What are the ports used by the system, what is their function, how to know which ones are open, their danger and how to close them. List of all the ports and use of each of them.
What are the computer ports or communications ports on the computer?
Each computer or computer equipment that is connected to a network, uses some kind of communication ports through which it receives and sends information to other different computers.
In order to be able to carry out several data exchanges simultaneously at open port checker, there are 65536 exit and entry points, these are known as ports and are identified in a numeric way.
The technical definition is: A 16-bit number, used by a host-to-host protocol to identify to which higher level protocol or application program the received messages should be delivered.
They are organized by regulations assigned by the IANA (Internet Assigned Numbers Agency) into three categories:
- Ports between 0 and 1023 are ports reserved for specific uses that are regulated, the operating system opens them to allow their use by various applications through the so-called "well known" protocols, for example: HTTP, FTP, TELNET, IRC, POP3, etc.
- Those between 1024 and 49151 are called "Registered" and can be used by any application.
- Those between 49152 and 65535 are called "Dynamic or Private", they are used by the operating system when an application has to connect to a server and makes a request for a port.
Most known and used ports on the computer
Some of them, only the most known and commented are the following:
21 FTP port, used for downloading files to the computer.
23 Telnet port, protocol used for communication.
25 SMTP port, used by email clients to send email.
80 HTTP port, used by browsers to upload web pages.
110 and 995 POP3 port, used by email clients to receive mail.
119 NNTP port
139 The famous port of Netbios.
443 HTTPS port, used for secure loading of web pages.
445 Mobile IP
531 IRC port, used for chat services.
1521 Port for Oracle and SQL.
3306 Port for Mysql (Databases)
4661, 4662, 4665 Ports used for Peer to Peer connections such as Emule and others.
Pressing the following button will display the list of so-called "Well-known ports" on this page, which are between 0 and 1023.
What should we know about computer ports?
The ports of our computer are like the doors or windows of our house, we can go out and enter through the main door of it, but it is possible that a thief enters through the window, or worse, that enters with us through the main door without us realizing it. If we do not have adequate security, the ports can be used to observe our computers, steal information, spy on us, etc.
The one in charge of managing the ports is our operating system and the applications it contains or those we install, whether they are programs or games.
An open port is not necessarily dangerous. There is only risk if the program that uses the port has malicious code.
How, why and who opens the ports?
A port is not opened by the operating system, it is opened by a specific program wanting to use it. To close a port, it is usually only necessary to close the program or service that keeps the port open. So there is no reason to want to manually close all the ports on your system. In fact, without having ports open, the Internet would not work!
There are ports that we use in everyday communication and internet services and they do not constitute any danger such as
21 FTP port. It allows us to download files that are on FTP servers.
25 SMTP Email port. Use of email.
80 HTTP Port. All the communication necessary for the operation of the web pages.
110 POP3 Email port. Use of email.
How do I know which ports are currently open on my computer?
Windows includes a small tool called NETSTAT that works through the command line. It gives us the possibility to know exactly which ports we have open for listening and which ones are even receiving or transmitting information to the outside. Using it is easy, below are provided batch files that you can download to take advantage of the options it provides, but you can do it manually as follows.
View the open ports on your computer and listening
To find out which ports you have open, follow these steps:
- Copy and paste the following code in the box above the Start button or in the Run command, press the Enter key.
CMD /K NETSTAT -AN|FINDSTR /C:LISTENING
A black window will open in the CMD console where you will see a list of ports that are open and listening for a connection.
You can check the list of ports to see why they are open.
View the connections currently made on the computer
To know the connections established at this moment, do it in the following way:
- Copy the following code, paste it in the Start box or in the Run command (WINDOWS+R) and press the Enter key.
CMD /K NETSTAT -ANO -P TCP 04|FINDSTR /C:ESTABLISHED
You will see a black window in which all the connections established by the device are listed, indicating the IP address of the destination.
This way you can know if your computer inadvertently establishes a connection to a website.
Applications to view open and listening ports
I share the code to create a batch file, which when executed shows with NETSTAT all currently open and listening ports (LISTENING).
If you have doubts, read the following article that explains how to create it
Code to create a script that shows the open ports in the Firewall.
It is created in a similar way to a batch file, with the difference that you have to give the file the extension .VBS.
Why and how can we close the ports considered dangerous?
There are certain ports that are considered dangerous because they have been or are being used in such a way that they can constitute a threat to your system if they are open and you do not have a secure firewall that is able to protect you adequately. First, logically check the above methods to see if they are open.
Port 135 is shared by DCOM, task scheduler and MSDTC, if you have any of these services the port remains open and accepting incoming connections.
Close it by stopping the previous services or modifying the next registry key:
In EnableDCOM, change the Y parameter to N
Ports 137,138,139 and 445
If your computer has NetBios enabled, it "listens" on UDP ports 137 and 138, and TCP ports 139 and 445.
If NetBios is disabled, it will only listen on port 445.
To disable NetBios, under Internet Protocol 4(TCP/IPv4) ->Advanced Options ->WINS select "Disable NetBios via TCP/IP"
To completely disable NetBios through registration modify the following key:
Rename TransportBindName to TransportBindNameBAK
Ports 5000 and 1900 (uPnP)
Disabling the SSDP Discovery Service closes connections to port 1900 UDP, and 5000 TCP.