Blocking Port Numbers
Port blocking is one of the most widely used security methods on networks. Port blocking is associated with firewalls and proxy servers, although it can be implemented on any system that provides a means to manage network data flow, according to data type.
Essentially, when you block a port, you disable the ability for traffic to pass through that port, thereby filtering the traffic. Port blocking is typically implemented to prevent users on a public network from accessing systems on a private network, although it is equally possible to block internal users from external services, and internal users from other internal users, by using the same procedure.
Depending on the type of firewall system in use on a network, you might find that all the ports are disabled (blocked) and that the ones you need traffic to flow through must be opened. The benefit of this strategy is that it forces the administrator to choose the ports that should be unblocked rather than specify those that need to be blocked. This ensures that you allow only those services that are absolutely necessary into the network.
What ports remain open largely depends on the needs of the organization. For example, the ports associated with the services listed in Table 1 are commonly left open.
|
Port Number |
Protocol |
Purpose |
|---|---|---|
|
21 |
FTP |
File transfers |
|
22 |
SSH |
Secure remote sessions |
|
25 |
SMTP |
Email sending |
|
53 |
DNS |
Hostname resolution |
|
80 |
HTTP |
Web browsing |
|
110 |
POP3 |
Email retrieval |
|
123 |
NTP |
Time information |
|
161 |
SNMP |
Network Management |
|
443 |
HTTPS |
Secure Web transactions |
|
3389 |
RDP |
Windows Terminal Services or Windows Remote Desktop |
These are, of course, only a few of the services you might need on a network, and allowing traffic from other services to traverse a firewall is as easy as opening the port. Keep in mind, though, that the more ports that are open, the more vulnerable you become to outside attacks. You should never open a port on a firewall unless you are absolutely sure that you need to.