This is a story of a mistake made by not thinking things through. I posted it here so others don't have to make the same mistake...
I use an Arduino to control lights and other stuff in my home. The Arduino runs a webserver and outputs are controlled via GET commands. All very basic, but it works. To gain access to this control from outside my LAN I port-forwarded the Arduino on my router. I have a static IP at home, so I can access my Arduino from everywhere in the world. This used to work fine until some time ago. The Arduino server would be very slow to respond, often not loading at all but giving timeouts in the browser. I checked my code, rebooted the router, changed cables but nothing helped. After a reset the first connection would be fine, but then it would slow down again. So I decided to check what was going on with my sockets. The w5100 only has four socket available and a mistake in the code will fill these up fast. I used code found on this forum that writes out data for all available sockets (4 in the case of the w5100). This info made things clear in no time.
After starting up I could see one socket connected to the timeserver, another to the dns server and a third to my VPS where it collects data about when stuff needs to be turned on or off. But then, without me connecting yet, sockets began to fill with ip-numbers unknown to me. What the...??
Silly me. By using the standard port (80) on my Arduino webserver I opened it up for the whole world to connect. So even though there is a form of protection in place to make sure nobody can play with my lights, a connection to the server could be made by every bot out there. And every connection fills up a slot until disconnected, so when I want to connect I would have to wait in line...
The solution is simple, just use a different port for your server. Something high so it won't interfere with reserved ports. Of course if someone really wants to get in, a port sniffer will find the port in no time, but that is not very likely.
BTW, this might also be related to the my router being bricked when I have my webserver-loaded Arduino connected to it without a switch in between (see topic from a couple of days ago). I will check that, but that has to be done when nobody else is home. I have two adolescent daughters, so trashing the internet connection while they are awake is a dangerous thing to do...
Thank you for taking the time to post your travails and the solution.
If you are curious about port 80 activity, run an apache web server on port 80 and check the visitor logs. Lots of bots looking for various things. Note that some corporate settings will not allow browsers/clients to connect to ports other than 80, 443, and other standard ports to to protect against Trojan applications.
No matter what port you use, hackers will find it. I have a port scanner detector on my router, and hackers hit it all the time. 
Use another type of security, like a "password" in the GET request. No match, no access.
True, no match no access, but still a connection. I can give you my ip and port number and still I'm willing to bet money you will not turn off or on any light in my home. Because if you don't have the specific text (call it a password) in the GET command the Arduino does nothing. You do, however, make a connection and therefore occupy a slot on the ethernet shield. I cannot think of another way than set the server to listen on a non-standard port. Everything else may highten the security on the Arduino (ie block everything but certain MAC or ip-addresses) but all this happens after a connection is made. Hence a socket taken.
My previous router also had a port scanner detector, and though there was a lot of activity on that front, it's not nearly as much as attempts to connect on port 80. After all, not every attempt to connect is done by a hacker/scammer etc. Search bots like Google also roam the web but no matter how good or bad their intentions are, every connection fills one precious socket. And that was my point about changing ports.
I think this thread is sending the wrong message.
An Arduino website can operate on port 80 and process all the web crawler and hacker traffic that is out there provided you have a bit of simple security to protect the things that need protection.
My Arduino web server home automation system has been running at http://www.2wg.co.nz for about a year. Right now it has been running for 24 days and 19 hours without a problem. I access it many times a day and the application services hundreds of search engine web crawler requests every day. It typically deals with a few dozen php hacks and proxy server requests - and a hundred ICON file requests as well every day.
Yes, it is true that the w5100 ethernet chip runs with just four sockets. I have a reason for bigger buffers (file uploads) so I have figured out how to run my Arduino web server using just two sockets and it is still perfectly reliable. (My website is running four sockets at the moment - I have not finalised my file upload functionality yet.)
All of that said there are issues within the Arduino ethernet functionality which seem to leave stuck sockets and when all four are stuck no clients can connect to the Arduino server because no sockets are available.
I have raised the issue here before and not got a definitive answer. However I have implemented a way to check for stuck sockets and to release (disconnect) them after ten minutes - and it works very well.
The root cause of the problem may be here - http://forum.freetronics.com/viewtopic.php?t=176 - I just have not investigated that information or tried that particular solution.
So my advice is use port 80 if you want your Arduino web server application indexed by the search engines and provided you can also discard php hack attempts and proxy server requests. You might also want to do something with icon requests - you can get a lot of them in a short time from some web browsers - I serve the first one for an IP address and ignore all following icon requests until there is a change of remote client IP address.
Avoid using port 80 if you do not want your Arduino web server application indexed by the search engines. Do not avoid port 80 thinking that you can rely on an odd port number for security purposes. Any port serving http requests can be found by determined hackers.
Cheers
Catweazle NZ