 |
 |
Worried about my ports scan results
|
|
|
|
|
Junior Member
Join Date: Jul 2006
Status:
Offline
|
|
Hi,
I have scanned my ports using GRC.com's ShieldsUp utility and the results worry me; ports 22 (SSH) and 80 (HTTP) are open, most of the others are closed and only a small percentage are "stealth".
My firewall settings are "Set access for specific services and applications" and Stealth mode is checked.
Should I be concerned about those results and if so, how could I remedy this situation?
OS-X 10.5.8
Linksys wrt310n router
Thanks,
Gene
|
|
|
| |
|
|
|
|
|
|
|
Moderator  Join Date: Dec 2000
Location: Polwaristan
Status:
Offline
|
|
80 needs to be open for web (http) traffic.
22 is the port used for secure shell, a way of securely logging in to remote Unix, Linux and OS X computers.
Do you use ssh? Check System Preferences > Sharing. If Remote Login is on, you use it (or someone turned it on).
|
|
|
| |
|
|
|
|
|
|
|
Junior Member
Join Date: Jul 2006
Status:
Offline
|
|
Thanks for the quick reply. Cold Warrior.
The only thing checked in Sharing is "Printer Sharing" and Remote Login is off, could it be one of the applications I set access to (Cyberduck, Transmission or Adium)?
Can I assume that I can safely access online banking with those ports open?
Cheers,
Gene
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Originally Posted by Cold Warrior 
80 needs to be open for web (http) traffic.
Why would you need port 80 open if you are just surfing the internet, but not doing Websharing ?
-t
|
|
|
| |
|
|
|
|
|
|
|
Moderator Join Date: Dec 2000
Location: Polwaristan
Status:
Offline
|
|
The IANA defines port 80 as www http. Blocking it would break stuff.
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Cold Warrior
The IANA defines port 80 as www http. Blocking it would break stuff.
Only if outbound port 80 was blocked, but the OS X firewall (like most firewalls) address inbound traffic, and generally permit all outbound traffic.
Original poster, I would consider the output of "netstat" are being far more definitive, and in this case it will also provide more information about what addresses are allowed to connect to these ports, what current connections are open, etc.
In your terminal try a:
netstat -a
The first several lines that start with "tcp4" are the ones relevant to you. You can confirm that a port is open and responding to connections by telnetting to it:
telnet localhost 22
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Originally Posted by besson3c
Only if outbound port 80 was blocked, but the OS X firewall (like most firewalls) address inbound traffic, and generally permit all outbound traffic.
Yes, that's my understanding of the OS X Firewall settings as well.
AFAIK, outbound traffic is *NEVER* blocked by the OS X default firewall.
-t
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
You also need to specify whether you are talking about permitting TCP, UDP ports, ICMP packets, etc. Simply saying "block/allow port 80" doesn't actually mean anything.
ICMP = for sending error messages such as a ping requests
TCP = request expects some sort of response, e.g. an HTTP, FTP, SSH, telnet, etc. connection
UDP = request does not respond, sort of like shouting at somebody and not knowing if you've been heard (e.g. DHCP, SNMP)
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
