Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Using Shields up in both IE and Chrome

26 Nov 2014   #11
Tookeri

Windows 7 Pro 32
 
 

Ok, well my advice is to verify in your router settings that:
- UPnP is disabled
- Remote Management is disabled
- there are no port forward or port triggerings
- the SPI firewall is enabled (if the router has one)
- you have changed the default password that came with the router

If you do this, nothing should be open to the outside.

I see you have a great anti-virus, or hopefully the Internet Security product. Probably SAFE through your ISP. Same as me. It uses Windows Firewall + adds an extra protection for downloaded files.

Anyway, if this happened to me and I couldn't find out why or solve it, I'd stop using Chrome.


My System SpecsSystem Spec
.
27 Nov 2014   #12
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Stealth Port 443

Well I'm not too sure in this one but here are my thoughts.

Running Shields Up! scan shows no problems.

Running PC Flank's port scanner shows all ports stealthed. Scanning Port 443 shows stealthed.

Running the following from an Elevated Command Prompt:

netstat -a -n -o | findstr 443

shows Opera.exe PID 784 listening on Port 443 but only when it's using a secure (https) connection. If I close the tab with the secure connection - nothing shows up for Port 443.

In any case Port 443 is always stealthed. I don't use Chrome but do use Aviator (Chromium Based)

As soon as I run Aviator I can see it's using PORT 443 but Aviator is configured to always use secure connections when available.

Ran a Shields Up! scan using Aviator and all ports including 443 show stealthed. I can't test Chrome and I won't use it so sorry about that.

The only suggestion that I can come up with is to use a better firewall. Your systems specs don't state which firewall you're using currently.
My System SpecsSystem Spec
27 Nov 2014   #13
Tookeri

Windows 7 Pro 32
 
 
Firewalls, routers and inbound/outbound connections

The specs says ISP F-Secure as anti-virus which means the AV works together with Windows Firewall. I use it too.

Anyway, my point in all of this is that if you're behind a router that hasn't opened anything to the outside, then it shouldn't matter what ports are open on the computer or how the computers firewall is configured. The router should block everything coming from the outside, in firewall terms called inbound connections. This way the router will protect all devices on the LAN(local area network).

The opposite of an inbound connection is outbound connection, meaning when your computer was the device who initialized the connection to the outside. This means basically every connection made from the computer: browsing, email, programs connecting and checking for updates etc. The router uses NAT - Network Address Translation to keep track of which device on the LAN should receive the reply.

If you use your browser to go to a website you create an outbound connection and the router waits for the reply. The reply is not an inbound connection, it's a reply to the outbound.
But when you use ShieldsUp it's not the same because only the reply in the browser is a reply from the outbound connection, while the actual ShieldsUp test is triggered from different IPs, otherwise the test wouldn't work. It needs to test connections from an IP that you're not already connected with in the browser. Therefor making it inbound connections to your router.
This is mentioned at the top of ShieldsUp page: you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207

Or to put it this way:
  • For an outbound connection your computer knows who or what will respond to it, because it requested a specific resource on the Internet, an IP and port.
  • While an inbound connection can be triggered by anything on the Internet

Hope that helps someone
My System SpecsSystem Spec
.

27 Nov 2014   #14
grouser

Windows 7 Home Premium 32bit.
 
 

Quote   Quote: Originally Posted by Tookeri View Post
The specs says ISP F-Secure as anti-virus which means the AV works together with Windows Firewall. I use it too.

Anyway, my point in all of this is that if you're behind a router that hasn't opened anything to the outside, then it shouldn't matter what ports are open on the computer or how the computers firewall is configured. The router should block everything coming from the outside, in firewall terms called inbound connections. This way the router will protect all devices on the LAN(local area network).

The opposite of an inbound connection is outbound connection, meaning when your computer was the device who initialized the connection to the outside. This means basically every connection made from the computer: browsing, email, programs connecting and checking for updates etc. The router uses NAT - Network Address Translation to keep track of which device on the LAN should receive the reply.

