rodferna...
Thanks for your question. Below is a list of ports and whether or not
they should be open or closed:
21 FTP (File Transfer Protocol). This protocol is used to download
files from your machine using standard FTP programs. It should be open
only if you're running an FTP server.
22 SSH. TCP connections to this port might indicate a search for SSH,
which has a few exploitable features. SSH is a secure replacement for
Telnet. The most common uses of SSH are to securely login and copy
files from a server.
23 Telnet. Telnet can be used to log into your computer from a
terminal anywhere in the world. This port should be open only if
you're running a Telnet server.
25 SMTP (Simple Mail Transfer Protocol). A protocol for host-to-host
mail transport. This port should be open only if you're running a mail
server.
79 Finger. Finger is an Internet utility that allows someone to obtain
information about you, including your full name, logon status, and
other profile information.
80 HTTP (Hypertext Transfer Protocol). A protocol for transmitting
messages from the client to the server and back. This port should be
open only if you're running a Web server.
110 POP3 (Post Office Protocol). Internet mail servers and mail filter
applications use this port. This port should be open only if you're
running a mail server.
113 Ident / Authentication. This service is required by some mail,
news, or relay chat servers to allow access. A stealth result on this
port could cause performance problems.
119 NNTP (Network News Transfer Protocol). A service used by News
servers to distribute Usenet articles to newsreader applications and
between other servers.
139 NetBIOS. NetBIOS is used for Windows File & Print sharing. If
port 139 is open, your computer is open to sharing files over the
Internet. Other components of NetBIOS can expose your computer name,
workgroup, user name, and other information. To learn more about
preventing connections to your NetBIOS ports, see: NetBIOS Information
and Configuration Instructions
143 IMAP (Internet Message Access Protocol). IMAP is a sophisticated
protocol for electronic mail delivery. This port should be open only
if you're running an IMAP server.
443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web server.
445 Windows NT / 2000 SMB. A standard used to exchange Server Message
Blocks, and can be exploited in multiple ways, including gaining your
passwords.
1080 SOCKS. This protocol allows computers access to the Internet
through a firewall. It is used when one IP address is shared among
several computers. Generally this protocol only allows access out to
the Internet. However, it is frequently configured incorrectly to
allow hackers to pass traffic inwards through the firewall.
1723 PPTP (Point-to-Point Tunneling Protocol). This service is used
for virtual private networking connections.
Source:
Symantec Security Check
http://www.hhmi.ucla.edu/security/Symantec%20Security%20Check.htm
Thanks again for your question and if you need any additional
clarification, please let me know prior to rating my answer.
Regards,
-THV
Search Strategy:
ports that should be closed on a firewall
References:
Personal Firewall
http://www.wown.com/j_helmig/firewall.htm |
