Can I close a port?

Is it possible to close a port easily? All attacks I think are in Port 80 on my PC. Norton firewall reads a log of a year or more I have kept, and out of 5 or 6 plus attempted attacks on my PC it all reads in the log.....
Attacked Port: Http (80)

I have Windows XP, have DSL on all the time. Is there a way to close that port?

 

Have a look at this description of what Port 80 is about.http://grc.com/port_80.htm

As you can see, that port should only be needed if your computer was running as a web server and it would be a good idea to close it if your firewall can be configured to deal with individual ports. You would have to check the Help files for more information.

On the positive side, your firewall is reporting attempts to contact that port and as long as the attempts are not succeeding and nothing is getting in, you should be OK. In saying that, I assume that your firewall is monitoring, and preventing, any unauthorised attempts to send data out from your computer.

There are some trojan backdoor programs that can get installed on fast, 'always on' systems to distribute spam etc. but I imagine that you would be aware of any activity via your modem or router that you hadn't launched yourself?.

 

I recently bought and installed a modem best data 56k v.92 v.44 modem Im replacing my old one a u.s.Robotics 56kv.92 modem. When I try to get online the modem gives me an error message stating: close all ports. How do I do this. this is driving me BATTY..................

 

Is that the whole error message?. Seems to me that closing all ports would mean that your computer would be unable to be online because a couple have got to be open for you to send requests out and get responses back!.

If you didn't get a paper Manual with the modem and its Help files don't clarify things, you need to get onto the makers website and search the error message;http://www.bestdata.com/opsystem.asp

 

Cora,

Generally speaking, ports can be open, closed, or blocked. When you are being probed to determine your PC's vulnerability to a subsequent attack - it is best if all of your ports are stealthed, i.e. blocked. This means that your PC does not respond to any probes as if the IP address does not exist. The prober moves on without knowing that there was a live computer on the other end of the probe. If a port is open, well, then the PC is vulnerable to attack. If your PC returns a status of closed, the prober then knows there is a live computer there, and may try other attacks to penetrate the PC at a later time.

No matter what firewall you are running, even if hardware, it is best to supplement it with one of two outstanding free firewalls which can be downloaded from various websites for personal use (free):

1) ZoneAlarm, or
2) Sygate.

Sygate has a number of scanning tests against various protocols (UDP, TCP, ICMP) that really open up your eyes about how vulnerable you can be when attached to the Internet. Check out: http://scan.sygate.com

Either of these will effectively stealth all of your ports.

Ok, so when your ports are effectively blocked to incoming probes, what about the outbound traffic? How do you prevent a malicious program that has squirreled itself away, and collects your personal information for nefarious purposes?

Again, either of the above two free firewalls will require you to approve all outbound traffic from your computer. If you are not familiar with the applications running on your computer, their functionality and the threads and libraries associated with them - its time to think about both installing one of the two mentioned firewalls (software) and supplement with Process Explorer or similar tool which identifies your computer resources and their use.

Hope this helps!

-- Tom

 

Ok, that's from the gang at 'Port Monster'

Cora,
The answer to your question is Yes, the port can be blocked easily or the incoming IP adress's can be blocked.

Download this program
Port Monster 2.0

Install, then run the program. Click on 'Help' at the website to study some of it's functions and configurations.

For your specific scenario: with the program running while your online click on 'active connections', look at any connections listed under port 80,

RIGHT click that connection and select 'WHOIS LOOKUP', if you get a firewall alert, ACCEPT the connection, this will tell you 'who' is behind the IP adress for the connection. If you don't like what you see, RIGHT click that connection and choose;
a) kill this connection
b) Block this IP adress
c) Block this port

Any of those choices will disconnect that machine from your system. Rather than blocking all of port 80 you could select the specific IP adress instead and block them, you just as easily can create a 'filter rule' with your firewall to block that adress when you get your 'incoming/outgoing connection alert.

And of course you can block the whole port depending on the process's that are actually running there. . it's your choice.

Of course don't just arbitrarily block ports and kill connections unless you have confirmed the identity first.