To complete a week of articles dedicated to computer security, necessary after the panic triggered by the spread of the Wannacry Ransomware, we see here how to lock the ports on the computer . For the uninitiated, in computer science the addresses are called doors to reach, in a computer network, a particular service or software.
As an address, the door is expressed by a simple number, which can be 123, 135, 145, 80 or any other.
The complete address to connect to a computer is always IP: port, therefore, for example, 23.23.43.122:23
For example, if a file sharing service via FTP was active on your computer, so that the shared files could be reached from the internet, then you can open a connection with that computer from its IP address, on port 23 (which is the standard one of FTP).
Another example is that of port 80 of HTTP or 443 of HTTPS : to connect to a website, which is hosted on a server somewhere in the world, you must type in its IP address (then translated into a web address), plus port 80 or 443 (By convention browsers hide the numbers 80 and 443).
A third example to understand what ports are is that of programs to download Torrents, which often require user intervention to open the ports on the router so that the computer not only has access to the data to download, but can also share parts of its files to other people in the peer to peer exchange.
READ ALSO: Computer dictionary for the Internet and Networks with the meaning of the main terms
Locking the ports on the PC, in theory, would not be necessary because Windows still prevents connections from the outside to the computer if they are not authorized.
However, if there was a hole not yet patched by Microsoft or that had been opened by some malware and viruses, then here are the risks that can lead to a hacker controlling your PC.
Windows is configured, by default, with specific open ports, to avoid problems when using certain services or programs and controls the authorization of new programs to open new ports through its Firewall.
However, given the increasingly frequent ransomware dangers, those who want to protect their PC from Hackers and Viruses even more strongly, could block these ports on the Windows Firewall and avoid attacks from the outside .
Before closing doors, it is best to check which ports are open on your Windows computer .
There are several ways to do this, including some simple programs to control open ports and connections, including Currports, which is very effective and simple.
CurrPorts lists all the programs and services active on the internet and the local ports that are open at that time.
This list of open doors is useful for deciding whether it is worth keeping active or a program or a service or which ones to keep active on the net, but deactivating the possibility of being exposed on the internet.
An immediate way of knowing the most common ports that are opened by Windows by default is checking the Gibson port scan site by pressing on Common Ports .
It will therefore be found, on every Windows PC, that most of the ports are in "Stealth" status, that is, undetectable by scans.
If it turns out that a port is open, it is better to immediately investigate which program is kept active and, if necessary, immediately close that program or block that port on the firewall.
On the you get Signal website it is possible, instead, to test listening and opening specific ports, with the port forwarding test.
This site, like Gibson's, identifies a door as "open" if the program communicating through it is active.
To block ports in Windows, without downloading programs, you must use the firewall included in Windows 7, Windows 10 and Windows 8.1 or you can use the firewall usually included in the configuration panel of the router.
The router already in its normal operation blocks the incoming connections on the computer, unless they are specifically allowed (for example by activating DMZ or opening specific ports).
Closing doors on Windows is therefore especially useful to protect that PC from other computers on the network rather than from internet connections of unauthorized programs (such as viruses), which should already be prevented unless sensational bugs or if they have not been installed Microsoft update patches.
To block doors in Windows you only need to open the Start menu, search for Windows Firewall and open it.
- Click on incoming connection rules on the left side
- Select New Rule from the Actions pane.
- Select Port from the Rule type choice.
- Select TCP or UDP and specify the ports or a range of ports (for example 445 or 137-139).
- Select block the connection .
- Select when to apply the rule (leaving everything active in case of doubt).
- Give a name and description.
In the event of problems with some function of the computer, if you experience connection problems, then undo the blocking on the port from the firewall and delete the rule.
The procedure must be repeated for any other door to be blocked.
At this point, programs like CurrPorts will still be able to reveal services or programs listening on these ports, but in any case they will always be refused incoming connections.
READ ALSO: Secure your home Wifi connection and protect yourself from network intrusions
