Question:
What's the risk of having a port open?
alicia
2016-05-11 09:00:35 UTC
Well, ALL ports on my router are closed. I need 1 port open, but I want to know the security risks first. Are they any ways to open up a port safely, and still have the port secure, so no one could exploit my system or something? Also, what does a port listener do, doesn't it listen for incoming connections to that port that is being listened on? What are the chances of some one hacking me, if I have 1 port open?
Six answers:
Frances
2016-05-15 07:28:34 UTC
No, firewalls will not keep you secure IF you open ports. To applications listening on those ports it's as though the firewall isn't even there. It's important to enable OUTGOING filtering as well, to only allow the ports from YOUR apps to access the Internet.



Assuming the attacker has rooted your system he will try to open additional listening ports to login externally to your computer. The firewall may help in this case, BUT the hacker still has access to your system to use as they want.





Now the answer to your original question:



Ports provide a *potential* path for an intruder to gain access to your systems.



I say *potential* because the outcome is greatly dependent on:



a)The skill of the attacker

b)The specific service active on that port

c)The hardening of the listening system

d)Other security devices such as IDS (Intrusion Detection System) monitoring the connection.



One of the first things an attacker will do is to try identify the OS of the system. That's pretty easy using TCP fingerprinting.



Next she'll try to determine the service running on the port

If you are following standard port numbering that job is done.

So try to use non-standard high numbered ports instead.



Next he will try every exploit and buffer overflow attack on record.

The only way to protect against this is to keep your OS up to date with patches.



So in general, if you don't absolutely positively need to have incoming connections from the Internet, keep everything closed.



In apps where you think you need incoming connections you can often use a proxy server as a way to bridge clients to another server. But that depends on the application.
Dennis
2016-05-11 12:22:56 UTC
If i ping an open port that open port will ping me back. At that point i have not only found a port, but also the IP address of the computer.



Open and responsive ports are dangerous, it will alert hackers to you being online. A closed and unresponsive port behaves like the computer is switched off and any hacker will move on to the next victim with no idea you ever existed.
amania_r
2016-05-11 09:08:07 UTC
The risk is all in what you have listening on that port. If the external system can somehow 'get into' that application, they could use it as a home for exploiting vulnerabilities in your local network.



So for example if your application is a poorly configured web server, the attacker could exploit the vulnerabilities and install something on that server which runs and tries to find vulnerabilities in other computers on your network.



The port listener will be the application on your computer that is listening for incoming connections on that port.

So you need to open a route to that computer and port on your router and you also need to have the app listening on that port on that computer.
2016-05-11 09:09:27 UTC
a port is a hole between your computer and the internet. best to have ALL ports closed, lest the hackers find a way in.

the only ports that should be open are the ones in use...
chrisjbsc
2016-05-11 09:17:27 UTC
With no ports open, then the router is doing nothing. You have to have at least one port open in order to allow any form of network connection.
anonymous
2016-05-11 09:43:33 UTC
None


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...