Hello,



From the Shields Up test at www.grc.com I have learned that my computer has
an open port 80 and 554. An open port 80 means that my computer acts as a
server and is therefore vulnerable. What is the function of port 554?

I have installed ZoneAlarm (free), security settings high, in the tab
"Program Control" server functions of all programs disabled. Norton
Antivirus 2004 doesn't detects anything wrong (but has in the past blocked
Adware.Iefeats and a dialer). Ad-aware SE from Lavasoft does not detect any
spyware. As far as I know I don't  share printers in a network.



If I'm not mistaken port 80 should be open for outgoing traffic (otherwise I
wouldn't be able to surf on the internet). Correct me if I'm wrong, but port
80 should be closed for incoming traffic. I don't want to run a server or
open my computer for hack attempts.



Does anybody know how to close port 80 or find out which program or anything
else is keeping port 80 and 554 open? Why is this question asked so often,
isn't there a site which deals with the problems of port 80 in some depth.
The answers I find on the internet don't go much further than "you should
try to find which program/virus/service is keeping port 80 open". Yes, but
how? Aren't there sites which offer more concrete advice?





Richard

The Netherlands

[ Post a follow-up to this message ]

Richard wrote:

> From the Shields Up test at www.grc.com I have learned that my computer ha
s
> an open port 80 and 554. An open port 80 means that my computer acts as a
> server and is therefore vulnerable. What is the function of port 554?

Port 554 is typically used to serve streaming multimedia content, such as
Real or Quicktime.

> Does anybody know how to close port 80

If you don't run anything on that port, it would be closed by definition.
For added security, use a real firewall.

Thor

--
http://www.anta.net/

[ Post a follow-up to this message ]

Richard wrote:

> Hello,
>
>
>
> From the Shields Up test at www.grc.com I have learned that my computer ha
s
> an open port 80 and 554. An open port 80 means that my computer acts as a
> server and is therefore vulnerable. What is the function of port 554?

Got a router? Could be the web configuration interface exposed to the
outside world.

Which operating system are you running?

Do you have a web server running on your system?

>
> I have installed ZoneAlarm (free), security settings high, in the tab
> "Program Control" server functions of all programs disabled. Norton
> Antivirus 2004 doesn't detects anything wrong (but has in the past blocked
> Adware.Iefeats and a dialer). Ad-aware SE from Lavasoft does not detect an
y
> spyware. As far as I know I don't  share printers in a network.

Anti virus software won't detect open ports.

> If I'm not mistaken port 80 should be open for outgoing traffic (otherwise
 I
> wouldn't be able to surf on the internet). Correct me if I'm wrong, but po
rt
> 80 should be closed for incoming traffic. I don't want to run a server or
> open my computer for hack attempts.

What operating system are you running?

> Does anybody know how to close port 80 or find out which program or anything[/vbco
l]
Stop the service/program providing port 80. What operating system are
you running?
[vbcol=seagreen]
> else is keeping port 80 and 554 open? Why is this question asked so often,
> isn't there a site which deals with the problems of port 80 in some depth.
Nope because any program that provides a service can run on port 80. I
could run my mail server on port 80 if I wanted to.

> The answers I find on the internet don't go much further than "you should
> try to find which program/virus/service is keeping port 80 open". Yes, but
> how? Aren't there sites which offer more concrete advice?

The answer is correct. How depends on which operating system you are
running.

[ Post a follow-up to this message ]

I'm running Windows XP with service pack 1.
Should I look forward to service pack 2?

Can't still understand what (if there is really something) makes my computer
act as a server. Couldn't it just be a flaw in the operating system (windows
XP)?
Oh yes, I've also disabled the Messenger Service.


Richard
The Netherlands

"Mike" <info@michaelmoyse.co.uk> schreef in bericht
news:cfnl7h$kuf$1@thorium.cix.co.uk...
> Richard wrote:
> 
has[vbcol=seagreen] 
a[vbcol=seagreen] 
>
> Got a router? Could be the web configuration interface exposed to the
> outside world.
>
> Which operating system are you running?
>
> Do you have a web server running on your system?
> 
blocked[vbcol=seagreen] 
any[vbcol=seagreen] 
>
> Anti virus software won't detect open ports.
> 
(otherwise I[vbcol=seagreen] 
port[vbcol=seagreen] 
or[vbcol=seagreen] 
>
> What operating system are you running?
> 
anything[vbcol=seagreen]
> Stop the service/program providing port 80. What operating system are
> you running?
> 
often,[vbcol=seagreen] 
depth.[vbcol=seagreen]
> Nope because any program that provides a service can run on port 80. I
> could run my mail server on port 80 if I wanted to.
> 
should[vbcol=seagreen] 
but[vbcol=seagreen] 
>
> The answer is correct. How depends on which operating system you are
> running.

