1. Are you ready for the Galaxy S20? Here is everything we know so far!

Blockort 80, http, unencrypted traffic

Discussion in 'Android Lounge' started by Michael Ross 69, Feb 8, 2020.

  1. Michael Ross 69

    Thread Starter

    I have searched the web, google play store with no luck.
    I am looking for a way to bar all port 80 traffic, http an any other unencrypted traffic on my Android 9 mobile phone all apps that doesn't require rooting the phone.
     

    Advertisement

  2. Dannydet

    Dannydet Extreme Android User

    The main point being, port 80 is a system reserved port (any port <=1023). So it is either your Android ROM that has the port open (Stock Android does not come this way, but maybe samsung or another vendors ROM does), or you have a rooted device and have allowed an application to open the port. It is not possible for a regular app from the store to listen on port 80.

    Have you tried connecting to the socket? Use telnet on another device to try to connect.

    Have you tried a scan from the device? Install a port scanner and run it on localhost/127.0.0.1. It should return no open ports <=1023.

    If it returns open for 80, then it might be your ROM.
     
    Davdi, MoodyBlues and ocnbrze like this.
  3. svim

    svim Extreme Android User

    Blocking specific ports will be something that requires system-level permissions so what you're asking isn't practical.
    You can use a non-root firewall app, like NetGuard or Mobiwol, to selectively block apps from any WiFi or mobile data connectivity but those types of firewall apps work on apps and their relative processes, not ports so this probably isn't what you're seeking.
     
    MoodyBlues and ocnbrze like this.
  4. Michael Ross 69

    Thread Starter

    Thanks Dannydet,

    It is a Samsung Galaxy A20 not rooted, I installed All connections app from the google store, it shows apps connected, their IP addresses and Ports. A few apps are using Port 80, probably just sync requests, don't want to go down the sniffer track, too much to monitor, just want to block apps using insecure connections. Don't want to root, scared of bricking a 3 month old phone under warranty.
     
  5. Michael Ross 69

    Thread Starter

    Thanks Svim

    Tried NetGuard, cannot global block ports.

    It is a Samsung Galaxy A20 not rooted, I installed All connections app from the google store, it shows apps connected, their IP addresses and Ports. A few apps are using Port 80, probably just sync requests, don't want to go down the sniffer track, too much to monitor, just want to block apps using insecure connections. Don't want to root, scared of bricking a 3 month old phone under warranty.
     
  6. Michael Ross 69

    Thread Starter

    Also Netgaurd interferes with VPN, I think VPN is blocking incoming connections, I am worried about what apps are sending info out unencrypted.
     
  7. svim

    svim Extreme Android User

    Non-root firewall apps rely upon a local-only VPN process where online packets get funneled through it. This local VPN is where the filtering is applied. Root-required firewall apps, like AFWall+, don't need any VPN as they have system-level access and can tie directly to iptables, the firewall service that's already integral to the Linux kernel. (non-root apps only have user-level permissions so no access to iptables.)
    The issue then is you can only have one VPN service running on your device so you need to pick which suits your needs the best.
    Best practice is apps 'should' rely upon https to communicate with their home services online but of course that's not an absolute. Things like user I.D. and password data should be using a secure connection but a lot of traffic (i.e. Google News updating itself on the latest articles to display or whatever) doesn't need to go through https. Even if you were to readily be able to block port 80, it's not like you can then just set each app that does use http to exchange data to not use port 80, that's something that gets set up by the developer of the app itself. All you would do is break the functionality of a lot of apps.
     
    Dannydet and MoodyBlues like this.
  8. Michael Ross 69

    Thread Starter

    Thanks Svim
    Have installed a sniffer, shall remove apps that I don't trust. Its a shame they don't automatically sell phones rooted with appropriate security installed. If I could block port 80 or anything else unencrypted, I would just remove the apps that break.
     
Loading...

Share This Page

Loading...