Close Your Ports — Implicit Deny

Photo by Jordan Harrison on Unsplash

There are 65,535 ports on your computer assuming you are only connected to one network at a time. That’s a lot of ports and this article is going to be a little more advanced than the previous articles. Your computer and router depend on ports to appropriately flow data from your devices, through the internet, and to their intended target and purpose. The Security+ exam focuses on a couple dozen ports that are the most common and most critical to know. While there are thousands of ports on your computer, you only need a few to do the most common things you do on the internet. The most common ports are 80 and 443. These two ports allow for most of the internet traffic to pass through. 80 allows for all HTTP traffic, which is basically any website and 443 allows for HTTPS traffic which is secure websites. So, if most of what you do on your computer can be handled via those two ports, why do we need the other 65,333 ports? That’s a lot of ports that are just open. Since I haven’t mentioned it here yet, some, but not all of the other ports can sometimes be exploited and give access to a bad actor to your network and data.

With so many ports and so many different ways to be exposed, you may be wondering what you can do to protect yourself. If you are a Windows user, you’ve probably heard of a firewall already. A firewall helps you stay protected because it helps you control the traffic that enters your computer or network. Firewalls can exist on your individual computers or on your network router. Configuring a firewall is easy but I’d encourage you to do your own research or hire someone that is skilled in setting up firewalls. What I’ll be explaining in the next section assumes that you are comfortable with setting up firewalls.

The first thing you want to do when configuring your firewall is to deny all. This will literally close all your ports and prevent traffic from entering your network or computer. This is a little too extreme as you literally cannot get on the internet anymore if you leave only this permission enabled. The next thing you want to do is open port 80 and 443. Since these are the most used ports, these should be allowed to transmit data. From there, it’s up to you what ports you need. There are ports dedicated to SSH, SMTP, FTP, and dozens others that are common and frequently used. If you use one of those other ports and you don’t re-enable them, then some services will fail to work properly since the deny all is preventing any traffic from transmitting on that port. If you’ve never configured your firewall, it can be a bit overwhelming. But this is an effective way of protecting your network and devices. Maybe to start out you don’t deny all, but at least close some of the ports that are obviously not in use.

I’m an engineer working professionally in San Diego, CA. I’m trying to improve every day and use this space to document. Connect: