Re: Closing ports using Sygate

Duane Arnold wrote:
> louise wrote:
>
>> ohaya wrote:
>>
>>>
>>> tenplay wrote:
>>>
>>>> Greetings! I am a user of the free version of the Sygate Personal
>>>> Firewall. I was informed by the "Shields Up!!" security testing
>>>> website
>>>> that I should close external access to Port 1025. Please give
>>>> instructions. Thank you. Mike
>>>
>>>
>>>
>>>
>>>
>>> Mike,
>>>
>>> I don't think that that version of Sygate has a direct way to configure
>>> which ports are open/listening, but if you go to Tools -> Application,
>>> you'll get a window showing a list of applications. If you then click
>>> the "Advanced" button at the bottom of that window, you'll get another
>>> window, and there are two radio buttons, "act as client" and "act as
>>> server".
>>>
>>> I think that when the "act as server" button is selected/enabled, the/a
>>> port associated with the application is left open by Sygate.
>>>
>>> For some reason that I've never understood, it seems like Sygate sets
>>> both the "act as client" and "act as server" buttons set/enabled by
>>> default, and you have to go in manually as I described above to shut
>>> down potentially listening ports associated with applications.
>>>
>>> Jim
>>
>>
>> I have the Pro version of Sygate.
>>
>> I've never been able to figure out what needs to "act as server" and
>> what doesn't. How does one assess this? For example, an anti-spam
>> program attached to Outlook or my AV or...anything that goes and looks
>> for updates?
>>
>> TIA
>>
>> Louise
>
>
> Any program/application running on your machine that initiates contact
> with a remote site *Acts as a Client*. Outlook acts as a client as it
> must initiate contact with the POP3 server in order to send and receive
> emails to/from the POP3 server.
>
> If you had the Windows 2k Pro or XP Pro O/S with you running IRIS as the
> WEB server program, you wanted people/clients to access the WEB/FTP
> Site, you wanted the personal FW to accept unsolicited inbound
> connections (anyone on the Internet can connect and access your Web/FTP
> site) on port 80 HTTP Web or ports 20 and 21 for FTP, then IIS on the
> machine behind Sygate must be set to *Act as a Server* as that is a
> server program and it *serves* information to clients.
>
> On the other hand, IE on your machine would be set to *Act as a Client*
> because IE must initiate contact to a Web server to access information
> on the Web server over the Internet.
>
> In other words, if *Act as a Server* is set, all unsolicited inbound
> traffic will reach the program/application on the inbound port the
> application/program is listening on. If the setting is *Act as a
> Client*, then the program behind the PFW *must* initiate contact with
> the site before the PFW will allow inbound traffic back to the program
> on the inbound port the program is listening on - that's solicited
> traffic and the PFW is going to let that traffic through. If other
> inbound traffic comes from somewhere to the program on the port the
> program is listening on and was not solicited, that unsolicited inbound
> traffic is not solicited and is going to be blocked by the PFW.
>
> 99.9% of the programs running on your machine are client programs for
> Internet access and are making contact with server programs on the
> Internet. Server means it *serves* and client means it requests.
>
> Duane :)

Thanks - that makes the whole thing make some sense and I
can hopefully figure it out from here.

Louise
Received on Tue Feb 7 20:58:28 2006