Windows 7 is blocking ports

6

3

I am trying to open port 80 and 3690 for HTTP and svnserve respectively (inbound for both). I have Windows Firewall off, and have tried temporarily disabling Mcafee VirusScan Enterprise, to no avail. According to http://www.yougetsignal.com/tools/open-ports/, both ports 80 and 3690 are still blocked. I can't think of what would be blocking them if Windows Firewall and my antivirus are disabled. Here is the output of netsh firewall show state 

Firewall status:
-------------------------------------------------------------------
Profile                           = Standard
Operational mode                  = Disable
Exception mode                    = Enable
Multicast/broadcast response mode = Enable
Notification mode                 = Enable
Group policy version              = Windows Firewall
Remote admin mode                 = Disable

Ports currently open on all network interfaces:
Port   Protocol  Version  Program
-------------------------------------------------------------------
3690   TCP       Any      (null)
22     TCP       Any      (null)
80     TCP       Any      (null)
1900   UDP       Any      (null)
2869   TCP       Any      (null)

Any help? I'm not sure what each item on the list of enabled/disabled items is, but "Operational Mode" is disabled, so I assume that one refers to me disabling Windows Firewall. I know that since Windows Firewall is off, this output might not be useful, but I figured I'd include it just in case, haha.

I ran nmap on our global IP and here is the port information it gave:

Host is up (0.00031s latency).
Not shown: 988 closed ports
PORT      STATE SERVICE
135/tcp   open  msrpc
445/tcp   open  microsoft-ds
554/tcp   open  rtsp
2869/tcp  open  unknown
3390/tcp  open  unknown
5357/tcp  open  unknown
10243/tcp open  unknown
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49156/tcp open  unknown
49175/tcp open  unknown

I'm not sure how it retrieves this information, so I don't know how to change it on the machine.

Caleb1994

Posted 2012-06-07T16:34:35.740

Reputation: 183

First of all make sure that no services are using those ports. try netstat -aon and find PID of services running and then goto task manager enable PID column and check whether any service is already using it. – Renju Chandran chingath – 2014-07-13T06:23:05.220

1Does your ISP allow connections to those ports? Do you have a router performing NAT, which you would need to configure port forwarding on? – Bob – 2012-06-07T16:42:40.517

From what I've found online, my ISP does not block port 80, and I'm not sure of 3690 (although, I'm trying to fix this 80 issue, at the moment). This computer is the server for the house (internet is shared to the router from our desktop, and DHCP is handled on the desktop also). I haven't enabled port forwarding yet, I'm just trying to get the desktop to open the port first. – Caleb1994 – 2012-06-07T16:48:31.333

If you haven't configured port forwarding, then an external port checking tool is not going to work. You could set up a webserver or something and just try connecting within your local network. Also, that site has never worked for me; the PF Port Checker is more reliable (the downloaded program is listening on that port at the time of testing).

– Bob – 2012-06-07T16:50:57.720

I also checked it with canyouseeme.org, and it showed closed also. I'm not at a Windows box, now, so I can't use PF Port Checker. Also, I checked with nmap. I'll update my post with the results from nmap. I enabled port forwarding, and forwarded HTTP to my room (where I already had apache2 running on Kubuntu), and still no luck. – Caleb1994 – 2012-06-07T17:57:40.360

Could our router still be blocking the port, even it is only functioning to route traffic? E.g. DHCP is disabled, and it simply takes packets from the main machine and passes them around the network. It doesn't have to do NAT. Our desktop machine does all of that. I hope not... it was trying to take things over when we set it up, so we set it up on a different subnet, and it would be a pain to get to the routers settings... (I don't remember the IP or the subnet...) – Caleb1994 – 2012-06-07T18:56:36.143

Answers

1

It isn't clear if you are trying to use those ports in the OUTBOUND direction (trying to reach some server on the Internet through those ports) or whether you are trying to have an application running on your Windows 7 machine listen on those ports.

If you are trying to test those ports outbound, then you can use Firebind.com.

They hava a Java Applet client here http://www.firebind.com/clients/applet/

You can enter any TCP or UDP port and Firebind will validate whether you can send traffic from your client machine out to the Internet on the chosen ports.

Dave

Posted 2012-06-07T16:34:35.740

Reputation: 21

I'm sorry. I thought it was evident that I was talking about inbound connections, because port 80 is almost never blocked for outbound (I wouldn't be here, would I? :P), and the only thing that svnserve would do is listen. It is a server after all. :D But, I should have specified none the less. – Caleb1994 – 2012-06-08T03:39:06.180

1

Could it be an issue with how Windows Firewall was turned off?

Background info

Disabling Windows Firewall

Cheers, Eric

Eric W. Anderson

Posted 2012-06-07T16:34:35.740

Reputation: 11

1

I had the same issue where port sniffers like firebind or what'smyip would say all my ports are closed even though I had them forwarded correctly through my router. I had my windows firewall disabled so I thought it couldn't be that but it turns out even if it is disabled it can still be blocking your outbound connections.

I went to my firewall advanced settings and made new rules for both inbound and outbound on the ports i needed access to and after doing so..viola! It works and is no longer blocking the ports I need.

When I was changing the rules for the outbound on the windows firewall it was defaulted to blocked and I had to change to allow.

I hope this helps even one person because I know I could have used it, been troubleshooting all day with my ISP and the companies of the programs I was trying to run to no avail and it all turned out to be in my disabled firewall...

Justin Barksdale

Posted 2012-06-07T16:34:35.740

Reputation: 11

0

Run netstat -ab and check if the server software is even listening on the ports. If it is not, check logs. Also try to listen using ncat or netcat (e.g. ncat -vvnlp 80) to check for error messages, and if it listens sucessfully, check if you can connect to that. Also try connecting from the internal network if there is any, and also try different ports.

Once you know that the machine is accepting connections, you can check if firewalls/NAT devices between the machine and the internet are configured correctly. In my opinion, this is the most probable cause for such an error.

I doubt Windows is really randomly blocking ports, with a disabled firewall. What is possible is that some issues are stopping the server to bind for the port, I have had a weird case that I could not resolve yet with that, too. ncat should show you that.

Jan Schejbal

Posted 2012-06-07T16:34:35.740

Reputation: 1 014

Where is one to run these commands? They don't seem to be recognised in Windows. – Nathan Hornby – 2017-07-19T14:15:59.113

Asked: 2012-06-07T16:34:35.740

Viewed: 22 766 times

Active: 2016-11-25T20:26:26.050