Hack 51 Close Down Open Ports and Block Protocols


You don't need a firewall to protect your PC; you can manually close down ports and block certain protocols.

As noted in [Hack #46] and [Hack #48], firewalls can protect your PC and your network from intruders. But if you don't want to install a firewall and you still want protection, you can manually close down ports and block protocols.

Some of these ports and protocols are more dangerous than others. For example, leaving open the port commonly used by Telnet (port 23) means that someone could use that service to take control of your PC. And the infamous Back Orifice Trojan, which also can give malicious users complete control of your PC, uses a variety of ports, including 31337 and 31338 among others. For a list of which ports are used by Trojans, go to http://www.sans.org/resources/idfaq/oddports.php.

In this hack, you'll need to know which ports you want to be open on your PC, such as port 80 for web browsing, and you'll close down all others. For a list of common ports, see Table 5-2 [Hack #49]. For a complete list of ports, go to http://www.iana.org/assignments/port-numbers.

To close down ports and protocols manually, right-click on My Network Places and choose Properties to open the Network Connections folder. Right-click on the connection for which you want to close ports and choose Properties. Highlight the Internet Protocol (TCP/IP) listing and choose Properties. On the General tab, click the Advanced button. From the Advanced TCP/IP Settings dialog box that appears, choose Options, highlight TCP/IP filtering, and choose Properties. The TCP/IP filtering dialog box appears. To block TCP ports, UDP ports, and IP protocols, choose the Permit Only option for each. Doing this will effectively block all TCP ports, UDP ports, and IP protocols.

You don't want to block all ports, though, so you have to add the ports that you want to allow to pass?such as port 80 for web access. You need to keep port 80 open if you want to browse the web. Click Add to add the ports or protocols that you will allow to be used, as shown in Figure 5-24. Keep adding as many ports and protocols as you wish to be enabled, and click OK when you're done. Only the ports and protocols that are listed will be allowed to be used.

Figure 5-24. Blocking TCP ports, UDP ports, and IP protocols

Keep in mind that there are many hundreds of TCP and UDP ports used by Internet applications and services. If, for example, you enable only web access, you won't be able to use all other Internet resources, such as FTP, email, file sharing, listening to streaming audio and video, and so on. So, use this hack only if you want a very limited number of Internet services and applications to be used by your PC.