How to identify application ports

Discussion in 'Computer Security' started by Gerard O'Neill, Jan 30, 2005.

  1. Hi all,

    I'm a security novice. I want to configure the firewall on my home router
    to block all unnecessary ports. How can I identify the ports that various
    application that I am running (which require internet access) are using, so
    that I can ensure that I allow to access to those ports?

    Thanks.
     
    Gerard O'Neill, Jan 30, 2005
    #1
    1. Advertising

  2. Gerard O'Neill

    donnie Guest

    On Sun, 30 Jan 2005 13:24:22 +1100, "Gerard O'Neill"
    <> wrote:

    >Hi all,
    >
    >I'm a security novice. I want to configure the firewall on my home router
    >to block all unnecessary ports. How can I identify the ports that various
    >application that I am running (which require internet access) are using, so
    >that I can ensure that I allow to access to those ports?
    >
    >Thanks.
    >

    #########################
    I'm assuming that you are not running a server. If that's the case,
    you should see what ports are opened on your machine(s). You didn't
    mention what OS you are running, how many machines are behind the
    router nor what router you have. Anyway, look at a
    netstat -an output and see what ports are opened. If you don't know
    how to read the output, let us know. You can also port scan your
    network from the outside to see what shows there.

    Don't forget the difference between a source port on the client
    machine (that's yours) a destination port on the server. The server
    could be a web server, telnet server, FTP, ssh and so on. For
    example, port 80 is used for web sites but when you machine asks for a
    web site, it's not port 80 on your machine, it's a random port that
    windows gives it, It's port 80 on the web server. Open a web page and
    then run netstat -an and you see what I mean.
     
    donnie, Jan 30, 2005
    #2
    1. Advertising

  3. Gerard O'Neill

    Nick Roberts Guest

    "Gerard O'Neill" <> wrote:

    > I'm a security novice. I want to configure the firewall on my home router
    > to block all unnecessary ports. How can I identify the ports that various
    > application that I am running (which require internet access) are using,
    > so that I can ensure that I allow to access to those ports?


    I cannot answer your question, and I am not an expert on firewalls, but I
    suspect that your question needs to be accompanied by some more details:
    what kind of computer; which operating system; which firewall; what you have
    tried doing already (and what happened); which applications you are running
    (or you want to run), if you know; any specific threats you are concerned
    with (if any); briefly, your own background and knowledge.

    --
    Nick Roberts
     
    Nick Roberts, Jan 30, 2005
    #3
  4. Gerard O'Neill

    Barney Guest

    Gerard O'Neill wrote:
    > Hi all,
    >
    > I'm a security novice. I want to configure the firewall on my home router
    > to block all unnecessary ports. How can I identify the ports that various
    > application that I am running (which require internet access) are using, so
    > that I can ensure that I allow to access to those ports?
    >
    > Thanks.
    >
    >

    Try the site below. It is great for identifiying ports from name or
    number. It might help.

    http://ports.tantalo.net/index.php?lng=en
     
    Barney, Jan 30, 2005
    #4
  5. Gerard O'Neill

    Mike Guest

    Gerard O'Neill wrote:

    > Hi all,
    >
    > I'm a security novice. I want to configure the firewall on my home router
    > to block all unnecessary ports. How can I identify the ports that various
    > application that I am running (which require internet access) are using, so
    > that I can ensure that I allow to access to those ports?


    Simple.
    1. Block everything in and out.
    2. Find out what doesn't work any more.
    3. Find out what ports the broken apps in step 2 need open.
    4. Use what you discovered in step 3 to configure your firewall/router.
     
    Mike, Jan 30, 2005
    #5
  6. Gerard O'Neill

    Moe Trin Guest

    In article <cthgh5$fc5$>, Gerard O'Neill wrote:

    > I'm a security novice. I want to configure the firewall on my home router
    > to block all unnecessary ports. How can I identify the ports that various
    > application that I am running (which require internet access) are using,
    > so that I can ensure that I allow to access to those ports?


    For a firewall, there are three very simple rules you should be following
    when trying to configure them:

    #1 - If you don't know what it is, block it, and see if anything breaks.

    #2 - If while denying the connection, nothing breaks, then you didn't need
    that.

    #3 - If the firewall appears to have 'broken' some function or service,
    look in the logs, and identify the specific problem. What specifically is
    being rejected? Then figure the smallest hole that will fix that problem.
    This may mean allowing connections to 'this' port, from 'that' IP address.
    Remember that word - you are opening a _hole_ in your defenses.

    A good rule of thumb is that you should disallow everything, rather than
    just rule 1. It is of little use to have blocked port $FOO, when an entire
    _army_ of bad stuff is coming in through the other 65,000+ ports that you
    left open to the world. This is especially true for the home user, or the
    inexperienced. Then you can follow rules 2 and 3 to resolve any problem that
    may develop. "Block everything by default, and allow needed items" is a lot
    safer than attempting to block specific items while allowing everything
    else. What you don't know (or block) _can_ hurt you.

    Old guy
     
    Moe Trin, Jan 31, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gerard
    Replies:
    0
    Views:
    1,035
    Gerard
    Jan 2, 2005
  2. Replies:
    0
    Views:
    586
  3. Eva
    Replies:
    2
    Views:
    329
    Tony Sperling
    Sep 6, 2005
  4. Richard
    Replies:
    2
    Views:
    9,358
    98245137S
    Oct 9, 2009
  5. arameshmca
    Replies:
    1
    Views:
    1,273
    ProgTalk
    Feb 7, 2008
Loading...

Share This Page