server running, or some kind of service that wants to look like it.
Some Windows versions have IIS installed and running almost by default, so that might be it.
0
 
kneHCommented:
I can bloody talk it some... I write it like Forrest Gump would.

As for the c with the curl at the bottom... I just couldn;t be arsed to look up the alt code for that one... And I erckoned being lazy was part of the French culture so I should fit right in LOL ;)


And come to think of it it prolly WAS the box at work... running the webserver indeed. Guess I was already stealing office supplies in my head LOL.

As for the author... I'd reply quickly before we hijack your thread completely ;)
0
 
jltariCommented:
>> I erckoned being lazy was part of the French culture...
Might be. That's why we put the "ç" right on our keyboard :)
0
 
ahoffmannCommented:
Erdinger, c'est la brasserie je voir directement par ma fenêtre ;-)
santé
0
 
kneHCommented:
OMG what have I done...

I hereby apologize for releasing the french fury onto EE ;)
0
 
beni_luediAuthor Commented:
Let's repeat this ...

An average client computer like mine should never get any kind of data from the internet "just like that". I don't have a server. Therefore nobody tries to connect, exept hackers.

When I go on the internet, then I connect with a server on port 80 and then as long as I am surfing my port 80 is open to get data from the internet that I requested. So the "google.com" server or any other can send data over my  port 80.

This is the same with other applications. when they are not running then they don't open ports and everything is secure. But when I use them, for example internet telephone, messenger services, ftp, ... then a specific port will be opened and data transfer both ways is possible on one specific port.

But now I send a request to the "google.com" server and then a hacker decides to use port 80 while I am surfing the internet. Can he access my computer over the open port 80? Or only the servers I connect to?

Am I on the right track? Or did I make a mistake?

BL
0
 
ahoffmannCommented:
>  Therefore nobody tries to connect,
well, not exactly true. I'd rephrase it like: all my ports are closed, so nobody can connect
Sorry for being pedantic ;-)

> ..  as long as I am surfing my port 80 is open to get data from the internet that I requested.
you still did not understand.
port 80 on your computer does not count. Simply forget it, it's closed (hopefully).
Your oubound connection is a port >1024, just the remote server's port might be 80
  your-computer:4242<------->80:remote-server

> So the "google.com" server or any other can send data over my  port 80.
no (except you have a server listening, but I doubt that google will connect it:-)

> ..  then they don't open ports and everything is secure.
hmm, could be pedantic then no, but i.g. we can say yes now: if ther is no application running (including your OS) then you're secure

> Can he access my computer over the open port 80?
no, not this way, see explanations above

> Or did I make a mistake?
you made mistakes, sorry.
Hope that you get more used to it now. Feel free to ask, we help ..
0
 
jltariCommented:
That's right. Another way to say it :
For 2 computers to connect, you need 2 open doors. One to get out (>=1024), the other to get in (80 for google.com).
When you surf on google.com, you open an outbound connection from, let's say,  port 1028, to connect to a distant port 80 (inbound, looked from google's point of view. Their port 80 must be open). Then google sends data back to your port 1028. This data is not considered as inbound for you because you've requested it. That's how a stateful firewall works.

So, basically : Close and stealth all the ports you want on your local computer, you'll be that much safer. Let some programs initiate outbound connections (browsers, mail software, Skype, etc.) , and do not let any receive any inbound.
0
 
Rich RumbleSecurity SamuraiCommented:
My-PC:1025 (or above) Google.com:80
This is what I was saying about established connections. Your firewall allows all ports OUT, but should allow no ports IN, EXCEPT if you've initiated the connection from inside.
do a  (in a cmd window)
netstat -a

Go to GRC.com and look at the shields up test to see what ports you have open. If it's none, then your all set.
-rich
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 7
  • 7
  • 4
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now