Monday, 21 March 2011

Free Ports on Your Computer

There are some physical and some logical ports on a computer. For Physical Ports we have USB, Keyboard, Mouse, LPT and serial ports. But there are some logical ports too.

Internet Ports
Every service that you connect to on the Internet listen on a particular port. For example, the World Wide Web Service listens on port 80.Ports are basically the pathways for information to in or out of computer.
A port is an application-specific or process-specific software construct serving as a communications endpoint used by Transport Layer protocols of the Internet Protocol Suite, such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). A specific port is identified by its number, commonly known as the port number, the IP address it is associated with, and the protocol used for communication.
Every computer or device on the Internet must have a unique number assigned to it called the IP address. This IP address is used to recognize your particular computer out of the millions of other computers connected to the Internet. When information is sent over the Internet to your computer how does your computer accept that information? It accepts that information by using TCP or UDP ports.
Transport Layer protocols, such as TCP, UDP, specify a source and destination port number in their packet headers. A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535. A process associates with a particular port (known as binding) to send and receive data, meaning that it will listen for incoming packets whose destination port number and IP destination address match that port, and/or send outgoing packets whose source port number is set to that port. Processes may bind to multiple ports.
Types of ports
The port numbers are divided into three ranges:
--> Well Known Ports Ports 0-1023 designated as "well known ports" are assigned by IANA (Internet Assigned numbers authority) and are generally reserved for system processes.
For example, as mentioned above, the protocol http is assigned port 80.
--> Registered Ports and Ports 1024- 49151 are called "registered ports"; their assignments are coordinated and approved by IANA.The Registered Ports are listed by the IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users.
A list of these is published so that conflicts in the use of ports do not arise. (Malware writers, of course, do not observe these rules.)
--> Dynamic and/or Private Ports The remaining ports 49152- 65535 are called "dynamic" and/or "private ports". These are unregulated.
Securing ports from intruders
Since ports are used to exchange information between a computer and the Internet, they are also a pathway for intruders to gain access to your computer or for malware to use your computer for unauthorized activity on the Internet. If this listening action is done without taking security steps, the port will be open to incoming signals and may be vulnerable to intruders.
Following ways goes well in securing the ports->
--> Firewalls
A firewall will monitor incoming signals and will block any that your system has not specifically requested. Most software firewalls also watch for outgoing traffic and will block any that is not authorized. This protects against Trojan horses and any unwanted activity by spyware or adware.
--> Keeping ports closed to intruders
Crackers are constantly using scanning software to probe many thousands of IPs, looking for a computer with open ports. Today no unprotected computer is safe on the Internet. Estimates vary from a few minutes on up as to how long it takes an unprotected computer to get infected. SANS, a security firm, shows a chart of the average time between attacks for its clients and recent times are 20-30 minutes. All PCs, therefore, need to have some kind of firewall protection.Even if you have a firewall installed, it is wise to have your ports scanned to see if they appear invisible to the outside world.

No comments:

Post a Comment