[ Post a follow-up to this message ]

"Richard" <whyshouldi@hetnet.nl> wrote in message
news:cfn9n4$mnj$1@reader10.wxs.nl...
> Hello,
>
> From the Shields Up test at www.grc.com I have learned that my computer
> has
> an open port 80 and 554. An open port 80 means that my computer acts as a
> server and is therefore vulnerable. What is the function of port 554?
>
> I have installed ZoneAlarm (free), security settings high, in the tab
> "Program Control" server functions of all programs disabled. Norton
> Antivirus 2004 doesn't detects anything wrong (but has in the past blocked
> Adware.Iefeats and a dialer). Ad-aware SE from Lavasoft does not detect
> any
> spyware. As far as I know I don't  share printers in a network.
>
> If I'm not mistaken port 80 should be open for outgoing traffic (otherwise
> I
> wouldn't be able to surf on the internet). Correct me if I'm wrong, but
> port
> 80 should be closed for incoming traffic. I don't want to run a server or
> open my computer for hack attempts.
>
> Does anybody know how to close port 80 or find out which program or
> anything
> else is keeping port 80 and 554 open? Why is this question asked so often,
> isn't there a site which deals with the problems of port 80 in some depth.
> The answers I find on the internet don't go much further than "you should
> try to find which program/virus/service is keeping port 80 open". Yes, but
> how? Aren't there sites which offer more concrete advice?
>

TCP port 80 is commonly associated with hosting a webserver via HTTP.
TCP port 554 is commonly associated with receiving audio/video using
RealOne, RealPlayer and QuickTime via RTSP.

If your PC is connected by using PPPoeE and a cable modem you will want to
examine your PC for open ports.  If however your PC is connected by means of
a DSL router which in turn connects to the cable modem, then you will want
to check both your PC and the DSL router itself for open ports.

To check your Windows XP (SP2) system for open (listening) ports, click
Start | Run, type the following line and press Enter.

cmd /c NETSTAT -ABNOP TCP >c:\netstat.txt

To review the results open the 'c:\netstat.txt' file with Notepad.  Next
look at what's under the LOCAL column for an instance of ":80".  If you see
such an entry the REMOTE column for that specific row will no doubt indicate
LISTENING.  This means that the PC is either hosting a webserver *or* the PC
is hosting something else (probably a trojan) on TCP port 80.  To determine
which is it look at the executable name in brackets.

For myself I am hosting a webserver and so the results of running NETSTAT
reflect:

TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       1228
[inetinfo.exe]

To check your DSL router look at its configuration and ensure that the
ability to administer it is not being allowed to the WAN (Internet) side.
If I remember correctly I believe LinkSys DSL routers specifically refer to
this as allowing 'Remote Administration'.

Best of luck...

--
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your Security
on the Internet".

[ Post a follow-up to this message ]

Richard wrote:

> From the Shields Up test at www.grc.com I have learned that my computer ha
s
> an open port 80 and 554. An open port 80 means that my computer acts as a
> server and is therefore vulnerable. What is the function of port 554?

Port 554 is typically used to serve streaming multimedia content, such as
Real or Quicktime.

> Does anybody know how to close port 80

If you don't run anything on that port, it would be closed by definition.
For added security, use a real firewall.

Thor

--
http://www.anta.net/

[ Post a follow-up to this message ]

I'm running Windows XP with service pack 1.
Should I look forward to service pack 2?

Can't still understand what (if there is really something) makes my computer
act as a server. Couldn't it just be a flaw in the operating system (windows
XP)?
Oh yes, I've also disabled the Messenger Service.


Richard
The Netherlands

"Mike" <info@michaelmoyse.co.uk> schreef in bericht
news:cfnl7h$kuf$1@thorium.cix.co.uk...
> Richard wrote:
> 
has[vbcol=seagreen] 
a[vbcol=seagreen] 
>
> Got a router? Could be the web configuration interface exposed to the
> outside world.
>
> Which operating system are you running?
>
> Do you have a web server running on your system?
> 
blocked[vbcol=seagreen] 
any[vbcol=seagreen] 
>
> Anti virus software won't detect open ports.
> 
(otherwise I[vbcol=seagreen] 
port[vbcol=seagreen] 
or[vbcol=seagreen] 
>
> What operating system are you running?
> 
anything[vbcol=seagreen]
> Stop the service/program providing port 80. What operating system are
> you running?
> 
often,[vbcol=seagreen] 
depth.[vbcol=seagreen]
> Nope because any program that provides a service can run on port 80. I
> could run my mail server on port 80 if I wanted to.
> 
should[vbcol=seagreen] 
but[vbcol=seagreen] 
>
> The answer is correct. How depends on which operating system you are
> running.

[ Post a follow-up to this message ]