Is LocalHost Dangerous ??

[bonishah88]

Guys, recently I have installed Oracle11g and Visual Studio2008 and i have also activated IIS, these applications open up certain ports on the localhost and transfer data (saw it in Kaspersky network monitor). so the question is are such ports harmful, i mean, can rogue applications access these ports and my PC when i'm online ? or what measures can i take to avoid so ??

Thanks in advance.

[brayden]

localhost is your PC, localhost resolves to 127.0.0.1, it is NOT dangerous at all, if you go to localhost in your browser on that IIS server you will get your home page and it would come up very quick because it is loading from your PC, so basically, localhost is like your local PC's hostname.

[safeguy]

Read more info about localhost here on Wikipedia:

http://en.wikipedia.org/wiki/Localhost

[bonishah88]

Brayden......ya i know that localhost is basically my PC's name.....thanks.....and hence the ports it opens up serve as gateways to my PC...right?...and that's what i'm worried about. Cos recently my PC picked up one trojan and i had the doubt that it could be cos one of my ports was unguarded(for lack of a better word).
and the cause for my concern is that normally we do not have IIS preactivated or so i think and i have never experimented with it either.

@safeguy thanks for that link but it does not speak bout the ports.

[safeguy]

Sorry bonishah...I'm not a Pro when it comes to the word 'ports'...I was just trying to help in whatever ways I can...

[bonishah88]

Hey safeguy, thanks for trying but it just was not what i was looking for.

[brayden]

Well the ports going to localhost are quite common for me, I have my Linux setup as a server for testing certain things and a lot of ports are open, if you have MSSQL or MySQL usually the applications communicate via Localhost to the database server, so if you have Joomla or Wordpress installed most of the time it's configured to connect to localhost for the database server, and other apps too. That's how you get funny connections on localhost, trojans wouldn't use localhost as a connection as it only works for you. Unless you had multiple trojans keeping themselves in sync then the only worry would come if you have random requests going through odd ports to IPs you never seen before.

[bonishah88]

' the only worry would come if you have random requests going through odd ports to IPs you never seen before. '
What to do in this scenario ?? Anyway I can monitor ports to know bout random connections being made ??

[brayden]

If you do find something like that I'd suggest, you look up the IP to see if it is not a legit customer or your ISP or something. That sort of stuff tends to happen a lot like i used to get pinged by my ISP all the time and KIS would never stop blabbering about it, but what i'd do is, block the IP from your network at the router or at the PC, use a good AV like Kaspersky or Avira and scan for trojans, also run a hijackthis scan and post the log here for us to analyze.

[bonishah88]

Thanks for the reply. I really would not have bothered so much had it not been for that trojan incident and it happened after i installed the above stuff hence the paranoia!!