New Router/Modem Port 80?

Posted on 2009-04-27
Last Modified: 2013-12-24
Good Day Experts.

I hope this question has landed in the correct section.

In my question history, you would see that I've been quite, uhm, energetic with inquiries about security.

I've changed ISP providers as one solution to chill me out, some:)

I have some quick follow up questions.  They are organized, so that any given answer might well address the next.

My new ISP provided me with an Actiontec router/modem. I have a password for the router.

Firefox is popping up that just about every request wants to come through Port 80. If I click through the Firefox prompt and allow the URL, proper, without port 80, things work fine.

Does this have to do with an Actiontec router in an LAN serving as some sort of server? The customer support was clueless about this   question.

I've never had a LAN setup, before.

The console will read something like, 'wide area discovery shut down'-then have the router IP listed with Port 53 as the issue. I get this message when I'm connecting from the desktop to a LAN ethernet port.

The IPs of the DNS servers are the same two as my previous provider. These show up as the first entry in the path that shows the router/modem when I restart with default settings. Does having the same two DNS servers from 2 different providers make sense?

I've never had a wireless network, before. It is WEP protected and I've disabled the network  visibility from showing as an option in my neighborhood.

I'm attaching a jpeg representing the console messages. Again, I'm a newbie for using airport and having wireless in my home. Probably all normal console entires for the airport stuff.

I'm going to give Apple a call about the 802 'stuff' that I don't no how to apply.
No worries in this post.

(Please Note: I am aware of the log files showing a consistent error about Family Controls as nothing I believe is related to this post. The error happens with two user accounts, neither with Parental Controls. )


As always, feedback about how the question is posted is helpful.

Question by:rcbprov
    LVL 32

    Expert Comment

    If is only hapenning with accounts that you believe Parental controls are turned off on I would create a test acct and try again.  You may have to recreate those accounts.

    Author Comment

    Thank you for your time and response.

    The parental controls error message does not concern me, here.
    I think it is not related to the network, and wireless questions.......

    I have set up new user accts as tests as suggested. The first screen shot show the same messages as my first question.

    I'm attaching another screen shot after that were from my first jump online as a new user...

    FF still seeks to put everything through port 80 - but the URLs connect fine, when
    I ok the URL without port 80.

    The early notation in the screen shot about a Base Station error....I have not
    configured any wireless beyond through the router/modem from home.

    The syncing messages - I don't get. Are they devices trying to sync through the wireless - or is it system stuff just on my computer with iApps sort of lining up to be synced is I chose to do so?

    I don't use mobile me, or any local or server side syncing.

    The last portion of the screenshot is an FF message that I'm sure is fine - but
    I'm dropping in as per starting out with FF interface question.

    Thanks so much for your ideas and answers.
    LVL 10

    Expert Comment

    For total knowledge I ask the following. Is this log from your Mac? Or from an external apple airport that you have?

    Are you connected Mac to Actiontec via ethernet?

    A. Almost all web requests are using the http protocol on port 80. http does not have to be port 80, this is just the well known port. If you connect to a server on a nonstandard http port the url will have a :888 at the end of it if it is on port 888 for instance. This is up to the server admin though, not to you.
     Often browsers complain when you submit forms using http, because the http protocol is not encrypted, and someone sniffing your traffic on the internet (or on the wifi network, more later) can view your data. the https protocol (default port 443) encrypts the traffic end to end.

    It is mostly an FYI, if you want to encrypt your web searches take it up with google. There is a greasemonkey script for firefox for something like that, but it only works on sites that have https running for all thier pages.

    The country code message is a bootup message where the apple is deciding what wifi channels it is allowed to use, they are different in US/Europe/Japan due to assigned frequencies. Don't know about the auth message if that mac is you or the actiontec then no worries.

    You should however change the actiontec from wep to wpa2 or wpa in that order of preference.

    The DNS settings are most likely the same because you are connecting to the airport, and the internal ip address facing you is in the, which is a "Private IP" which is duplicated anywhere and not used to route on the internet. Almost all residential router providers use the network as the default local network ip range.
     The airport or actiontec or both use network address translation to switch this to the internet routable ip provided by your isp. Your actiontec, or airport is assigning itself as your DNS and proxying the dns requests. All quite common.

    The defective DNS relay is the apple complaining that the actiontec is doing a dns relay proxy that does not meet thier sunshine smiley face perfectionism, I imagine if you were connecting to an apple product they would do some non standard thing that is cool and elitist. If your ISP is verizon, they have a point, because verizon hands out an ad page for mistyped urls. They have a faq on how to disable it in the actiontec.

    The sync stuff is some kind of magic apple thing.. :-) As you say, iApps.

    D. You should however change the actiontec from wep to wpa2 or wpa in that order of preference. WEP is easily crackable, and a cracker would then have the ability to join your network and sniff your network conversations from as far away as he has a good radio connection. From a mile a way, even, with the right equipment or gear. You aren't cia headquarters, but wpa is simple enough.


    Author Comment

    Thanks, so much.

    The log is from my MAC/MacBook. I don't use wireless for my iMac desktop, ever.

    I have no Airport set up - just the router/modem. Never have set up an Airport.

    If you have follow up comments based on that question, let me know.

    Thanks for the Google/GreaseMonkey info.

    So, separate from the router/ish '192'  addys, the DNS nameserver numbers could be the same when the router/modem sets up it's whole connection path on a return to default setting? Like one of them is still 68.12.etc.etc.

    I'll look into the WPA things.  What about the 802 land of settings on the Mac? I will keep researching on my own - but if you know a good link, quick explanation, or just think I should steer clear, let me know.

    I have renamed my network a few times while I keep learning about locking down wireless as much as possible.

    BTW, I did launch FF from my mac book when I was out of town, and still got the port 80 messages - so that gave me my own benchmark with FF and port stuff.

    Agent rcbprov
    LVL 10

    Accepted Solution

    I think that wireless is fairly secure running wpa2 or wpa. And SO convenient.   WEP however can quite casually be hacked by an expert running the right tools. If you don't need the wireless, disable it in the router gui. Basically if you set the wireless security to wpa on the router gui, you will just need to enter the password on the mac when you select the network. Hiding the ap doesn't provide that much security. They are still visible to a wireless sniffer when the network sends data. If you set a good password on wpa2, there are no current ways to hack into the network.

    If the DNS is still the same after switching ISPs, it is likely that the MAC is still holding on to the old dns addresses. Perhaps they are hard set in the configuration, or the mac is using cached dns info from an old dhcp lease. The network being the same could permit that. As you see, it still works. Most networks let DNS pass and anyone can use anyone's DNS server for the most part.

    If you go into the router configuration gui you can see what your isp suggests to use.

    I don't see the dns address in the logs, the 224.0.x.x thing is a multicast address, I imagine this is the mac setting up rendzevous, a cool protocol I don't understand. Multicast ispretty complex, but this is coming from the mac not the network.

    Author Closing Comment

    Thanks for your clear, complete, responses. I don't understand the '224', multi-casting, Rendezvous protocol much, myself.
    Silly, silly, Macs:)

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    Suggested Solutions

    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now