If you use your browser to go to a website you create an outbound connection and the router waits for the reply. The reply is not an inbound connection, it's a reply to the outbound.
But when you use ShieldsUp it's not the same because only the reply in the browser is a reply from the outbound connection, while the actual ShieldsUp test is triggered from different IPs, otherwise the test wouldn't work. It needs to test connections from an IP that you're not already connected with in the browser. Therefor making it inbound connections to your router.
This is mentioned at the top of ShieldsUp page: you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207

Or to put it this way:
  • For an outbound connection your computer knows who or what will respond to it, because it requested a specific resource on the Internet, an IP and port.
  • While an inbound connection can be triggered by anything on the Internet

Hope that helps someone
Well over night Google have updated their chrome browser which I allowed on my computer,then I ran a shields up test and all ports are now in stealth mode,I shall keep an eye on this for a while and hope that it is sorted if not I shall be reverting back to IE,thanks for your help Tookeri..
My System SpecsSystem Spec
27 Nov 2014   #15
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Firewall disabled - ports stealthed

Thanks for the info Tookeri. I'd never tried this before but disabling my firewall (computer firewall - not router firewall) and doing the Shields Up! and PC Flank tests still shows all ports stealthed.
My System SpecsSystem Spec
27 Nov 2014   #16
Tookeri

Windows 7 Pro 32
 
 

Great, but it still doesn't explain it. As I tried to explain in my previous post nothing should be opened in the router no matter what programs you run on the PC.

The only mechanism I'm aware of that can open ports "when needed by devices and apps" in the router is UPnP - Universal Plug and Play. That's why I recommended you to verify that it's disabled. But UPnP ports are usually higher ports and not 443.

What happens if I disable UPnP on my router?
What happens is that it will not be possible anymore to let applications change firewall settings on the router anymore through UPnP.
Source: UPnP Hacks: Frequently Asked Questions
My System SpecsSystem Spec
27 Nov 2014   #17
Tookeri

Windows 7 Pro 32
 
 

Quote   Quote: Originally Posted by Callender View Post
Thanks for the info Tookeri. I'd never tried this before but disabling my firewall (computer firewall - not router firewall) and doing the Shields Up! and PC Flank tests still shows all ports stealthed.
That's the way it should be
My System SpecsSystem Spec
27 Nov 2014   #18
Tookeri

Windows 7 Pro 32
 
 

People who don't use a router or other hardware firewalls or similar are of course not as protected. If I check my router log I see attack attempts all the time. Anything connected to the Internet, the router in this case, will be a target for all bad guys doing random IP range attacks, usually thousands or even hundreds of thousands at a time.
My System SpecsSystem Spec
Reply

 Using Shields up in both IE and Chrome




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Some shields cannot be turned on in Avast
File System Shield, IM Shield Off, and P2P Shield Off can not turn on. I tried enabling it, but it didn't work. Any ideas?
System Security
I would like to use shields up to check ports for closure.
I was wondering how to close my incoming ports, all of them. I setup a profile threw windows firewall to close all ports through a profile to make it more secure. I thought after that I could disable the firewall to see if it worked and dial up shields up. I'm using MSE, and Windows Firewall. I...
System Security
Avast Web And Mail Shields
I just installed Avast Free AV, considering it as a replacement for Outpost Security Suite, which I have been having problems with. However, once installed, my browser (Opera) was not able to display web pages, until I disabled the Web Shield. While typing this, I also found that the same...
System Security
Avast custom install - what are the shields?
I am doing a custom install because I don't want it installing things I don't need and I want to keep things simple I don't know what all the options mean so I don't know what to un-tick in some cases. Here is where I am up to... Web rep - unticked Avast gadget - unticked File shield -...
System Security
Shields on Icons ?
Sudden appearance of Run as Admin type shields on many icons - any ideas? Malware scans - Avast, Windows Defender, A-squared, MSRT, F-Secure blacklight - Malwarebytes - all clean. Uploaded a couple of the files with shields on to Virus Total - clean.
System Security
Windows7 UAC -Shortcut shields
Hi All, Can any one suggest me the behaviour of UAC shield in desktop shortcut. Suppose if i set UAC as "Always notify" should all desktop icons have that shield ? and also if i set UAC as "Never notify" should all desktop icons should be without shield ? I will be thankful if anyone help...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:33.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App