Port 80 and 443: closed, open or Stealth?

Status
Not open for further replies.
S

Sr. Normal

Thread author
Hello friends

On page: https://www.grc.com/x/ne.dll?bh0bkyd2 perform safety testing your firewall. It is recommended that all ports in stealth, but I have 80 and 443 closed, which seems to be unsafe.

What do you think ?. Is it safe to be closed or is it better to be stealth?

How can I put them in the windows firewall in stealth mode ?, or, it will another firewall necessary?

Thank you in advance for your help
 
H

hjlbx

Thread author
Sr. Normal said:
Hello friends

On page: https://www.grc.com/x/ne.dll?bh0bkyd2 perform safety testing your firewall. It is recommended that all ports in stealth, but I have 80 and 443 closed, which seems to be unsafe.

What do you think ?. Is it safe to be closed or is it better to be stealth?

How can I put them in the windows firewall in stealth mode ?, or, it will another firewall necessary?

Thank you in advance for your help
Click to expand...

Hello Sr Normal,

Use stealth if possible...it is better.

However, if you are using a cable/DSL or NAT router then the Shields UP! tests are very likely to be erroneous plus, using a NAT, your system is protected against probes/penetrations as the router employs stateful packet monitoring (Google for explanation). In that case all you really need from a security perspective is a means to monitor outbound connections.

If your system sits behind a router then it can be accurately tested by using another system and a LAN...or you can setup port forwarding on your system (Unless you are advanced user then don't...it is needless plus you can break your internet connection by messing about with the router configuration).

You can check if you are behind a NAT router by Run cmd.exe and then type "ipconfig" without quotation marks and hit enter. If the Default Gateway/IP address (typically IPv4) begins with 192.168. then you likely are using a NAT router.

I have NAT and use EIS' firewall only to monitor outbound connections.

Hope this answers your questions.
 
Last edited by a moderator:
  • Like
Reactions: marzametal, Sr. Normal and viktik
viktik

viktik

Level 25
Verified
Well-known
Sep 17, 2013
1,492
many times home computers connecting to internet is behind NAT and is not directly reachable from internet. Since your home computer is not directly reachable from internet, no one can do a port scan on your computer from internet.


Network_Address_Translation_%28file1%29.jpg


In this case when you try to test the firewall using some web service , the test will be done on your ISP router/NAT device and not on your home computer.

So the firewall of router/NAT device with ip address 145.12.131.7 will be tested

Example : here is pcfank advanced port scanner test result . I am behind NAT . so this is not testing my computer firewall. It is showing result of my ISP port scan. All post is stealthed , except port 80 . Port 80 is for web services . I don't have any website server in my computer. It is my ISP which is running web services
NAT DETECTION_03-03-2015_02-46-17.jpg


Check the ip address assigned to your adapter .
If it is between these range then you are Behind NAT

  • 192.168.0.0 - 192.168.255.255
  • 172.16.0.0 - 172.31.255.255
  • 10.0.0.0 - 10.255.255.255


NAT DETECTION_03-03-2015_02-11-03.jpg


NAT DETECTION_03-03-2015_02-11-28.jpg




More info : https://www.grc.com/nat/nat.htm
 
Last edited:
  • Like
Reactions: silversurfer and Sr. Normal
S

Sr. Normal

Thread author
The two explanations are very good :) ... and very reassuring. ;)

I actually have the IP 192.168, which as I have described is NAT. I thought I could have an infection on your computer, or just a bad configuration.

Thank you very much to you, both for your help is greatly appreciated. :) @viktik i do not need know English to understand you. Perfect. :)
 
marzametal

marzametal

Level 7
Verified
Jun 10, 2014
316
hjlbx said:
However, if you are using a cable/DSL or NAT router then the Shields UP! tests are very likely to be erroneous plus, using a NAT, your system is protected against probes/penetrations as the router employs stateful packet monitoring (Google for explanation). In that case all you really need from a security perspective is a means to monitor outbound connections.

I have NAT and use EIS' firewall only to monitor outbound connections.
Click to expand...
Thanks for the explanation, was a bit worried when I saw open ports. I was about to create a rule in W7F, adding all open ports to the rule and whatever happens happens.. lucky I read your post twice! W7F + use Windows Firewall Control to monitor outbound. Peerblock also helps.

EDIT: I might have to bring this topic up with my VPN. I ran the test while on my ISP connection, and I got all green. I connected to VPN, and received mixed results.
 
Last edited:
  • Like
Reactions: Sr. Normal
Status
Not open for further replies.

Similar threads

ErzCrz
    • Like
Question Comodo Firewall rules for Edge?
Replies
2
Views
835
Comodo
ErzCrz
ErzCrz
Ink
    • Like
    • Applause
    • Wow
New Update mullvad VPN to remove and end Port Forwarding support from July 2023
Replies
1
Views
555
VPN and DNS
Jonny Quest
Jonny Quest
Victor M
    • Like
OpenEDR - anti-hacker and anti-malware tool
Replies
26
Views
1,628
Other security for Windows, Mac, Linux
Shadowra
Shadowra

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top