I noticed a number of open ports created when using the Internet Email, Outlook, and Web Shields. Is this required for virus scanning to be performed? I hate open ports when I specifically didn’t open them. This is bad.
Hi,
Why don’t you try turning off these providers then do a port scan. That way you can determine if it is the providers or not. I personally have not heard of the providers opening ports in some cases though I have heard of malware doing it.
Hi Kevin,
What firewall are you using?
avast sets intercepts for mail scanning and those intercepts redirect mail activity to localhost ports in your system where the mail scanner is waiting to monitor the mail activity.
Similary avast sets intercepts to scan web activity, and again redirects it to a localhost port inside your system.
These localhost (127.0.0.1) ports are completely internal to your system. avast is not opening ports to outside activity.
I turned on/off the Web Shield and confirmed that its definately avast that is opening up these local ports (though they may be). The program associated with the Web Shield is ashWebSv.exe (port 12080). Internet Email Shield is worst, it opens up a listening ports though the ashMailSv.exe program (ports 12025, 12110, 12119, 12143). Yes they are local but I just don’t like this idea of listening ports. A port scan revealed that the ports are closed (not stealthed).
Of course. If the application does not LISTEN the ports it can’t scan the traffic through it.
Impossible to use an antivirus without listening…
You can block the outbound traffic through these ports (avoid sendind information) through a firewall.
Not listening, not scanning, not antivirus…
Which firewall do you use?
A port scan revealed that the ports are closed (not stealthed).This is exactly why I asked about the firewall you use ... if any ... and which you have not yet told. ???
Now, Tech has also asked …
Which firewall do you use?
No firewall application. My LAN is behind a router.
I guess this is the way avast does the transparent proxy and checking of the email flows:
port 12080 - transparent proxy of HTTP port 80
port 12025 - transparent scanning of the mail on SMTP protocol (Port 25)
port 12110 - transparent scanning of the mail on POP protocol (Port 110)
port 12119 - transparent scanning of the news on NNTP protocol (Port 119)
port 12143 - transparent scanning of the mail on IMAP protocol (Port 143)
If you don’t use any of those - like, for example, you don’t use IMAP and don’t read news - you can turn them off and avast will stop using these ports
Hello,
Your LAN may be behind a router but even though it is that does not mean that the Router Firewall is enabled (if your router has a firewall). If your router does have a firewall you should enable it.
and before
A port scan revealed that the ports are closed (not stealthed).
Now you know why your ports are closed but not stealthed. There are too many free software firewalls you can use. I know for a fact that Zone Alarm Free will stealth your ports just as it is installed. I am sure there must be a few others that will do the same.
And, if ports are not listened to by the anti-virus program, what protection do you have … especially since you are also without a firewall?
I too have no problem with the local ports being seen or reported as closed as my firewall, Outpost Pro stealths all ports.
If you need a firewall but don’t want to spend money on it, try COMODO Personal Firewall. Click on the link to go to the firewall site.