Home » Questions » Computers [ Ask a new question ]

Why is it bad to have open ports?

Why is it bad to have open ports?

Here's something that has always baffled me. Why is it bad to have open ports on your computer? Assuming you don't have a virus on your computer or some other program listening to a port that may actually do something why does it matter if a port is open? If some malicious person starts sending packets to a port, but nothing is there to receive the data and do something with it why does it matter? A computer doesn't just arbitrarly execute any data it receives. I understand flooding a computer with packets could cause it to crash because it just can't deal with the amount of data, but I'm only considering security issues that actually change the files on the computer.

Asked by: Guest | Views: 36
Total answers/comments: 5
Guest [Entry]

"A port isn't open if something isn't listening for a connection on it.

The reason it is bad form to have all ports open to everywhere is that it exposes those services that are listening on those ports to exploits. That is why firewalls exist, to limit what is allowed to connect to certain ports, to reduce the surface area exposed by services.

EDIT

To address your question about why people can't just write software that isn't exploitable:

This is fairly easy for simple programs, but many programs that require a socket are complex. As such, they have many components, many of which aren't even written by the developer most likely (included libraries). You cannot rely on other people to keep your network secure when there are hardening methods you can use yourself, such as firewalls.

Arbitrary/remote code execution is a huge risk, as you have pointed out. Unfortunately buffer overflows and other security flaws that allow it are common. Look at any Microsoft security update and I'll bet it patches either remote code execution or elevation of privileges, and MS is a huge company with hundreds of developers and billions of dollars."
Guest [Entry]

"Open port: When anyone asks, the computer responds that there is a service listening on this port. This means anything coming to this port will get processed by a program (a service) running on that computer.
Closed port: When anyone asks, the computer responds that there are no services listening on that port. The akser will know there is a computer responding at the address.
Stealth port: When anyone asks, they get no reply. The point is to hide if there is a computer at the address at all. It might not be very effective, though, as joschi poits out in the comments.

If you have an open port, you are safe provided the program processing the incoming stuff has no available exploits. But exploits are found all the time, and it's good to know that there are a lot of port scans travelling around the net, looking for targets.

Closed ports still respond to the akser, so possible attacker knows to proceed checking other ports. Then again, this is how the internet is specificed to work. While stealth ports attempt to not give the potential attacker any information, in theory they break the specification.

From a security point of view, any open port is a huge gaping hole, since code is being used to process foreign data. What a firewall (or a NAT router) does is make sure no incoming traffic gets to your computer, even if the system has some open ports. This way, they effectively close all ports."
Guest [Entry]

"I'm no security export, but I did a little research... An ""open"" port is a port that is set up to accept an incoming TCP connection.

If you have apps listening only on ports 9, 21, and 80, and your firewall blocks access to those three ports, you technically have no ports open. IOW, port 25, for instance, is not open because nothing is listening on it.

To answer your question: The reason it is bad to have open ports on your computer is because these ports can easily be discovered, and once discovered these ports are now susceptible to vulnerabilities of the listening applications."
Guest [Entry]

For the same reason that you close and lock your doors and windows at home.
Guest [Entry]

"Let's just say that open ports are like open window and open door but when your windows is open a robber or a rat and a spider can get in #please tell me if I am dumb or
asinine
Edited no asinine
Open ports are like open window but in the internet there is an open port I guess also closed port are closed windows without it we can not connect or browse I guess just like HTTP and SSH or FTP without it we can't connect cause it's a client it's just TCP Connection
Im no security expert"