Solved Using Shields up in both IE and Chrome

[grouser]

Hi,
Can any one throw some light on this problem I have come across recently, I have perfumed a shields up scan with their All Service Ports Scanner which resulted in all being okay using IE11 but performing the same scan using Google Chrome (latest version) showed that Secure Port 443 is open why is this any answers using non tech speak would be helpful as not really tech minded but Security Minded all the same, I did a little research on the subject but it opened up more questions than answers .

 

[Layback Bear]

This information might be useful to you.

https://www.grc.com/port_443.htm

 

[grouser]

This information might be useful to you.

https://www.grc.com/port_443.htm

Thanks for the link, my next question is as it is closed and in stealth mode in IE how can I achieve the same result in chrome as well

 

[Layback Bear]

Don't know I don't use Chrome.

 

[Tookeri]

Are you not behind a router?

 

[grouser]

Are you not behind a router?

Yes I am the reason for the question was a matter of if it's showing in stealth with one browser how can I get the same result in the other

 

[Tookeri]

If you're behind a NAT router and haven't enabled remote management, port forwards or similar then nothing should be open. Well, possibly UPnP if you have that enabled.
I don't use Chrome either and the only thing I can think of is testing with plugins disabled in Chrome. It shouldn't make any difference, but who knows...

 

[grouser]

After reading and following the links provided which led to more info,my take on this problem rightly or wrongly is that Google run their SSL/TSL through this port which they monitor for phishing spam and other stuff to make their browser safe which they inform you in the techy stuff they post on their HELP FORUM that's the norm for the browser..

 

[Tookeri]

That doesn't make any sense to me. Do you have a link for this?

Have you installed the Remote Desktop App for Chrome or anything like that? https://support.google.com/chrome/answer/1649523?hl=en-GB

 

[grouser]

That doesn't make any sense to me. Do you have a link for this?

Have you installed the Remote Desktop App for Chrome or anything like that? https://support.google.com/chrome/answer/1649523?hl=en-GB

Having tried to find the links I used before I can't seem to find them again, and re re reading some of the previous stuff and as I said at the onset of my question that I was not techy minded, I felt I have made a mistake on my understanding of Google chrome and the SSL/TSL statement in my previous post.In answer to your question re Remote desk top app No I haven't,I guess I should have asked this question in a chrome forum, I thought it may be a settings problem due to it showing stealth mode In IE and not in Chrome I have looked into my router settings and the Firewall Level Settings are showing a setting designated by my ISP as their own what ever they are,I'm no game player so don't need to port forward or what ever they call it..

 

[Tookeri]

Ok, well my advice is to verify in your router settings that:
- UPnP is disabled
- Remote Management is disabled
- there are no port forward or port triggerings
- the SPI firewall is enabled (if the router has one)
- you have changed the default password that came with the router

If you do this, nothing should be open to the outside.

I see you have a great anti-virus, or hopefully the Internet Security product. Probably SAFE through your ISP. Same as me. It uses Windows Firewall + adds an extra protection for downloaded files.

Anyway, if this happened to me and I couldn't find out why or solve it, I'd stop using Chrome.

 

[Callender]

Stealth Port 443

Well I'm not too sure in this one but here are my thoughts.

Running Shields Up! scan shows no problems.

Running PC Flank's port scanner shows all ports stealthed. Scanning Port 443 shows stealthed.

Running the following from an Elevated Command Prompt:

netstat -a -n -o | findstr 443

shows Opera.exe PID 784 listening on Port 443 but only when it's using a secure (https) connection. If I close the tab with the secure connection - nothing shows up for Port 443.

In any case Port 443 is always stealthed. I don't use Chrome but do use Aviator (Chromium Based)

As soon as I run Aviator I can see it's using PORT 443 but Aviator is configured to always use secure connections when available.

Ran a Shields Up! scan using Aviator and all ports including 443 show stealthed. I can't test Chrome and I won't use it so sorry about that.

The only suggestion that I can come up with is to use a better firewall. Your systems specs don't state which firewall you're using currently.

 

[Tookeri]

Firewalls, routers and inbound/outbound connections

The specs says ISP F-Secure as anti-virus which means the AV works together with Windows Firewall. I use it too.

