The answer to this question depends on your specific security requirements and network configuration. In general, you should close ports that are not necessary for the normal operation of your system or network.
Here are some ports that are commonly recommended to be closed or filtered:
- Port 23 (Telnet): Telnet is an insecure protocol that sends data in plaintext, making it vulnerable to interception and eavesdropping. It is recommended to use SSH instead.
- Port 21 (FTP): FTP is also an insecure protocol that sends login credentials and data in plaintext. It is recommended to use SFTP or FTPS instead.
- Port 25 (SMTP): SMTP is used for email transmission, and is often targeted by spammers and attackers. It is recommended to restrict SMTP traffic to authorized servers only.
- Port 137-139 (NetBIOS): NetBIOS is an older protocol that is often used for file and printer sharing on Windows networks. It is vulnerable to attacks and should be filtered or disabled if not needed.
- Port 445 (SMB): SMB is used for file sharing on Windows networks and is often targeted by attackers. It is recommended to filter or restrict SMB traffic to authorized users and servers only.
However, it’s important to note that closing ports can also impact the normal operation of your system or network. It’s recommended to consult with a security professional or IT expert to ensure that your security measures are appropriate for your specific needs.
Read More: How to Close Exposed High-Risk Ports
FAQs
In general, you should close ports that are not necessary for the normal operation of your system or network. Here are some ports that are commonly recommended to be closed or filtered: Port 23 (Telnet): Telnet is an insecure protocol that sends data in plaintext, making it vulnerable to interception and eavesdropping.
Are there any ports that you would recommend closing? ›
In general, you should close ports that are not necessary for the normal operation of your system or network. Here are some ports that are commonly recommended to be closed or filtered: Port 23 (Telnet): Telnet is an insecure protocol that sends data in plaintext, making it vulnerable to interception and eavesdropping.
What ports should be closed on a firewall? ›
Common High-Risk Ports
| Port | Protocol | Recommended Action |
|---|
| 25 | TCP | Disable always. Use SMTPS instead. |
| 110 | TCP | Disable always. Use POP3S instead. |
| 143 | TCP | Disable always. Use IMAPS instead. |
| 80, 8000, 8080, and 8888 | TCP | Disable recommended. Use HTTPS instead. |
28 more rowsApr 6, 2023
Blocking all outbound ports - except core needed ones?
- HTTP - TCP:80.
- HTTPS- TCP:443.
- POP3 - TCP:110 (secure POP is typically TCP:995)
- IMAP4- TCP:143 (secure IMAP is typically TCP:993)
- SMTP - TCP:25 (secure SMTP is typically TCP:465)
- DNS - UDP:53 (external lookups)
- MS RPC TCP, UDP Port 135.
- NetBIOS/IP TCP, UDP Port 137-139.
So what ports should you open on your firewall? The answer is simple: only the ones, that are required to do your business. If you host a web server, than you would open and forward ports 80 and 443 only for the access to this web server. There is no use to open it for any other computer.
What ports should you block? ›
Which Ports Should You Block On Your Firewall?
| Service | Port Type | Port Number |
|---|
| NetBIOS/IP | TCP, UDP | 137-139 |
| SMB/IP | TCP | 445 |
| Trivial File Transfer Protocol (TFTP) | UDP | 69 |
| Syslog | UDP | 514 |
3 more rowsOct 25, 2021
Enter "telnet + IP address or hostname + port number" (e.g., telnet www.example.com 1723 or telnet 10.17.xxx.xxx 5000) to run the telnet command in Command Prompt and test the TCP port status. If the port is open, only a cursor will show. If the port is closed, a message will say Connect failed.
What are the most hacked ports? ›
Ports 80, 443, 8080 and 8443 (HTTP and HTTPS)
As the most popular internet protocols, HTTP and HTTPS tend to be targeted by malicious actors. Their actions often involve SQL injections, cross-site scripting, DDoS attacks, and request forgery.
Is port 1433 a security risk? ›
Several vulnerabilities come with using port 1433. These include injection attacks, which can lead to data breaches if not adequately mitigated. Like other database ports, including 1434 and 3306, these are frequently targeted by attackers for the distribution of malware, or as direct targets in DDoS attacks.
Why should ports be closed? ›
Open port vulnerabilities pose a significant security risk to your organization. If left exposed, ports are a gateway for hackers to breach your network and steal your data.
Many administrators who manage web servers on their network tend to block traffic for port 80 (HTTP) and only allow 443 (HTTPS) with the hope that it will secure their network. This is a myth, and this article demonstrates why port 80 is no different than port 443 if your goal is to make your network secure.
Which type of port is most vulnerable to attacks? ›
HTTP and HTTPS (Ports 80, 443, 8080, and 8443): These hotly-targeted ports are used for HTTP and HTTPS protocols and are vulnerable to attacks such as cross-site scripting, SQL injections, cross-site request forgeries, and DDoS attacks.
What port do most routers use? ›
Most wireless routers have at least two ports: one WAN port and one or more LAN ports. In all homes and most small businesses, the WAN port connects to a high-speed modem, like a DSL or cable modem, which in turn connects the router to the Internet.
How do I decide which port to use? ›
Port numbers between 1 and 1024 have been assigned to various services by the Internet Assigned Numbers Authority. Do not use port numbers below 1024 other than 389 or 636 for directory services as they will conflict with other services. Additionally, port numbers below 1024 are accessible by root only.
What ports need to be open for internet access? ›
Ports
- 21 - FTP (control connection)
- 22 - SSH.
- 23 - Telnet.
- 25 - SMTP.
- 80 - HTTP.
- 110 - POP3.
- 143 - IMAP4.
- 443 - HTTPS (HTTP over TLS or SSL)
Open ports aren't dangerous by default, rather it's what you do with the open ports at a system level, and what services and apps are exposed on those ports, that should prompt people to label them dangerous or not. The reason people call for closed ports because less open ports reduces your attack surface.
Why should you close ports? ›
Open port vulnerabilities pose a significant security risk to your organization. If left exposed, ports are a gateway for hackers to breach your network and steal your data.
What does closing ports do? ›
So when you close a port that is forwarded to the server, you will protect the server / service that is listening on this port. But usually you wouldn't be forwarding public connections to a service that is not required for your business. So in many cases, just closing a port is not an option.
How do I close a port? ›
Here are the steps for Windows:
- Find the process ID (PID) of the port (replace the 'portNumber' with the number) netstat -ano | findstr :portNumber. Copy the PID number for the next step.
- Kill the process. First, try this (replace typeyourPIDhere with the number you copied above): taskkill /PID typeyourPIDhere /F.
Answer. A closed port indicates that no application or service is not listening for connections on that port. A closed port can open up at any time if an application or service is started. A filter port indicates that a firewall, filter, or other network issue is blocking the port.
