Sec?

In these days of high bandwidth connections, it is needless to say that hardening your computer from hackers is most important. In this blog, I will try to explain about network ports, their types and steps to securing your computer from being accessed by hackers through those ports.

What is a port?

To explain what a port is, I will use an analogy between the computer and the telephone. Port numbers and their associated IP addresses work something like telephone numbers and associated extension numbers. One can say that an IP address is like a telephone number which is unique. A port number is like an extension number that is used to identify a single telephone set within an organization. Different organizations use the same extension numbers inside their primary phone number. Similarly different PCs use the same range of port numbers for different purposes.
In a computer, there are multiple ports which host services of different kinds. For example TCP (Transmission Control Protocol) port 80 is for hosting web services,
Port 25 is for sending email, port 23 is for remote login through telnet etc. When you give somebody access to your computer, either you can give access to all the ports or you may give access to a particular port, depending on the type of service you want to host or his/her requirements.

What are port types?

The port numbers are divided into three ranges: the Well Known Ports,
the Registered Ports, and the Dynamic and/or Private Ports.
The Well Known Ports are those from 0 through 1023.
The Registered Ports are those from 1024 through 49151.
The Dynamic and/or Private Ports are those from 49152 through 65535

For the complete list of all the TCP and UDP port numbers and their description, please click on the following link:
TCP and UDP port numbers

Securing the TCP/UDP ports in your PC

1. To determine the open ports in your computer, download a freeware called FreePortScanner from www.nsauditor.com and run it.

2. Use a firewall program to block all inbound traffic and only open the ports for necessary outbound traffic like FTP(21), HTTP(80), HTTPS(443), DNS(53) etc. The benefit of allowing outbound traffic for well known ports only is that if viruses, worms or Trojans try to establish outbound connections through unknown ports, they will be blocked as well.