Why is it important to know what ports are open on your computer? Ports are associated with specific services. For example- if you open up the internet and type http://www.wordpress.com a virtual port opens in your network services to allow your computer to go out to the internet. That port is 80. If web servers are installed, they have this port open and any firewalls they are behind must have this port open. On hardware firewalls, this computer is plugged into the DMZ (usually a port that says optional / DMZ).
Port numbers are like doors on your house. These doors can be locked or open for people to come into. Firewalls are the locks on your computer, locking these doors and preventing access. What are some of the common port numbers and what services / programs use these?
- 7 Ping also known as ICMP or ECHO How do you use it? Go to start, run type cmd. Hit Enter. Type ipconfig. This will give you the ip address of your computer and your gateway. What is a gateway? Usually this is your router or modem. Type ping and the number of your gateway. You should get a response. This tells you if you can communicate with this device. A requested time-out indicates there is a problem. Now that you can use ping, you can substitute the number if you know another computer’s ip address. If the computer has a firewall on, you will get a requested time out. This is a great troubleshooting tool.
- 21 FTP FTP is used to upload files to a webserver. In today’s world with internet applications, websites can be managed (files can be uploaded or downloaded) to make changes. FTP can be used to download or upload large files to or from a server.
- 25 SMTP SMTP is used to send email. NOT webmail like hotmail, yahoo or google. SMTP is used by programs like Microsoft Outlook, Pegasus, or Thunderbird.
- 110 PoP3 is used to receive mail. NOT webmail like hotmail, yahoo or google. PoP3 is used by programs like Microsoft Outlook, Pegasus, or Thunderbird.
- 53 DNS DNS is the process (actually servers) that change the friendly name of a webpage (i.e. www.wordpress.com) into the IP address. Having friendly names on the web makes the web easy to use. Without DNS, you would have to type the IP address of a website in the address line of Internet Explorer or Firefox. If you want to see how it works, ping www.wordpress.com , write down the IP address, open your web browser and type the number in the address box and hit enter.
- 80 HTTP HTTP is used by websites. 443 HTTPS HTTPS is for secure websites (your bank or a vendor with ecommerce)
- 135-139 NetBios is the name of a computer on your network. If you have a computer on your network, you can go to start run or (Windows 7) search and type \\thenameofthecomputer and hit enter. If you have files on the computer or a printer, the computer will appear in an explorer window. If you are sharing a printer or folder, port 445 will be open (file and print sharing)
The average person uses these ports on a daily basis and doesn’t realize it. These are just a few of the 65,000 ports on the back of your computer. Now that is 65,000 TCP / UDP ports. If you surf the net without your software firewall on, you are well, nuts. While most computers today are NATed (they have a private IP address) behind a router/modem, leaving these firewalls open makes you vulnerable. Vulnerable~ well if you have any pictures, spreadsheets, documents, tax information or something that is private, surfing without a firewall will allow others to get into your computer and steal this information.
Tutorial on TCP/IP by Steve Mallard
What about chat and P2P file sharing and bittorrents ? These programs can have dynamic ports making these some of the most dangerous software programs that can be used by someone who is not trained. How? Alot of folks who turn on their firewall download these programs and the programs create exceptions (open ports) on your computer so they can share your information with others. I had a friend who downloaded a popular P2P program to download music he showed me where he could right click on the person’s computer he was downloading from and could navigate the entire computer. [In the computer – medical records, music and tax information in the same folder] he actually sent a message to the person and they had the audacity to get mad. Remember if you download this software, and don’t use it properly, you will be sharing your information with EVERYONE. Your information is your entire harddrive if you are not careful. That is the same thing as leaving the keys to all of the “doors” in your house.
Use Currports to see what ports are open and what is using them. Or you can type netstat -v -n at a command prompt.
Update – these questions were recently asked -
I have two qustions regarding your posts on ports,
I used Winmx, a P2P software for sharing files …
In winmx, You can specify which folders are open for sharing and which aren’t …
Is this still asecurity risk??
Secondly, for using a stock market software, I’ve been asked to open up ports 18001 to 18005 …
What’s the deal here??
Anytime you are using P2P file sharing, you are taking a risk with legalities and with security. If you use this software, you must control the folders that are being shared and double check all of the settings in the software (i.e. when it starts, what it shares and what others can do to the software)
Also, if you are asked to open specific ports for programs, you should only open the ports for trusted programs. Sometimes these programs require these ports to be opened by the original programmers in order to communicate with servers.
See our article -