Using Shields up in both IE and Chrome

Page 2 of 2 FirstFirst 12

  1. Posts : 1,049
    Windows 7 Pro 32
       #11

    Ok, well my advice is to verify in your router settings that:
    - UPnP is disabled
    - Remote Management is disabled
    - there are no port forward or port triggerings
    - the SPI firewall is enabled (if the router has one)
    - you have changed the default password that came with the router

    If you do this, nothing should be open to the outside.

    I see you have a great anti-virus, or hopefully the Internet Security product. Probably SAFE through your ISP. Same as me. It uses Windows Firewall + adds an extra protection for downloaded files.

    Anyway, if this happened to me and I couldn't find out why or solve it, I'd stop using Chrome.
      My Computer


  2. Posts : 4,776
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       #12

    Stealth Port 443


    Well I'm not too sure in this one but here are my thoughts.

    Running Shields Up! scan shows no problems.

    Running PC Flank's port scanner shows all ports stealthed. Scanning Port 443 shows stealthed.

    Running the following from an Elevated Command Prompt:

    netstat -a -n -o | findstr 443

    shows Opera.exe PID 784 listening on Port 443 but only when it's using a secure (https) connection. If I close the tab with the secure connection - nothing shows up for Port 443.

    In any case Port 443 is always stealthed. I don't use Chrome but do use Aviator (Chromium Based)

    As soon as I run Aviator I can see it's using PORT 443 but Aviator is configured to always use secure connections when available.

    Ran a Shields Up! scan using Aviator and all ports including 443 show stealthed. I can't test Chrome and I won't use it so sorry about that.

    The only suggestion that I can come up with is to use a better firewall. Your systems specs don't state which firewall you're using currently.
    Last edited by Callender; 18 Nov 2016 at 14:29. Reason: remove link
      My Computer


  3. Posts : 1,049
    Windows 7 Pro 32
       #13

    Firewalls, routers and inbound/outbound connections


    The specs says ISP F-Secure as anti-virus which means the AV works together with Windows Firewall. I use it too.

    Anyway, my point in all of this is that if you're behind a router that hasn't opened anything to the outside, then it shouldn't matter what ports are open on the computer or how the computers firewall is configured. The router should block everything coming from the outside, in firewall terms called inbound connections. This way the router will protect all devices on the LAN(local area network).

    The opposite of an inbound connection is outbound connection, meaning when your computer was the device who initialized the connection to the outside. This means basically every connection made from the computer: browsing, email, programs connecting and checking for updates etc. The router uses NAT - Network Address Translation to keep track of which device on the LAN should receive the reply.

    If you use your browser to go to a website you create an outbound connection and the router waits for the reply. The reply is not an inbound connection, it's a reply to the outbound.
    But when you use ShieldsUp it's not the same because only the reply in the browser is a reply from the outbound connection, while the actual ShieldsUp test is triggered from different IPs, otherwise the test wouldn't work. It needs to test connections from an IP that you're not already connected with in the browser. Therefor making it inbound connections to your router.
    This is mentioned at the top of ShieldsUp page: you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207

    Or to put it this way:

    • For an outbound connection your computer knows who or what will respond to it, because it requested a specific resource on the Internet, an IP and port.
    • While an inbound connection can be triggered by anything on the Internet


    Hope that helps someone :)
      My Computer


  4. Posts : 7
    Windows 7 Home Premium 32bit.
    Thread Starter
       #14

    Tookeri said:
    The specs says ISP F-Secure as anti-virus which means the AV works together with Windows Firewall. I use it too.

    Anyway, my point in all of this is that if you're behind a router that hasn't opened anything to the outside, then it shouldn't matter what ports are open on the computer or how the computers firewall is configured. The router should block everything coming from the outside, in firewall terms called inbound connections. This way the router will protect all devices on the LAN(local area network).

    The opposite of an inbound connection is outbound connection, meaning when your computer was the device who initialized the connection to the outside. This means basically every connection made from the computer: browsing, email, programs connecting and checking for updates etc. The router uses NAT - Network Address Translation to keep track of which device on the LAN should receive the reply.

    If you use your browser to go to a website you create an outbound connection and the router waits for the reply. The reply is not an inbound connection, it's a reply to the outbound.
    But when you use ShieldsUp it's not the same because only the reply in the browser is a reply from the outbound connection, while the actual ShieldsUp test is triggered from different IPs, otherwise the test wouldn't work. It needs to test connections from an IP that you're not already connected with in the browser. Therefor making it inbound connections to your router.
    This is mentioned at the top of ShieldsUp page: you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207

    Or to put it this way:

    • For an outbound connection your computer knows who or what will respond to it, because it requested a specific resource on the Internet, an IP and port.
    • While an inbound connection can be triggered by anything on the Internet


    Hope that helps someone :)
    Well over night Google have updated their chrome browser which I allowed on my computer,then I ran a shields up test and all ports are now in stealth mode,I shall keep an eye on this for a while and hope that it is sorted if not I shall be reverting back to IE,thanks for your help Tookeri..:)
    Last edited by grouser; 27 Nov 2014 at 14:26.
      My Computer


  5. Posts : 4,776
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       #15

    Firewall disabled - ports stealthed


    Thanks for the info Tookeri. I'd never tried this before but disabling my firewall (computer firewall - not router firewall) and doing the Shields Up! and PC Flank tests still shows all ports stealthed. :)
      My Computer


  6. Posts : 1,049
    Windows 7 Pro 32
       #16

    Great, but it still doesn't explain it. As I tried to explain in my previous post nothing should be opened in the router no matter what programs you run on the PC.

    The only mechanism I'm aware of that can open ports "when needed by devices and apps" in the router is UPnP - Universal Plug and Play. That's why I recommended you to verify that it's disabled. But UPnP ports are usually higher ports and not 443.

    What happens if I disable UPnP on my router?
    What happens is that it will not be possible anymore to let applications change firewall settings on the router anymore through UPnP.
    Source: UPnP Hacks: Frequently Asked Questions
      My Computer


  7. Posts : 1,049
    Windows 7 Pro 32
       #17

    Callender said:
    Thanks for the info Tookeri. I'd never tried this before but disabling my firewall (computer firewall - not router firewall) and doing the Shields Up! and PC Flank tests still shows all ports stealthed. :)
    That's the way it should be
      My Computer


  8. Posts : 1,049
    Windows 7 Pro 32
       #18

    People who don't use a router or other hardware firewalls or similar are of course not as protected. If I check my router log I see attack attempts all the time. Anything connected to the Internet, the router in this case, will be a target for all bad guys doing random IP range attacks, usually thousands or even hundreds of thousands at a time.
      My Computer


 
Page 2 of 2 FirstFirst 12

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:15.
Find Us