AOL9 Opens Port 443

Discussion in 'other firewalls' started by zarzenz, Apr 2, 2004.

Thread Status:
Not open for further replies.
  1. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    I've got a strange problem here at the moment... since I installed AOL9 (UK version) about a week ago.

    I originally was using the free Sygate firewall and very happy with it on AOL8. Every port was stealthed. Then after upgrading to AOL9 and running ShieldsUp as my first check... I was dismayed to see port 443 opened up.

    Anyway... I thought it may be a Sygate/AOL issue and so yesterday I removed Sygate and installed the latest free Zone Alarm firewall, (which I quite like btw) and ran the test again.

    The very first thing that I had to do of course, was to allow the various apps to go through ZA. Then the first strange thing happened. AOL9 now requires 3 seperate apps to be given net permission (I knew this from Sygate... so was not surprised at this) they are... AOL, AOL Connectivity, AOL TopSpeed.

    But what did surprise me was this. AOL TopSpeed also wanted server permission, and if it was not given then no websites could be accessed. This was a surprise, because with Sygate, I have now discovered that server permission is given as a default if an app is allowed, and to me this is a bit of a worry, because I always thought it was bad practice to allow any app server rights.

    Anyway... ran ShieldsUp again... and yep... there it was, port 443 open just like before.

    I then reran AOL8 through ZA, and it just has the one AOL app needing permission with no server asked for and stealths up every port.

    So what is going on here with this TopSpeed thing and should I be concerned about this, or is it normal that AOL9 now requires this port open for TopSpeed to work.

    Problem is... this port is HTTPS so it is for secure banking sites etc.
     
  2. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    I don't know about AOL. But do not mix up incoming and outgoing ports.

    When you surf TO a site with the https protocol, your system connects to port 443 of the external system (ie your bank). On your system a random outgoing port above 1024 will be used. So this outgoing port has got nothing to do with your open port 443.
    Problem is your port 443, that other systems can connect to. This does not feel well at all. But it could be legitimate for AOL. Can't you just disallow the server part of AOL in your firewall?
     
  3. RedLobster

    RedLobster Guest

    ZAR

    personally I would trash aol without reservation....no program gets server permission......not anti-virus...not trojan scanner.....NOTHING!!!!
    Can you do as Meneer said?? if not consider going back to the old version.....don't care what aol is doing....it should not be a server.....
     
  4. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Ok... well if disallow AOL9's TopSpeed application to have server rights then it simply refuses any web access. I can still get into AOL and go to any of their content pages, but as soon as I try to connect to websites via their modified IE browser, I get no connection... the usual page not available thing.

    So AOL9 now makes it mandatory to allow this particular application (of the 3 that are now required in this latest version) to be given server rights.

    I too am very unhappy about this situation.

    It's not good at all having this open port, and I am now doing what you suggested RedLobster, and using AOL8 which is much less demanding on it's requirements to go through the firewall (only having one application... WAOL.EXE... asking) and what's more, this version does not need server rights to enable websites to work. What is more... I can't honestly say I've noticed any real significant increase in access speed with this TopSpeed application... it seems just the same to me... AOL8 works fine.

    So all in all... I think I'll stay as I am... and wait to see if this becomes a known issue on AOL9 (keep watching the feedback board there etc) and then if it is shown to be a bug or something that wasn't picked up in Beta testing... maybe a patch will be released to fix it... or maybe I'll have to wait for AOL10 to be released sometime and see if it gets fixed in that.

    Thanks to you both for your replies... confirming what I always thought... no server rights to be allowed... cheers guys.

    PS... just a side note on server rights that putting ZA on has also shown up... Yahoo Messenger also asked to be a server which I would never have known using Sygate and so I stopped it... and yet it seems to still work ok. So thanks ZA... it sure does a great job of alerting to these servers being asked for, and can only increase the security awareness required these days.

    I'm therefore ditching Sygate... very unhappy about their firewall allowing server rights by default... not good at all.
     
  5. Mr wobble

    Mr wobble Guest

    Just turn Top speed off in your AOL options :)
     
  6. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Mr Wobble/Zarzenz,

    Isn't Top Speed the application that recompresses web graphics resulting in murky pictures? If so then disabling it would seem a good idea.

    An alternative option would be to restrict incoming access by IP address - this should be possible if Top Speed only receives connections from AOL servers, but (being AOL) there may be a lot of addresses involved! Also, I believe you have to have the Pro version of ZA for this.

    RedLobster,

    There will be cases where "Server Permissions" is legitimate (e.g. a web filter like Proxomitron would need to be able to accept incoming connections from your browser to function) so not allowing it at all can be quite a restriction - although extra care should be taken when choosing to allow it and adding other restrictions (like permitted ports and IP addresses) should be considered.
     
Loading...
Thread Status:
Not open for further replies.