View Full Version : port 80 open
Unregistered
01-03-2005, 02:53 PM
how do i close Port 80?
Please keep the answer simple.
I have a client machine that needs it and the os is windows xp
Unregistered
01-04-2005, 07:24 AM
Originally posted by Unregistered
how do i close Port 80?
Please keep the answer simple.
I have a client machine that needs it and the os is windows xp
Port 80 is not open on your PC. Port 80 is open on the http server that you are seeking.
when you connect to an outside http server a tcp connection will be established between your PC on a randon port (*400, *40*...) and the port 80 of the http server.
In the event that you have an http server running on your PC and using the standard port 80, I do not see any reason why to close it! you better shut down your sever!
If however port 80 is open on your PC in a malicious manner, it means that somehow you have a backdoor trojan using port 80.
this is a different issue that requires a virus/trojan scan and some talented technician to rectify the situation.
shestakovicz
Unregistered
01-04-2005, 12:59 PM
Sorry i made a mistake in asking the question. The question is how do I close Port 80 on my client machine as it may be subjected to any unnecessary intrusions. My client machine is using windows xp and my router is SMC7004VMBR
Unregistered
01-05-2005, 04:39 AM
Uhhh...That router acts as a firewall. Firewalls are built to block traffic on specific commonly used ports. Such as 80, 25, 44*, **0, and 20 and 2*. If you want to ENABLE traffic on these ports, what you would want to do is to go into your router interface and turn on UPnP forwarding for port 80, and specify the internal IP you wish to setup as your web server.
Simply. Port 80 is most likely blocked already from incoming web traffic. If it wasn't...the internet would be pretty fin slow.
Unregistered
01-05-2005, 10:43 AM
When I run the test of checking the status of ports, it tells me that port 80 is open!
satarul
01-11-2005, 08:17 AM
you have two options:
*. if you have sp2 installed on your winxp box, then giving option -b to netstat will be usefull to you. get the pid of the process that opens port http, then kill it.
let me rephrase that. open cmd, then type:
C:\>netstat -nab
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 666
[5*rv*ngMyM4st*r.exe]
C:\>tskill 666
C:\>exit
2. install and run a firewall. block incoming traffic on port http.
Unregistered
01-14-2005, 07:49 AM
satarul-
I'm having problems with a scan telling me port 80 is open, too. My computer isn't networked, so it's not a router or anything, nor is it a web server.
I tried to follow your advice to the first "Unregistered" user, but mine says LISTENING *048... does that mean i put "tskill *048" in the part later on...? I have no idea what these numbers mean!
I think the only reason my port 80 is open is that a virus or something attacked Norton on my PC, and now it's been left exposed... do you know of any way to protect it temporarily whilst I try to fix Norton?
Thanks.
satarul
01-14-2005, 10:12 AM
what does "my computer isn't networked" mean?... do you mean by that that it does not connect a local network to the internet (i assume that's why you say it's not a router)? or you are not in a network, you haven't got a network cable connected to your pc? because if that is the case, simply forget about your pc listening on that port, it's untouchable :)
anyway you guessed right, that number (666 was fictive) needs to be replaced by the pid of the annoying application opening the port your pc listens. and that "servingmy******.exe" is the name of the application that opens the port.
if you run netstat with -nab options, it gives you this:
netstat = the status of the network connections in/out
n = numeric format (runs quicker then without). you could forget this option, instead of ip's you'll get hostnames (where they can be resolved) and for example instead of port ":2*", you'll get ":telnet". port http is port 80. i'm not sure you got that.
a = all
b = return also the pid (process id - that is the *048 you got there) and application name
so now you have all the information you need. "tskill [pid]" kills the application you don't want running on your pc. as simple as that.
hope i you get that trojan (that is my guess). but might find something like yahoo messenger listening on that port too. look at the application's name before killing it.
satarul
01-14-2005, 10:16 AM
and if you really thik there's something fishy going on in your pc, but your antivir / firewall don't protect you, try http://housecall.trendmicro.com/housecall/start_corp.asp - scan yourself online with a really good antivirus.
Unregistered
01-15-2005, 03:04 PM
Followed all the instructions and when checked with grc.com, it still confirmed that port 80 is open!
Unregistered
01-16-2005, 07:35 PM
i understand that you connect to the internet through a router. most probably you are in a LAN that connects through the same router. if you don't have a public ipon your pc but only on the router, then the online tests that you do tells about port 80 opened on the router, not your machine. that port is opened so that someone in your LAN can run a web server. ask fellows in your LAN about that, you might figure it out.
Powered by vBulletin® Version 4.1.8 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.