Jump to content

Hidden internet server in win7


ArcticBloom

Recommended Posts

So i did a test at the Steve Gibson Research Centre ( grc.com ).

The result shows , i've got an hidden internet server running.

My question is , can i disable this and how to disable it ?

Or , do i need it and how can i make it secure to prevent hack attacks or coming to be a part of a zombie / hack or other distribute network.

Link to comment
Share on other sites


No , i can't tell wich port or what protocol , this is infact what i like to know.

The test was telling me the hidden server was enabled and running , and it showed me a warning.

Maybe Cluberti , you can visit grc.com and check for yourself and see how YOUR system is doing.

This will make my question more clear once you do the test yourself.

Port 443 is closed and the other two tests showed my system as " stealth ".

Edit : you can find the test in : services - shields up. I tested the Files sharing - Common ports and all services ports.

Edited by ArcticBloom
Link to comment
Share on other sites

Very easy to Enable or Disable IIS Web Server on Windows 7

LAWLS: In case anyone doesn't know the port is 80 :ph34r: although GRC.com does not specify a port on that particular scan, they prefer to ominously mention a Hidden Web Server without giving you any information. IMO just a scare tactic to re-inforce the need for their service. They could at least post a link to IIS or tell people it can be easily disabled via the control panel.

Link to comment
Share on other sites

Thanks mr.Jinje

I followed your " Links " to articles and it says " IIS " server , wich i don't have installed or at least it's not showing as such.

Does this mean " no worries " or do i have to worry and take steps to secure it , if so " HOW ".

This is a stand alone home-pc , running Win7 Pro.

Edited by ArcticBloom
Link to comment
Share on other sites

I cannot see the "connection" between the "Shieds Up!" report and IIS. :unsure:

This issue is not limited to Windows 7.

Read from the original:

http://www.grc.com/freepopular.htm

Shoot The Messenger

Simple Messenger Service Disable/Enable

Windows NT, 2000, and XP hide an hidden Internet server that is running by default. It receives and accepts, among other things, unsolicited network messages that cause pop-up dialog boxes to appear on the desktop. Internet Spammers have discovered this and are spraying pop-up Spam across the Internet. The Windows Messenger server should never have been running by default, and Microsoft has finally fixed that in Windows 2003, but users of previous Windows need to take responsibility for this themselves.

More:

http://www.grc.com/stm/ShootTheMessenger.htm

There are much different opinions on the works of Steve Gibson in the IT/Technical community, some say that he is sometimes a tad too alarmistic and that he is not qualified in security matters.

I guess he could have worded the "hide an hidden internet server" more accurately, even grammatically, you don't "hide a hidden something", you either "hide something" or have something hidden".

The idea of a server receiving messages reminds me of a client, but it's not my field, so I will shut up.

Personally, the only program on which I presume being qualified to give an opinion is "SpinRite", which in my view is a very good program.

jaclaz

Edited by jaclaz
Link to comment
Share on other sites

Thanks mr.Jinje

But as far as i know we must have port 80 open for proper internet use , like 8080.

In case it's not needed for browsing only on a home pc , how to disable this.

If i need it to stay running , how to secure it.

Think you are confusing web-browsing with web-hosting. Disabling IIS does not affect browsing or IE or firefox in anyway.

No one said disable port 80, the link posted shows how to enable/disable IIS web server via the control panel.

EDIT: Unless of course you are running a personal web server and need IIS. Then maybe you shouldn't uninstall it.

Edited by MrJinje
Link to comment
Share on other sites

Thanks mr. Jinje.

You must have missed my " edit " to my post , but i don't have IIS installed.

I've checked " admin tools in Control panel " and " Turn Windows features on / off " , no webserver or parts off is installed

Win 7 pro on a standalone home pc.

Link to comment
Share on other sites

Thanks mr. Jinje.

You must have missed my " edit " to my post , but i don't have IIS installed.

I've checked " admin tools in Control panel " and " Turn Windows features on / off " , no webserver or parts off is installed

Win 7 pro on a standalone home pc.

Yeah missed the edit. If IIS was unchecked in your Windows Features, you are all set.

To verify, avoid his "File Sharing" scan and instead run the "All Service Ports" scan (one in the middle), it checks the 1024 known ports and provides color graph, without any biased sounding commentary. Mine only has one red port (#113) and I consider that safe. All other ports appeared in Stealth mode.

Edited by MrJinje
Link to comment
Share on other sites

Correct - if the default firewall is enabled, all ports should be blocked. You can run tcpview from sysinternals if you want to see what ports/protocols have endpoints on the machine (doesn't mean the firewall is allowing the connections to said port, but at least it would show the open ports and what protocols they're running).

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...