ArcticBloom Posted November 24, 2009 Share Posted November 24, 2009 So i did a test at the Steve Gibson Research Centre ( grc.com ).The result shows , i've got an hidden internet server running.My question is , can i disable this and how to disable it ?Or , do i need it and how can i make it secure to prevent hack attacks or coming to be a part of a zombie / hack or other distribute network. Link to comment Share on other sites More sharing options...
cluberti Posted November 24, 2009 Share Posted November 24, 2009 Can you show a screenshot and/or describe which port and protocol, and what state it's in? Link to comment Share on other sites More sharing options...
ArcticBloom Posted November 24, 2009 Author Share Posted November 24, 2009 (edited) No , i can't tell wich port or what protocol , this is infact what i like to know.The test was telling me the hidden server was enabled and running , and it showed me a warning.Maybe Cluberti , you can visit grc.com and check for yourself and see how YOUR system is doing.This will make my question more clear once you do the test yourself.Port 443 is closed and the other two tests showed my system as " stealth ".Edit : you can find the test in : services - shields up. I tested the Files sharing - Common ports and all services ports. Edited November 24, 2009 by ArcticBloom Link to comment Share on other sites More sharing options...
MrJinje Posted November 24, 2009 Share Posted November 24, 2009 Very easy to Enable or Disable IIS Web Server on Windows 7LAWLS: In case anyone doesn't know the port is 80 although GRC.com does not specify a port on that particular scan, they prefer to ominously mention a Hidden Web Server without giving you any information. IMO just a scare tactic to re-inforce the need for their service. They could at least post a link to IIS or tell people it can be easily disabled via the control panel. Link to comment Share on other sites More sharing options...
ArcticBloom Posted November 24, 2009 Author Share Posted November 24, 2009 (edited) Thanks mr.JinjeI followed your " Links " to articles and it says " IIS " server , wich i don't have installed or at least it's not showing as such.Does this mean " no worries " or do i have to worry and take steps to secure it , if so " HOW ".This is a stand alone home-pc , running Win7 Pro. Edited November 24, 2009 by ArcticBloom Link to comment Share on other sites More sharing options...
jaclaz Posted November 24, 2009 Share Posted November 24, 2009 (edited) I cannot see the "connection" between the "Shieds Up!" report and IIS. This issue is not limited to Windows 7.Read from the original:http://www.grc.com/freepopular.htmShoot The MessengerSimple Messenger Service Disable/Enable Windows NT, 2000, and XP hide an hidden Internet server that is running by default. It receives and accepts, among other things, unsolicited network messages that cause pop-up dialog boxes to appear on the desktop. Internet Spammers have discovered this and are spraying pop-up Spam across the Internet. The Windows Messenger server should never have been running by default, and Microsoft has finally fixed that in Windows 2003, but users of previous Windows need to take responsibility for this themselves.More:http://www.grc.com/stm/ShootTheMessenger.htmThere are much different opinions on the works of Steve Gibson in the IT/Technical community, some say that he is sometimes a tad too alarmistic and that he is not qualified in security matters.I guess he could have worded the "hide an hidden internet server" more accurately, even grammatically, you don't "hide a hidden something", you either "hide something" or have something hidden". The idea of a server receiving messages reminds me of a client, but it's not my field, so I will shut up.Personally, the only program on which I presume being qualified to give an opinion is "SpinRite", which in my view is a very good program.jaclaz Edited November 24, 2009 by jaclaz Link to comment Share on other sites More sharing options...
MrJinje Posted November 24, 2009 Share Posted November 24, 2009 (edited) Thanks mr.JinjeBut as far as i know we must have port 80 open for proper internet use , like 8080.In case it's not needed for browsing only on a home pc , how to disable this.If i need it to stay running , how to secure it.Think you are confusing web-browsing with web-hosting. Disabling IIS does not affect browsing or IE or firefox in anyway.No one said disable port 80, the link posted shows how to enable/disable IIS web server via the control panel.EDIT: Unless of course you are running a personal web server and need IIS. Then maybe you shouldn't uninstall it. Edited November 24, 2009 by MrJinje Link to comment Share on other sites More sharing options...
ArcticBloom Posted November 24, 2009 Author Share Posted November 24, 2009 Thanks mr. Jinje.You must have missed my " edit " to my post , but i don't have IIS installed.I've checked " admin tools in Control panel " and " Turn Windows features on / off " , no webserver or parts off is installedWin 7 pro on a standalone home pc. Link to comment Share on other sites More sharing options...
MrJinje Posted November 24, 2009 Share Posted November 24, 2009 (edited) Thanks mr. Jinje.You must have missed my " edit " to my post , but i don't have IIS installed.I've checked " admin tools in Control panel " and " Turn Windows features on / off " , no webserver or parts off is installedWin 7 pro on a standalone home pc.Yeah missed the edit. If IIS was unchecked in your Windows Features, you are all set.To verify, avoid his "File Sharing" scan and instead run the "All Service Ports" scan (one in the middle), it checks the 1024 known ports and provides color graph, without any biased sounding commentary. Mine only has one red port (#113) and I consider that safe. All other ports appeared in Stealth mode. Edited November 24, 2009 by MrJinje Link to comment Share on other sites More sharing options...
ArcticBloom Posted November 24, 2009 Author Share Posted November 24, 2009 Yes i've done the "All Service Ports" scan , and it was shown as " full stealth ".So , i've got nothing to worry about i suppose.Thanks for the input. Link to comment Share on other sites More sharing options...
cluberti Posted November 24, 2009 Share Posted November 24, 2009 Correct - if the default firewall is enabled, all ports should be blocked. You can run tcpview from sysinternals if you want to see what ports/protocols have endpoints on the machine (doesn't mean the firewall is allowing the connections to said port, but at least it would show the open ports and what protocols they're running). Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now