Ports 80 and 443 Open?

[Kimbo]

After upgrading to cable from dialup access, I did a Shields UP scan and found ports 80 and 443 open. Previous scans on dialup were always completely stealthed. I've been researching until my head is about to explode and I can't understand most of what I'm reading about blocking ports!

I'm running XP Pro SP2 fully updated with free Sygate Personal Firewall, and the Sygate security scan also shows those 2 ports open. From what I've been reading they are open because of my "web server", which I had no idea I even possessed! Why do I need a web server anyway???

Do those ports need to be open for the cable access to work? If not, would someone please explain in very simple terms how to stealth them?

Thanks for any help!
Kimbo

[laylow]

I would hit alt-ctrl-delete and see which applications are running during the scan.
If any besides your web browser are running, go to Sygate and see if they are allowed under the access column in the applications window.

[paul9]

80/tcp: HTTP (HyperText Transfer Protocol) - used for transferring web pages
443/tcp: HTTPS - HTTP over SSL (encrypted transmission)
http://www.answers.com/topic/list-of-well-known-ports

[Kimbo]

Thanks to both of you for the responses! I checked running processes and also the allowed applications list in Sygate, blocking each in turn and running another Shields Up scan until I found the culprit. Turns out it's Skype that was using those ports.

Under Skype Options, Connection, I found this:
Use port 1372 for incoming connections (port set during Skype installation and unchangeable)
Use port 80 and 443 as alternatives for incoming connections with a checked box
I unchecked that box and now my scans come up totally stealthed.

Again, appreciate the input very much!
Kimbo

[RBaker456@adelph]

Ports 80 and 443 are for HTTP (web) and HTTPS (Secure http). Leave them open.

[KarmaKiller]

And skype does open up ports. It did the same on my system. Mainly because the VOIP options with Skype.
IMO, you have nothing to worry about...

[JayMan]

Quote:

Originally Posted by RBaker456@adelph

Ports 80 and 443 are for HTTP (web) and HTTPS (Secure http). Leave them open.

Those are the 'listening' ports... So have no effect (on your side) when you browse a website... Its only on the server hosting the page that they are needed to be open.

From a command prompt type 'netstat -n', and that'll show you connect to a websites (forgein address) port 80 from a random port on your side (local address).

JayMan

[Keymaker]

Unless you are running some server or a software that has those open, they shouldn't be open.

Look at mine for example. You may want to see what all you have starting up there. After installing go to the control panel, it will be there.

You may want to run hijackThis.

[vass0922]

Quote:

Originally Posted by JayMan

Those are the 'listening' ports... So have no effect (on your side) when you browse a website... Its only on the server hosting the page that they are needed to be open.

From a command prompt type 'netstat -n', and that'll show you connect to a websites (forgein address) port 80 from a random port on your side (local address).

JayMan

While I agree it wont affect your web browsing, dont forget 80 and 443 are the first priority for port scanners to look for exploits

[Sixpac_XP]

If you have IIS running on your XP box.. then uninstall it if you don't need it.