Security/Hacker exposure

G

Guest

Hi,

I am a new member and would like some help please.

I have internet banking and did a Symantec security scan on the bank website
which indicated the following problem.

"HTTP over TLS/SSL. A protocol for providing secure HTTP communication. It
should be open only if you're running a Web server."

Could someone please tell me what I need to do to fix this?

Thanks,

Sweety
 
R

Rick \Nutcase\ Rogers

Hi,

Is this on your machine? If so, it should read as closed. The bank is
running a web server and it should be open for them. https:// is how the
site should start, the key being the 's' indicating a secured site. Just
make sure the lock icon is displayed in the status bar (if it's not on,
click view/status bar) when you arre visiting the site.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
 
G

Galen

In Rick "Nutcase" Rogers <[email protected]> had this to say:

My reply is at the bottom of your sent message:
Hi,

Is this on your machine? If so, it should read as closed. The bank is
running a web server and it should be open for them. https:// is how
the site should start, the key being the 's' indicating a secured
site. Just make sure the lock icon is displayed in the status bar (if
it's not on, click view/status bar) when you arre visiting the site.
Click to expand...

Just to add a bit to this... I notice you said you did a scan on the bank's
site. Unless you're the admistrator of the banks server (which I assume
you're not else you'd probably not be exposing stuff like this) there's
nothing that you can do. However, the bank's site is indeed running a server
and it's good that they have HTTP over SSL as that's what makes it secure.
I'd certainly not trust a bank's site that wasn't secure.

Galen
--

"Chance has put in our way a most singular and whimsical problem, and
its solution is its own reward."

Sherlock Holmes
 
G

Guest

Hi Rick,

Thanks for getting back to me. The scan in question was to let me know
whether my laptop might be vulnerable to hackers and the quoted sentence I
pasted up there was the only weakness according to the symantec scan.

I was wondering whether I should leave it or do I need to adjust some
setting somewhere?

Thanks,
Sweety
 
G

Guest

Hi Galen,

Thanks for getting back to me.

The scan was offered free by Symantec on the bank's website and I thought I
would try it. The result was ok apart from the quote above. The bank's
website is secure but I was simply wondering whether I should be adjusting
some settings somewhere? The scan identified only one weakness (see above)
so it obviously needs to be closed but I don't know how to do it!

Would love some help with that!

Thanks,
Sweety
 
G

Galen

In Sweety <[email protected]> had this to say:

My reply is at the bottom of your sent message:
Hi Galen,

Thanks for getting back to me.

The scan was offered free by Symantec on the bank's website and I
thought I would try it. The result was ok apart from the quote
above. The bank's website is secure but I was simply wondering
whether I should be adjusting some settings somewhere? The scan
identified only one weakness (see above) so it obviously needs to be
closed but I don't know how to do it!

Would love some help with that!
Click to expand...
<snip>

Now I get it a little better. Okay, at the time you had a connection to an
HTTPS server. (Well, yeah, you were on a banking site.) Thus that would be
an open connection at that time. However it's a secure connection and
doesn't need to be closed. Were you to run the same scan from outside of
that page I suspect you'd not find the same results. You can take do a scan
at a number of other places:

BLACKCODE.COM -Services -> Security Scan:
http://www.blackcode.com/scan/

Security Scan - Sygate Online Services (sos) :
http://scan.sygatetech.com/

Galen
--

"Chance has put in our way a most singular and whimsical problem, and
its solution is its own reward."

Sherlock Holmes
 
R

Rick \Nutcase\ Rogers

Hi,

As Galen has pointed out, this seeming vulnerability occurs because you are
currently connected to a secure server, therefore that port is open. If you
want to really check you system, you should not be actively connected to any
site or 'net service (email, chat, etc.).

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
 
G

Guest

Thanks very much for replying, Rick
Rgds,
Sweety

Rick "Nutcase" Rogers said:
Hi,

As Galen has pointed out, this seeming vulnerability occurs because you are
currently connected to a secure server, therefore that port is open. If you
want to really check you system, you should not be actively connected to any
site or 'net service (email, chat, etc.).

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
Click to expand...
 
G

Guest

Hi Galen,
Thanks for replying and for the websites. I will try them out,
Thanks again,
Rgds,
Sweety
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

hacker exposure 1
Heartbleed Bug 6
Security Software Recommendations 7
My SSL/TLS is bad? 4
Website authentication problems IE6 vs. IE7 11
Internet banking problem 11
UAC does not accept Banxafe Smart Card Reader 2
Windows mail security 2

Top