scabbo
01-21-04, 08:58 AM
It keeps coming up on the security Scan as open everything else is stealthed.
Any thoughts guys?
YOS I know you have some :)
Any thoughts guys?
YOS I know you have some :)
View Full Version : How do I stealth port 443?
cyberskye
01-21-04, 11:34 AM
You need to give some information about your connection - router? firewall?
Detail the scan you're using. Does it require a donwload or does it scan you from a remote host?
Detail the scan you're using. Does it require a donwload or does it scan you from a remote host?
YeOldeStonecat
01-21-04, 01:44 PM
Originally posted by cyberskye
You need to give some information about your connection - router? firewall?
^^^ what he said...
You need to give some information about your connection - router? firewall?
^^^ what he said...
TonyT
01-21-04, 07:02 PM
You should NOT have that port even available for use on a home computer. Port 443 is for http servers. Specifically, it's for serving SHTML files - Secure Socket Layer connections.
If you have not installed a web server on your system, even IIS, then likely you have a trojan using on that port.
It's al;so possible that the security scan you are using is 'seeing itself' on that port, esp is it scans from a web site.
If you have not installed a web server on your system, even IIS, then likely you have a trojan using on that port.
It's al;so possible that the security scan you are using is 'seeing itself' on that port, esp is it scans from a web site.
W_I_Z_K_I_D
01-22-04, 04:08 AM
ONCE AGAIN...WHAT HE SAID^^^^^^^
scabbo
01-27-04, 09:31 AM
Got posting for year and have not learned to give detail...sorry!
Router/Firewall setup
SOHO3 - router/Firewall
Linksys Wireless BEFW11S4
I run a small business server to I am running MS exchange which is why the port is "open"
Conncetion is DSL - Static IP.
What am I missing?
Router/Firewall setup
SOHO3 - router/Firewall
Linksys Wireless BEFW11S4
I run a small business server to I am running MS exchange which is why the port is "open"
Conncetion is DSL - Static IP.
What am I missing?
cyberskye
01-27-04, 11:01 AM
Are you using OWA? That uses ssl....
scabbo
01-27-04, 12:31 PM
Yes I am using Outlook Web Access.
cyberskye
01-27-04, 12:47 PM
That's your answer. OWA uses SSL (tcp 443) to secure access.
If you stealth port 443 then no one will be able to access OWA from outside your perimeter, though they could still use it from a PC behind the firewall.
If you stealth port 443 then no one will be able to access OWA from outside your perimeter, though they could still use it from a PC behind the firewall.
TonyT
01-27-04, 04:34 PM
Note:
When running any type of server application, do not expect to ever get 'stealth' results in a security scan. It's impossible, unless you want the server used only on the local net and not opened up to remote or www access.
I have a local linux server running apache, wuftpd and webmin. It's completely stealthed because it is only used localy and is not opened up to the www on other side of the router.
When running any type of server application, do not expect to ever get 'stealth' results in a security scan. It's impossible, unless you want the server used only on the local net and not opened up to remote or www access.
I have a local linux server running apache, wuftpd and webmin. It's completely stealthed because it is only used localy and is not opened up to the www on other side of the router.
cyberskye
01-27-04, 06:01 PM
You can set up PF rules to 'drop' connection attempts that are not from a predefined list of 'safe' ip addresses (say, of your home users) but everyone would need static ip addresses at home.
We actually do that - everyone has an SDSL line at home with a fixed ip. Result? Any employee can tunnel in but is stealth to anyone else.
The main advantage of OWA is that you can access Outlook from any PC. That makes my comments somewhat irrelevant in this case, though. An address running OWA, accepting SSL connects from anywhere, cannot be stealthed.
We actually do that - everyone has an SDSL line at home with a fixed ip. Result? Any employee can tunnel in but is stealth to anyone else.
The main advantage of OWA is that you can access Outlook from any PC. That makes my comments somewhat irrelevant in this case, though. An address running OWA, accepting SSL connects from anywhere, cannot be stealthed.
vBulletin® v3.8.4, Copyright ©2000-2010, Jelsoft Enterprises Ltd.