Can we open any port and be safe when surfing the Internet?

Most of the tasks that we perform on the Internet, any user with basic knowledge can do them. We refer to browsing the Internet, downloading a file from the browser or checking email. However, sometimes we have to perform more complex actions that require us to open ports on our router. In this aspect, there are programs that, for their correct operation, need us to have a specific port open. At first we may think that it is worth opening any port we want, but that cannot always be done that way. In this article we are going to see if we can open any ports and the measures we can take to be sure.

What is a port, how does it open and its classification

A port we can define it as a logical identifier that, together with the IP address, identifies a TCP socket or a UDP socket, so that they can be used to send and receive different types of data. In order for there to be a point-to-point communication, it is necessary that the transport layer protocols such as TCP and UDP use these ports, in addition, if we are behind the NAT (Network Address Translation) and the server that listens is in the private network , it is absolutely necessary to carry out port forwarding to go through the NAT/PAT that we have in our router.

If we want to create a server of some kind or use a P2P client, to give some examples, we will need to take a few steps to open the ports that would consist of:

  • Assign a private IP to that computer.
  • Enter by web to the web configuration of the router. There we will allow access to that port to that private IP that we have assigned to our computer.
  • Give the corresponding permissions in the Windows firewall.

This is an example where you can see how to open any port:

This is done this way because otherwise, it would not know to which local IP to send the packets and they would end up being lost. On the other hand, it should be noted that there is a classification of ports. In some specific cases you have to use some specific ones for the program to work well. As for the ports, there is the following classification:

  1. well known ports: ranging from 0 to 1023. Port 21 for an FTP server or port 80 for web browsing are some of the most popular.
  2. registered ports from 1024 to 49151: for example 4662/tcp for the Emule P2P client.
  3. ephemeral ports that comprise the range 49152–65535. They are private ports that are not registered by the IANA (Internet Assigned Numbers Authority). These ports are used for private or custom services and temporary purposes.

Here you have explained in depth which are the main TCP and UDP ports and what each of them is for.

Why not open any port and be safe

The transport layer of the TCP/IP model has two types of protocols: TCP and UDP. Both are used constantly by different programs and application layer protocols. Cybercriminals sometimes look for signs of vulnerabilities by scanning the ports we have open. This, for example, gives you information about the programs we are using and whether they can exploit any security flaws. Their goal is to carry out attacks and try to hack our computers to see if they can get any benefit. Therefore, you have to think things through before opening any ports.

In this regard, there are a number of dangerous ports which are the most used by cybercriminals to carry out their attacks:

  • 22 for the SSH protocol.
  • 80 – HTTP (Hypertext Transfer Protocol).
  • 443 – HTTPS (Hypertext Transfer Protocol Secure).
  • 1194 that VPNs with OpenVPN use.
  • 3389 used for Remote Desktop RDP connections in Windows.

These ports and some others are quite dangerous if we do not filter them correctly with a firewall. The reason is because they could carry out different types of attacks on us and even hack our equipment. For this reason, we should not open any random port or any of the dangerous ones, unless we have to use them compulsorily. For example, don’t open port 80 on your router unless you plan to have a web server.

Also, if we want to stay safe, our equipment must be up to date and have the firewall properly configured. Finally, here are more dangerous ports and how to protect them.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *