open port 443

Maybe somebody cal explain to me why port 443 needs to be open for
external applications to work?
Shouldn't the router open any needed ports when a connection is
initiated from inside, otherwise, block everything?
The other ports are forwarded to servers that I am running.


-------- Original Message --------
From: (E-Mail Removed) <(E-Mail Removed)>

Dear Mr. Lockie,

Thank you for contacting Linksys Customer Support.

With regard to your concern, the port 443 is open for ssl or "secured
site location" so it is open because you might be accessing secured
sites on the internet.

You can close it if you want by forwarding that specific port to a
non-existing ip address.

If you have further questions, please contact us at (800) 326-7114 or
send us an eMail at (E-Mail Removed) so that we may further assist
you. Please use this phone number given as reference for future support
calls.




Sincerely,

Ryan Oliver Pili
Linksys – A Division of Cisco Systems, Inc.
Senior Product Support Specialist
1-800-326-7114
(E-Mail Removed)


On Sun, 25 Apr 2004 13:58:32 -0700, (E-Mail Removed) wrote:

> Country: Canada
> First Name: Bob
> Last Name: Lockie
> Product: WRT54G-Wireless-G Broadband Router v1.1
> OS: Linux
> Internet Connection: DSL
> Problem Type: Software Settings
> Additional Products Related to Problem:
> The Question: I have a Linksys WRT54G that has https open but I have
> "Administration/Remote Management" set to "Disable" in the management.
> I have the 2.02.7 firmware installed.
> Any ideas?
>
> # nmap -P0 gw
>
> Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2004-04-25 13:23
> EDT
> Interesting ports on gw (192.168.1.110):
> (The 1652 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 53/tcp open domain
> 80/tcp open http
> 110/tcp open pop-3
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 1.316 seconds
>
>
> # nmap -P0 216.168.107.123
>
> Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2004-04-25 13:24
> EDT
> Interesting ports on nexredback-216-168-107-123.nexicom.net
> (216.168.107.123):
> (The 1652 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 53/tcp open domain
> 80/tcp open http
> 443/tcp open https
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 2.359 seconds
>
> There shouldn't be a 443 port on the external IP.



--
-------------------------------------------------------
Remove .NOSPAM from my email address to reply directly.

Hmmmm, I thought SSL (port 443) meant "Secure Socket Layer"? I can't
see any reason why that port would be open by default. That seems
kinda strange.

I say, turn it off! That is, unless and until you specifically need
it on.

Chet

On 04/30/04 06:04 Chester Field spoke:
> Hmmmm, I thought SSL (port 443) meant "Secure Socket Layer"?

It does.
Well, obviously the tech guy has got the terminolgy incorrect.


> I can't
> see any reason why that port would be open by default. That seems
> kinda strange.
>
> I say, turn it off! That is, unless and until you specifically need
> it on.

Ya, the only way to do so is the "hack" suggested by Linksys support.
I was hoping someone had a better solution.
>
> Chet


--
-------------------------------------------------------
Remove .NOSPAM from my email address to reply directly.

Bob <(E-Mail Removed)> wrote in news:1Kklc.9508$ZJ5.458971
@news20.bellglobal.com:

> On 04/30/04 06:04 Chester Field spoke:
>> Hmmmm, I thought SSL (port 443) meant "Secure Socket Layer"?
>
> It does.
> Well, obviously the tech guy has got the terminolgy incorrect.
>
>
>> I can't
>> see any reason why that port would be open by default. That seems
>> kinda strange.
>>
>> I say, turn it off! That is, unless and until you specifically need
>> it on.
>
> Ya, the only way to do so is the "hack" suggested by Linksys support.
> I was hoping someone had a better solution.
>>
>> Chet
>
>

What is your concern here with port 443? It should be closed on the
router by default, unless you have done port forwarding or something on a
machine is using 443 and you're seeing that for some reason.

Duane

> What is your concern here with port 443? It should be closed on the
> router by default, unless you have done port forwarding or something on a
> machine is using 443 and you're seeing that for some reason.
>
> Duane

It's not closed on the router by default and I wasn't port forwarding it.
Now I am port forwarding it a closed port (that was the work-around
suggested by Linksys).


--
-------------------------------------------------------
Remove .NOSPAM from my email address to reply directly.

Bob <(E-Mail Removed)> wrote in
news:q27sc.9797$(E-Mail Removed):

>> What is your concern here with port 443? It should be closed on the
>> router by default, unless you have done port forwarding or something
>> on a machine is using 443 and you're seeing that for some reason.
>>
>> Duane
>
> It's not closed on the router by default and I wasn't port forwarding
> it. Now I am port forwarding it a closed port (that was the
> work-around suggested by Linksys).
>
>

It was closed by default on my Linksys 11S4 V1 router I have had since
2001. So I don't know what the problem may be, unless you have one that
doesn't have SPI in the firmware, as that may be an issue.

You can further protect the LAN behind the router, if you have an NT
based O/S such as Win 2K, XP or 2K3 with IPsec.

http://www.petri.co.il/block_ping_tr...with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm

It's a piece of cake with the AnalogX Secpol file implementation.

Duane


Duane

On Sun, 23 May 2004 20:10:48 GMT, Duane Arnold spoketh

>Bob <(E-Mail Removed)> wrote in
>news:q27sc.9797$(E-Mail Removed) m:
>
>>> What is your concern here with port 443? It should be closed on the
>>> router by default, unless you have done port forwarding or something
>>> on a machine is using 443 and you're seeing that for some reason.
>>>
>>> Duane
>>
>> It's not closed on the router by default and I wasn't port forwarding
>> it. Now I am port forwarding it a closed port (that was the
>> work-around suggested by Linksys).
>>
>>
>
>It was closed by default on my Linksys 11S4 V1 router I have had since
>2001. So I don't know what the problem may be, unless you have one that
>doesn't have SPI in the firmware, as that may be an issue.
>

SPI or not, no ports should be show as open on the WAN interface of the
router unless it's specifically forwarded to another host which has the
port open.

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

> It's not closed on the router by default and I wasn't port forwarding it.

Could you expand on it?
In my understanding of IP, if the router is doing NAT (i.e. it has a single
IP address seen from the outside world and uses 192.x.x.x addresses for the
LAN), then a port is either forwarded or closed.


Stefan

On 05/26/04 12:55 Stefan Monnier spoke:
>>It's not closed on the router by default and I wasn't port forwarding it.
>
>
> Could you expand on it?
> In my understanding of IP, if the router is doing NAT (i.e. it has a single
> IP address seen from the outside world and uses 192.x.x.x addresses for the
> LAN), then a port is either forwarded or closed.
>
>
> Stefan

The router runs it's web server on 192.168.1.1 (default) and port 443
went to that but I forwarded it to a non-existant port and it is
effectively closed now.


--
-------------------------------------------------------
Remove .NOSPAM from my email address to reply directly.