Closing open ports will improve your network’s security. Why? Is it really a big deal? Read on then you decide.
Techs know that IP addresses will communicate via TCP or UDP. Internet services require specific ports in order to function. For example, HTTPS uses port 443. If you close this port you severely limit your Internet functionality. But there are known malicious, outdated protocols and unused ports that you should shut down. This will greatly improve your network security.
All ports are a potential attack vector, and no port is natively safe and secure. Some common ports are commonly abused. You will need to keep these open but configure rules to lock them down.
Of course, you need to have a basic knowledge of what ports are being used legitimately. How do you know what ports are open?
To find open ports on your network there are lots of free tools available, like Nmap and Angry IP.
Identify your open ports. If you don’t know what they are used for, research. Do a search. Speedguide.net is a pretty good resource for short and quick information.
Some common ports are regularly hacked. Closing these ports or configuring rules to control their use is recommended. For instance, if you are using web-based email, close port 25. You don’t need it!
Don’t forget that some services run on TCP and UDP so you’ll have to be mindful of which, or both, of those, you will shut down.
Here are some basic, known ports that have a better than average risk of being exploited.
- Port 19 – Chargen: this is an outdated protocol and should not be open.
- Port 23 – Telnet: hopefully, you aren’t still using this.
- Port 25 – SMTP: if you use web-based email, shut it down.
- Port 3389 – RDP: do you need this open?