« previous next »
Pages: [1]   Go Down

Author Topic: Windows' Listening Ports -- Why?  (Read 6467 times)

0 Members and 1 Guest are viewing this topic.

avastconspiracy

  • Guest
Windows' Listening Ports -- Why?
« on: August 25, 2011, 10:58:32 PM »
Ok, when I review my Firewall Network Connections, I typically see firefox.exe, which makes sense as I'm on the internet using that browser.  Sometimes I see AvastSvc.exe and sometimes I don't; which also makes sense, I guess.  ???

My questions arise when I click on "Detailed View". There I see listed the following:

AvastSvc.exe
AvastUI.exe (it disappears after a while)
firefox.exe
lsass.exe
mDNSResponder.exe
services.exe
svchost.exe
System
wininit.exe

Now, I think I understand why the two Avast executables are there. (Avast is working.)
I think I understand why firefox is there. (I'm browsing online.)
mDNSResponder.exe, I understand comes from Itunes Bonjour service. (I plan on stopping this in services at some point because I don't use Bonjour.)

As for the others listed:

lsass.exe;
services.exe;
svchost.exe;
System; and
wininit.exe

I think I understand that these are Windows' Default Listening Ports, yes? But why, exactly, do these have to have an open connection/port all the time?  If I disconnect from the internet, my computer still runs just fine, so why do these items need to be in the Network Connections "listening" all the time?  

Would Windows 7 crumble and fall if I stopped these from listening? Is it even possible to stop these from listening and perpetually keeping those ports open?  Does the continuous listening of these Windows items through those ports pose a security risk?

Many thanks in advance for any guidance. (And apologies if this is totally noob question. :-[)


« Last Edit: August 25, 2011, 11:03:16 PM by avastconspiracy »
Logged

warlock

  • Guest
Re: Windows' Listening Ports -- Why?
« Reply #1 on: August 25, 2011, 11:15:48 PM »
Don't even think about touching them, the probability of breaking your system by that is near certain. Programs can use local communication to talk to one another, so open listening ports don't have to have anything to do with Internet.
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89056
  • No support PMs thanks
Re: Windows' Listening Ports -- Why?
« Reply #2 on: August 25, 2011, 11:58:42 PM »
Well avast uses a system of redirects into its localhost proxy, so that the content can be scanned. In order to do that it is Listening on the local ports ready to redirect this traffic through the proxy.

See image1 of my firewall listing note the avastSvc.exe, which controls the local proxy, if you see the local port 12080 that is for the web shield, for the others ignore the 12 at the start and you will see the others are email ports. See image2 TCPview showing the same ports, Listening.
« Last Edit: August 26, 2011, 12:00:30 AM by DavidR »
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

avastconspiracy

  • Guest
Re: Windows' Listening Ports -- Why?
« Reply #3 on: August 30, 2011, 12:26:19 AM »
Thank you both for your replies.  Did a little more reading on this this weekend and think I understand it better.  Still a noob, but learning more everyday! :)

Thanks again!
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89056
  • No support PMs thanks
Re: Windows' Listening Ports -- Why?
« Reply #4 on: August 30, 2011, 12:36:37 AM »
You're welcome.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline R. Hansen

  • Jr. Member
  • **
  • Posts: 58
Re: Windows' Listening Ports -- Why?
« Reply #5 on: August 30, 2011, 04:30:48 AM »
"Listening" means that it is listening for inbound traffic from other computers. A loopback means it is treating your local computer (localhost:127.0.0.1) as if it were an external system, usually for communication between local applications.

"Listening" is not the same as "open." Your firewall will still ask if incoming traffic from the Internet should be allowed to that port if it arrives, and if you say no, it will reject it without revealing an open port. This is a default for Windows firewall.

If you say yes and allow it, then the application listening will demand a look at the incoming information and decide if it needs to do something (like establish a connection). That is what listening is. It is a placeholder for monitoring inbound activity, not a flag for encouraging it.

Logged
Windows 10 Pro 1709 (16299.371) x64, 16 GB RAM, Core i5-4670, Nvidia GTX 1080 397.31 drivers, Avast 18.3.2333

avastconspiracy

  • Guest
Re: Windows' Listening Ports -- Why?
« Reply #6 on: August 31, 2011, 04:29:48 AM »
Quote from: R. Hansen on August 30, 2011, 04:30:48 AM
"Listening" means that it is listening for inbound traffic from other computers. A loopback means it is treating your local computer (localhost:127.0.0.1) as if it were an external system, usually for communication between local applications.

"Listening" is not the same as "open." Your firewall will still ask if incoming traffic from the Internet should be allowed to that port if it arrives, and if you say no, it will reject it without revealing an open port. This is a default for Windows firewall.

If you say yes and allow it, then the application listening will demand a look at the incoming information and decide if it needs to do something (like establish a connection). That is what listening is. It is a placeholder for monitoring inbound activity, not a flag for encouraging it.



thanks for that info.  i understand now that i was conflating "listening" with "open".  :-[
Logged
Pages: [1]   Go Up
« previous next »