The danger of vulnerable ports
We can say that the network ports for our connection are the gateways to a computer that allow different functions to run on it. tools, programs and applications. There are thousands of network ports, which can be opened for multiple uses: from downloading P2P networks, playing online, making videoconferences…
Thus, these ports are a common way of referring to three important aspects: the first refers to the network access points, such as the router you have at home to connect to the Internet; the second most common meaning refers to the actual point where the cable connects to this network device or even a computer.
And then there is the one that refers to the software system that allows computers to handle many tasks at the same time. These ports divide network traffic into a series of individual chunks, so information and services are kept separate. That is where those who are called as ‘vulnerable ports‘, which can become very dangerous.
what are they about
In this sense, these range from exposing the vulnerabilities of our network to becoming a entry way for intrudersopen ports can pose several risk vectors that threaten the confidentiality, integrity, and availability of the connection.
That is why it is recommended close open ports, who are usually the most vulnerable. To deal with the risks posed by this class of ports, there are those who rely on port scanning tools to identify, inspect, analyze and close them, as we can see below.
- Closed ports. These network ports completely reject all packets directed towards them and do not facilitate any incoming or outgoing traffic.
- Filtered ports. ANDTraffic in and out of these ports is regulated by network agents such as firewalls. Any traffic or packet not authorized by the firewall is ignored or dropped.
- Open ports. The state of a port is considered open when there is an application or service listening on that port and it is accessible from outside your network.
This is done directly with what is a port scan with which you can obtain all kinds of information about it, as well as observe those that are protected by firewalls.
What are they and how to close them
Once we have seen and performed any of these analyzes, we are going to see what we can do if the result of the analysis carried out does not yield the expected results and instead of showing everything as closed, we have detected that some port is opened without our authorization. Their characteristics are that they may have an unpatched service used on the port, misconfigurations or, for example, poor network security rules.
Today we have 65,536 ports and protocols available for computers to use. However, it’s probably reassuring that a 2019 study by Alert Logic found that 65% of cyberattacks associated with ports target just three of them:
- 22 SSH (Secure Shell)
- 80HTTP (Hypertext Transfer Protocol)
- 443 HTTPS (Hypertext Transfer Protocol Secure)
If we find ourselves in this situation, we must act quicklyprotect ourselves through a firewall, perform a virus scan and save our data, so our recommendation in this situation is to carry out the following steps.
The first thing we have to do is go to the Control Panel. Once there, it is time to access the option Task Manager. By selecting this option, we are located in Services and Programsfrom which we will have the option to view the services that are active and the ports that have been opened with these services.
It will be when, in the displayed list, we will be able to choose the service that we want to disable and select the disable option. Thus, we can close it as well as the port that was opened with said service, this in an automatic way.
Although it is also true that it will not always be so easy to close these vulnerable ports. To achieve this task, the best recommendation is to opt for specialized programs and, if possible, add a firewall or firewall. These programs are the ones that will be in charge of blocking the ports that are not necessary to have open. That is when it will create security guidelines, notifying us of any eventuality and automatically blocking any existing threat.
#Find #ports #vulnerable #connection #close