We all know it: it is very important to take measures to avoid being a victim of cyber attacks . Some attacks that can reach us through different ways, and one of them has to do with what are called vulnerable ports. And it is that with them, hackers can use many strategies to sneak malicious software such as spyware, among others. But how can we know what they are and how to close them?
The danger of vulnerable ports
We can say that the network ports for our connection are the gateways to a computer that allow different tools, programs and applications to run on it. There are thousands of network ports, which can be opened for multiple uses: from downloading P2P networks, playing online, making videoconferences…
Thus, these ports are a common way of referring to three important aspects: the first refers to network access points, such as the router you have at home to connect to the Internet; the second most common meaning refers to the actual point where the cable connects to this network device or even a computer.
And then there is the one that refers to the software system that allows computers to handle many tasks at the same time. These ports divide network traffic into a series of individual chunks, so information and services are kept separate. This is where what are called ‘ vulnerable ports ‘ appear, which can become very dangerous.
what are they about
In this sense, these range from exposing the vulnerabilities of our network to becoming a gateway for intruders , open ports can pose several risk vectors that threaten the confidentiality, integrity and availability of the connection.
That is why it is recommended to close open ports , which are usually the most vulnerable. To deal with the risks posed by this class of ports, there are those who rely on port scanning tools to identify, inspect, analyze and close them, as we can see below.
- Closed ports. These network ports completely reject all packets directed towards them and do not facilitate any incoming or outgoing traffic.
- Leaked ports. Traffic in and out of these ports is regulated by network agents such as firewalls. Any traffic or packet not authorized by the firewall is ignored or dropped.
- Open ports. The state of a port is considered open when there is an application or service listening on that port and it is accessible from outside your network.
This is done directly with what is a port scan with which you can obtain all kinds of information about it, as well as observe those that are protected by firewalls .
What are they and how to close them
Once we have seen and performed any of these analyzes, we are going to see what we can do if the result of the analysis carried out does not yield the expected results and instead of showing everything as closed, we have detected that a port is open without our authorization . Their characteristics are that they may have an unpatched service used on the port, misconfigurations or, for example, poor network security rules.
Today we have 65,536 ports and protocols available for computers to use. However, it’s probably reassuring that a 2019 study by Alert Logic found that 65% of cyberattacks associated with ports target just three of them:
- 22 SSH (Secure Shell)
- 80 HTTP (Hypertext Transfer Protocol)
- 443 HTTPS (Hypertext Transfer Protocol Secure)
If we find ourselves in this situation, we must act quickly , protect ourselves through a firewall, perform a virus scan and save our data, so our recommendation in this situation is to carry out the following steps .
The first thing we need to do is go to the Control Panel . Once there, it is time to access the Task Manager option. By selecting this option, we are located in Services and Programs , from which we will have the option to view the services that are active and the ports that have been opened with these services.
It will be when, in the displayed list, we can choose the service that we want to disable and select the deactivate option. Thus, we can close it as well as the port that was opened with said service, this in an automatic way.
Although it is also true that it will not always be so easy to close these vulnerable ports. To achieve this task, the best recommendation is to opt for specialized programs and, if possible, add a firewall to them. These programs are the ones that will be in charge of blocking the ports that are not necessary to have open. That is when it will create security guidelines, notifying us of any eventuality and automatically blocking any existing threat.