External Assessments
Close Open Ports
Why Having Open Ports Is Bad And Why You Should Close Them
Imagine your house with all the doors and windows wide open. While convenient for easy access, it also presents a clear security risk. Similarly, leaving open ports on your computer or network creates vulnerabilities that malicious actors can exploit.
What Are Ports?
Think of ports as numbered doorways in your digital world. Each port corresponds to a specific service or application, allowing data to flow through for its intended purpose. For example, port 80 is commonly used for web browsing, while port 22 is used for secure shell access. You can access the list of open ports that are visible to the outside world by running a Telivy External Assessment or a Risk Assessment.Why Are Open Ports Bad And Why Should You Close Them?
While necessary for certain functions, open ports present several security risks:Increased Attack Surface
Increased Attack Surface
Open ports are like open doors - they offer more entry points for attackers to probe and exploit vulnerabilities. The more ports open, the greater the attack surface and the risk of compromise.
Exploiting Vulnerabilities
Exploiting Vulnerabilities
Hackers can scan for open ports and use known vulnerabilities in the services running on those ports to gain unauthorized access. Unpatched software or outdated configurations further exacerbate this risk.
Malware Infiltration
Malware Infiltration
Open ports can be used to install malware onto your system, potentially leading to data theft, identity theft, or even remote control of your device.
Resource Drain
Resource Drain
Even unused open ports can consume system resources, making your device slower and more susceptible to performance issues.
High-Risk Ports (Close Unless Absolutely Necessary)
While necessary for certain functions, open ports present several security risks:FTP (20, 21)
FTP (20, 21)
Used for file transfer, but known for security vulnerabilities and lack of encryption. Consider secure alternatives like SFTP (22) or FTPS (990).
Telnet (23)
Telnet (23)
Unencrypted remote access protocol, highly insecure. Use SSH (22) instead for secure remote access.
NetBIOS (135, 137, 139)
NetBIOS (135, 137, 139)
Used for file and printer sharing in older Windows systems. Often exploited by malware. Disable if not needed.
Remote Desktop (3389)
Remote Desktop (3389)
Allows remote access to desktops, requires strong password and proper configuration. Consider alternative remote access solutions with better security practices.
SMTP (25)
SMTP (25)
Used for email sending, vulnerable to spam and phishing attacks. Implement strong spam filters and user education. Use SMTPS instead (587 or 465).
Database ports (MySQL - 3306, PostgreSQL - 5432 )
Database ports (MySQL - 3306, PostgreSQL - 5432 )
Used for accessing a database. Make sure there are proper access controls and strong passwords with MFA are used. Try avoiding public access to these ports.
Medium-Risk Ports (Use With Caution)
SSH (22)
SSH (22)
Secure shell access, essential for server administration but can be targeted by brute-force attacks. Use strong passwords and consider additional security measures.
DNS (53)
DNS (53)
Used for domain name resolution, essential but can be exploited for DNS poisoning attacks. Keep DNS software updated and consider security measures like DNSSEC.
Web servers (80)
Web servers (80)
Essential for websites, but require strong security practices like HTTPS encryption, regular updates, and secure coding practices.
Low-Risk Ports (Generally Safe To Leave Open)
HTTPS (443)
HTTPS (443)
Secure web browsing, essential for online transactions and secure communication.
VPN (various ports)
VPN (various ports)
Virtual Private Network, encrypts internet traffic for secure remote access. Choose reputable VPN providers and follow best practices.
Gaming servers (various ports)
Gaming servers (various ports)
Used for online gaming, often require specific ports open depending on the game. Research necessary ports before opening them.