How could you close,open-unused ports?


  1. Posts : 541
    Microsoft Windows 7 Ultimate 64-bit Service Pack 1
       #1

    How could you close,open-unused ports?


    There is a lot of...noise,amongst not in particularly,high-power users,but also simple home or office users about open ports,net,web ports,being used,either from Windows itself or applications.DCOM is an example of a Windows service,that is "listening" to the net,but also sends data through out it.Skype does that all the time.What about those open ports,can they be "closed'?Should they be closed,for safety reasons,not to allow to be used by malware,spyware,hackware?
      My Computer


  2. Posts : 2,490
    Windows 7 Ultimate x64
       #2

    From a security viewpoint, I would close everything you aren't using right now, and just open specifically what you know you need, the bare minimum you actually use and nothing more.

    Generally, you should distinguish the "direction" of the communication. You can have incoming connections, where other PC's "call" yours and outgoing, where you establish a connection with someone else. Both are important, but generally, in a regular home or office PC, the average user does a lot of outgoing connections (web browsing, email, MSN) and accept almost no incoming connections (file sharing on local network typically, and almost nothing from internet).

    A firewall is possibly the best line of defense against all of those, so that it blocks all ports and programs that aren't used (so no one can "call home"). Routers are very good at stopping incoming connections from internet to the local network, and software firewalls are good for unwanted outgoing ones.
      My Computer


  3. Posts : 541
    Microsoft Windows 7 Ultimate 64-bit Service Pack 1
    Thread Starter
       #3

    Well stated,the direction also is another component of the equation.To whom is our PC listening to?Who is listening to my PC?Data as well,how much in which direction.How to distinguish which ports to stealth,close or to remain open,and as the thread title initially is asking,how?
      My Computer


  4. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #4

    You can slow down some of the danger by not having programs starting at boot. Start them only when you want to use them. Like Skype, IM and such. If you want to use them, (have them active all the time) the ports will have to be open.
    Here is something you could check out by Gibson Research, Shields up.
    http://www.grc.com/default.htm
      My Computer


  5. Posts : 2,490
    Windows 7 Ultimate x64
       #5

    A router does incoming blocking more or less automatically, as from outside your network no one can see your PC unless explicitly allowed (which is disabled by default).

    For outgoing connections, you have to use a firewall preferably. That way you can select what ports, and which programs can use them, in both directions. Each one is different in the exact steps to setup the rules, but the basics are the same. Windows itself includes a firewall that does a good job, you may see a couple of tutorials about it in the forum, or just choose for another third party one.

    Which ports you need to open and in which direction is very dependent on which programs do you use. You have to search each one documentation's for which port to open. For example, web browsers use ports 80 and 443 for HTTP and HTTPS, mail clients 25/110/995, Windows file share use 137, 138 and 139. In any case, be sure to allow only that program on the firewall, so anything else cannot use that hole for its own purposes.

    How much data is transfered is easy, just open task manager and the network tab shows that. You may need to add the columns though the view menu => select columns => tick bytes received and bytes sent.
      My Computer


  6. Posts : 541
    Microsoft Windows 7 Ultimate 64-bit Service Pack 1
    Thread Starter
       #6

    Right on the head of the nail for both.I ended up to Gibson's site while trying to close down a port that was used by System PID 4,and that started a query about who else might be using other ports,without me knowing.That does mean(if it does),that either Windows firewall ,neither the routers settings,had made my system bulletproof.So now,here i am finding out that,ports like 5335,500,1025-1027,1030,1032 and each and every one of them,is leading to services(not windows services meant) like LLMNR (5355),network blackjack(1025?),isakmp(500) and so on,which are hard to comprehend.Too much worries about too less harm?
      My Computer


  7. Posts : 2,490
    Windows 7 Ultimate x64
       #7

    First, NOTHING can do your system bulletproof, going online implies some risks always and at most you can aim at reducing those. To be 100% secure from anything, you have to leave your computer turned off

    I see that you're using Windows Firewall. You probably need to properly configure it to your needs. By default, it's configured to be easy to use, that is, very insecure, as it opens a lot of incoming ports for I don't know what purposes and does NOT block anything outgoing.
    Open the advanced firewall settings (look for "firewall with advanced security" in start menu search) and there you can find both the incoming and outgoing rules that actually apply, to fine tune them to your particular usage.

    My personal preference is to begin with everything blocked (configure to block all except rules allowing it). That way you're effectively off the internet. Then selectively open ports one by one so your programs begin working again. While this is hard to do by hand and you need to know what are you doing, it gives you optimal security if you have the patience. In particular, I don't know any of the services you're naming. And if you don't know them neither, probably you're not using them, so it would be a good idea to block them until something breaks.
      My Computer


  8. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #8

    P2P and torrants can also leave ports open. Which is about as good of way of getting infected I can think of.
      My Computer


  9. Posts : 541
    Microsoft Windows 7 Ultimate 64-bit Service Pack 1
    Thread Starter
       #9

    Fiddled around with Gibson's site,scanned my ports for Internet Vulnerability,first 1056 ports came out as stealthed,tried out an app called DCOMbobulator,in order to disable DCOM,as a safety measure(that it didnt,is another issue),also tried a firewall leakage tester that turned out that my firewall WAS penetrated by it.The app is really small and does not provide additional info,on which port was used.Windows firewall has several rules grayed out(most of them) but many are in green,inbound and outbound.Installed ZoneAlarm,it only messed up my system.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:36.
Find Us