Security/Hacker exposure

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,

I am a new member and would like some help please.

I have internet banking and did a Symantec security scan on the bank website
which indicated the following problem.

"HTTP over TLS/SSL. A protocol for providing secure HTTP communication. It
should be open only if you're running a Web server."

Could someone please tell me what I need to do to fix this?

Thanks,

Sweety
 
Hi,

Is this on your machine? If so, it should read as closed. The bank is
running a web server and it should be open for them. https:// is how the
site should start, the key being the 's' indicating a secured site. Just
make sure the lock icon is displayed in the status bar (if it's not on,
click view/status bar) when you arre visiting the site.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
 
In Rick "Nutcase" Rogers <[email protected]> had this to say:

My reply is at the bottom of your sent message:
Hi,

Is this on your machine? If so, it should read as closed. The bank is
running a web server and it should be open for them. https:// is how
the site should start, the key being the 's' indicating a secured
site. Just make sure the lock icon is displayed in the status bar (if
it's not on, click view/status bar) when you arre visiting the site.
Click to expand...

Just to add a bit to this... I notice you said you did a scan on the bank's
site. Unless you're the admistrator of the banks server (which I assume
you're not else you'd probably not be exposing stuff like this) there's
nothing that you can do. However, the bank's site is indeed running a server
and it's good that they have HTTP over SSL as that's what makes it secure.
I'd certainly not trust a bank's site that wasn't secure.

Galen
--

"Chance has put in our way a most singular and whimsical problem, and
its solution is its own reward."

Sherlock Holmes
 
Hi Rick,

Thanks for getting back to me. The scan in question was to let me know
whether my laptop might be vulnerable to hackers and the quoted sentence I
pasted up there was the only weakness according to the symantec scan.

I was wondering whether I should leave it or do I need to adjust some
setting somewhere?

Thanks,
Sweety
 
Hi Galen,

Thanks for getting back to me.

The scan was offered free by Symantec on the bank's website and I thought I
would try it. The result was ok apart from the quote above. The bank's
website is secure but I was simply wondering whether I should be adjusting
some settings somewhere? The scan identified only one weakness (see above)
so it obviously needs to be closed but I don't know how to do it!

Would love some help with that!

Thanks,
Sweety
 
In Sweety <[email protected]> had this to say:

My reply is at the bottom of your sent message:
Hi Galen,

Thanks for getting back to me.

The scan was offered free by Symantec on the bank's website and I
thought I would try it. The result was ok apart from the quote
above. The bank's website is secure but I was simply wondering
whether I should be adjusting some settings somewhere? The scan
identified only one weakness (see above) so it obviously needs to be
closed but I don't know how to do it!

Would love some help with that!
Click to expand...
<snip>

Now I get it a little better. Okay, at the time you had a connection to an
HTTPS server. (Well, yeah, you were on a banking site.) Thus that would be
an open connection at that time. However it's a secure connection and
doesn't need to be closed. Were you to run the same scan from outside of
that page I suspect you'd not find the same results. You can take do a scan
at a number of other places:

BLACKCODE.COM -Services -> Security Scan:
http://www.blackcode.com/scan/

Security Scan - Sygate Online Services (sos) :
http://scan.sygatetech.com/

Galen
--

"Chance has put in our way a most singular and whimsical problem, and
its solution is its own reward."

Sherlock Holmes
 
Hi,

As Galen has pointed out, this seeming vulnerability occurs because you are
currently connected to a secure server, therefore that port is open. If you
want to really check you system, you should not be actively connected to any
site or 'net service (email, chat, etc.).

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
 
Thanks very much for replying, Rick
Rgds,
Sweety

Rick "Nutcase" Rogers said:
Hi,

As Galen has pointed out, this seeming vulnerability occurs because you are
currently connected to a secure server, therefore that port is open. If you
want to really check you system, you should not be actively connected to any
site or 'net service (email, chat, etc.).

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
Click to expand...
 
Hi Galen,
Thanks for replying and for the websites. I will try them out,
Thanks again,
Rgds,
Sweety
 
Back
Top