Anyway, my point in all of this is that if you're behind a router that hasn't opened anything to the outside, then it shouldn't matter what ports are open on the computer or how the computers firewall is configured. The router should block everything coming from the outside, in firewall terms called inbound connections. This way the router will protect all devices on the LAN(local area network).

The opposite of an inbound connection is outbound connection, meaning when your computer was the device who initialized the connection to the outside. This means basically every connection made from the computer: browsing, email, programs connecting and checking for updates etc. The router uses NAT - Network Address Translation to keep track of which device on the LAN should receive the reply.

If you use your browser to go to a website you create an outbound connection and the router waits for the reply. The reply is not an inbound connection, it's a reply to the outbound.
But when you use ShieldsUp it's not the same because only the reply in the browser is a reply from the outbound connection, while the actual ShieldsUp test is triggered from different IPs, otherwise the test wouldn't work. It needs to test connections from an IP that you're not already connected with in the browser. Therefor making it inbound connections to your router.
This is mentioned at the top of ShieldsUp page: [FONT=Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif]you should expect to see entries from this site's probing IP addresses[/FONT][FONT=Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif]: 4.79.142.192 -thru- 4.79.142.207

[/FONT]Or to put it this way:

• For an outbound connection your computer knows who or what will respond to it, because it requested a specific resource on the Internet, an IP and port.
• While an inbound connection can be triggered by anything on the Internet

Hope that helps someone

 

[grouser]

The specs says ISP F-Secure as anti-virus which means the AV works together with Windows Firewall. I use it too.

Anyway, my point in all of this is that if you're behind a router that hasn't opened anything to the outside, then it shouldn't matter what ports are open on the computer or how the computers firewall is configured. The router should block everything coming from the outside, in firewall terms called inbound connections. This way the router will protect all devices on the LAN(local area network).

The opposite of an inbound connection is outbound connection, meaning when your computer was the device who initialized the connection to the outside. This means basically every connection made from the computer: browsing, email, programs connecting and checking for updates etc. The router uses NAT - Network Address Translation to keep track of which device on the LAN should receive the reply.

If you use your browser to go to a website you create an outbound connection and the router waits for the reply. The reply is not an inbound connection, it's a reply to the outbound.
But when you use ShieldsUp it's not the same because only the reply in the browser is a reply from the outbound connection, while the actual ShieldsUp test is triggered from different IPs, otherwise the test wouldn't work. It needs to test connections from an IP that you're not already connected with in the browser. Therefor making it inbound connections to your router.
This is mentioned at the top of ShieldsUp page: [FONT=Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif]you should expect to see entries from this site's probing IP addresses[/FONT][FONT=Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif]: 4.79.142.192 -thru- 4.79.142.207

[/FONT]Or to put it this way:

• For an outbound connection your computer knows who or what will respond to it, because it requested a specific resource on the Internet, an IP and port.
• While an inbound connection can be triggered by anything on the Internet

Hope that helps someone

Well over night Google have updated their chrome browser which I allowed on my computer,then I ran a shields up test and all ports are now in stealth mode,I shall keep an eye on this for a while and hope that it is sorted if not I shall be reverting back to IE,thanks for your help Tookeri..

 

[Callender]

Firewall disabled - ports stealthed

Thanks for the info Tookeri. I'd never tried this before but disabling my firewall (computer firewall - not router firewall) and doing the Shields Up! and PC Flank tests still shows all ports stealthed.

 

[Tookeri]

Great, but it still doesn't explain it. As I tried to explain in my previous post nothing should be opened in the router no matter what programs you run on the PC.

The only mechanism I'm aware of that can open ports "when needed by devices and apps" in the router is UPnP - Universal Plug and Play. That's why I recommended you to verify that it's disabled. But UPnP ports are usually higher ports and not 443.

What happens if I disable UPnP on my router?
What happens is that it will not be possible anymore to let applications change firewall settings on the router anymore through UPnP.
Source: UPnP Hacks: Frequently Asked Questions

 

[Tookeri]

Thanks for the info Tookeri. I'd never tried this before but disabling my firewall (computer firewall - not router firewall) and doing the Shields Up! and PC Flank tests still shows all ports stealthed.

That's the way it should be

 

[Tookeri]

People who don't use a router or other hardware firewalls or similar are of course not as protected. If I check my router log I see attack attempts all the time. Anything connected to the Internet, the router in this case, will be a target for all bad guys doing random IP range attacks, usually thousands or even hundreds of thousands at a time.