Re: Closing ports using Sygate

louise wrote:
> ohaya wrote:
>
>>
>> tenplay wrote:
>>
>>> Greetings! I am a user of the free version of the Sygate Personal
>>> Firewall. I was informed by the "Shields Up!!" security testing website
>>> that I should close external access to Port 1025. Please give
>>> instructions. Thank you. Mike
>>
>>
>>
>>
>> Mike,
>>
>> I don't think that that version of Sygate has a direct way to configure
>> which ports are open/listening, but if you go to Tools -> Application,
>> you'll get a window showing a list of applications. If you then click
>> the "Advanced" button at the bottom of that window, you'll get another
>> window, and there are two radio buttons, "act as client" and "act as
>> server".
>>
>> I think that when the "act as server" button is selected/enabled, the/a
>> port associated with the application is left open by Sygate.
>>
>> For some reason that I've never understood, it seems like Sygate sets
>> both the "act as client" and "act as server" buttons set/enabled by
>> default, and you have to go in manually as I described above to shut
>> down potentially listening ports associated with applications.
>>
>> Jim
>
> I have the Pro version of Sygate.
>
> I've never been able to figure out what needs to "act as server" and
> what doesn't. How does one assess this? For example, an anti-spam
> program attached to Outlook or my AV or...anything that goes and looks
> for updates?
>
> TIA
>
> Louise

Any program/application running on your machine that initiates contact
with a remote site *Acts as a Client*. Outlook acts as a client as it
must initiate contact with the POP3 server in order to send and receive
emails to/from the POP3 server.

If you had the Windows 2k Pro or XP Pro O/S with you running IRIS as the
WEB server program, you wanted people/clients to access the WEB/FTP
Site, you wanted the personal FW to accept unsolicited inbound
connections (anyone on the Internet can connect and access your Web/FTP
site) on port 80 HTTP Web or ports 20 and 21 for FTP, then IIS on the
machine behind Sygate must be set to *Act as a Server* as that is a
server program and it *serves* information to clients.

On the other hand, IE on your machine would be set to *Act as a Client*
because IE must initiate contact to a Web server to access information
on the Web server over the Internet.

In other words, if *Act as a Server* is set, all unsolicited inbound
traffic will reach the program/application on the inbound port the
application/program is listening on. If the setting is *Act as a
Client*, then the program behind the PFW *must* initiate contact with
the site before the PFW will allow inbound traffic back to the program
on the inbound port the program is listening on - that's solicited
traffic and the PFW is going to let that traffic through. If other
inbound traffic comes from somewhere to the program on the port the
program is listening on and was not solicited, that unsolicited inbound
traffic is not solicited and is going to be blocked by the PFW.

99.9% of the programs running on your machine are client programs for
Internet access and are making contact with server programs on the
Internet. Server means it *serves* and client means it requests.

Duane :)
Received on Tue Feb 7 20:58:21 2006