Jump to content

Ports 80 And 443.


the scouser

Recommended Posts

My lack of understanding of all things computer-orientated is well documented, but I've undertaken the various "Shields Up" tests which to my comprehension appear to indicate that my PC security is high.

However, the tests did identify ports 80 and 443 as being open whilst the rest are in stealth mode. The GRC site indicates that these are associated with access to secure servers, so, bearing this in mind, should I seek to close them or leave them be? If I should consider closing them, how is this done, and does leaving them open compromise security in any way?

As usual, thanks for any advice.

Scouse.

Link to comment
Share on other sites

My lack of understanding of all things computer-orientated is well documented, but I've undertaken the various "Shields Up" tests which to my comprehension appear to indicate that my PC security is high.

However, the tests did identify ports 80 and 443 as being open whilst the rest are in stealth mode. The GRC site indicates that these are associated with access to secure servers, so, bearing this in mind, should I seek to close them or leave them be? If I should consider closing them, how is this done, and does leaving them open compromise security in any way?

As usual, thanks for any advice.

Scouse.

If a port is open, you are potentially vulnerable to attack.

In the TCP/IP protocol, ports are either open or closed. When a closed port receives an inquiry, it always acknowledges that inquiry, but denies access. (By acknowledging an inquiry, the computer in question also acknowledges its existence, and therefore potentially becomes a target for future probing and possible attack.)

Stealth is a term coined by Steve Gibson (GRC) for a closed port which does not acknowledge inquiries. As this "lack of response" is outside the TCP/IP protocol, it must be accomplished by the use of some type of "firewall security".

If your system is running a server (either knowingly or unknowling), that could be one reason the ports you list are open. (Note: ICQ has the ability to open port 80.)

Without having access to your system, or a lot of back and forth questioning, any attempt to determine the exact reason for your "open ports", would be hit-and-miss.

I would suggest you first read the ShieldsUp FAQ HERE and join in the discussions of the "ShieldsUp Newsgroup". I think this would be the fastest way for you to find the answers you need.

Good luck.

waldwolf

Link to comment
Share on other sites

Waldwolf,

I did what you suggested and read the FAQ on the GRC site and then examined my firewall which identified Skype as "listening" to ports 80 and 443. I exited Skype and ran the "Shields Up" tests again and, bingo, everything in stealth mode. Ergo, Skype must be able to open these ports, too. Is there any risk that whilst I'm logged on to Skype, something malicious could get through?

You're a star!

Scouse.

Link to comment
Share on other sites

WoW - that was fast. (You must be a natural IT Specialist.)

I wouldn't worry while you actively using Skype. When not in use, either exit Skype or if you firewall permits, block it from accessing the internet.

Glad you found a fast fix.

cheers

waldwolf

Link to comment
Share on other sites

For incomming they shouldnt be open unless you are hosting a web site.

Port 80 is for HTTP access unsecure

Port 443 is for HTTPS access to a web, secure

outbound is all you need for bworsing not inbound.

NEw RFC? CAn you quote it?

Sorry to ask, but as member of IETF (www.ietf.org), I supposed I would have communication of something like that (maybe need my approval also!). So please enlight me, enlight the other readers, and eventually enlight the organisation who maintain the net (it can be great if our documentation is up to date, it is not?).

Anyway, and according to what bazmlb said) until a very recent time, 80 is for listening communication from an HTTP server, 8080 doing the same for a secure server (namely the HTTPS protocol) , 443 is a non reserved port that can be used by any application (80 and 8080 are reserved port, it mean they can not be used for any other purpose)

In oyur case, it was simply skype.

Something malicious? No, there is no more risk that those you have while having a HTTP page open in your favorite browser for hours. Gettin something is not dangerous, what is dangerous is EXECUTING something (by analogy, having a gun is not dangerous, but put the trigger is deadly dangerous).

Link to comment
Share on other sites

Anyway, and according to what bazmlb said) until a very recent time, 80 is for listening communication from an HTTP server, 8080 doing the same for a secure server (namely the HTTPS protocol) , 443 is a non reserved port that can be used by any application (80 and 8080 are reserved port, it mean they can not be used for any other purpose)

List of standard port assignments can be found here http://www.iana.org/assignments/port-numbers

8080 is often used for caching proxy servers and as an http (80) alternate port. Never seen it used for https and all the servers I've set up for https use 443

Example use of alternate - www.testing.com:8080 and often will see this type of link.

Link to comment
Share on other sites

(maybe need my approval also!). So please enlight me, enlight the other readers, and eventually enlight the organisation who maintain the net (it can be great if our documentation is up to date, it is not?).

8080 is not used for https. There you go sting01, how does if feel to be enlightened. I fear for the Transport layer if you have a say in it. :o

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...