Open port: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 05:32, 13 December 2009 edit Capi (talk \| contribs) 464 edits major rewrite for technical accuracy ← Previous edit		Latest revision as of 16:35, 6 October 2024 edit undo Kvng (talk \| contribs) Extended confirmed users, New page reviewers 116,075 edits destub
(31 intermediate revisions by 25 users not shown)
Line 1: [[File:Open ports.png\|frame\|Listing open TCP ports that are listening on the local machine.]] In security parlance, the term '''open port''' is used to mean a [[Internet protocol suite\|TCP/IP]] [[TCP and UDP port\|port]] number that is configured to accept [[packet (information technology)\|packet]]s. In contrast, a port which ignores all packets directed at it is commonly referred to as a "[[closed port]]".<ref>[http://www.pcmag.com/encyclopedia_term/0,2542,t=open+port&i=48464,00.asp Pcmag.com encyclopedia term]</ref>▼ ▲In security parlance, the term '''open port''' is used to mean a [[~~Internet~~Transmission ~~protocol~~Control ~~suite~~Protocol\|TCP~~/IP~~]] or [[~~TCP~~User ~~and~~Datagram Protocol\|UDP]] [[port (computer networking)\|port]] number]] that is configured to accept [[packet (information technology)\|packet]]s. In contrast, a port which rejects connections or ignores all packets directed at it is ~~commonly referred to as~~called a ~~"[[~~'''closed port~~]]"~~'''.<ref>[~~http~~https://www.pcmag.com/encyclopedia_term/0,2542,t=open+port&i=48464,00.asp Pcmag.com encyclopedia term]</ref> Ports are an integral part of the Internet's [[Internet socket\|communication model]] — they are the channel through which applications on the [[client (computing)\|client computer]] can reach the software on the [[server (computing)\|server]]. Services, such as [[web page]]s or [[ftp server\|FTP]], require their respective ports to be open on the server in order to be publicly reachable.▼ ▲Ports are an integral part of the Internet's [[Internet socket\|communication model]] — they are the channel through which applications on the [[client (computing)\|client computer]] can reach the software on the [[server (computing)\|server]]. Services, such as [[web page]]s or [[ftp server\|FTP]], require their respective ports to be "open" on the server in order to be publicly reachable. The above use of the terms "open" and "closed" can sometimes be misleading, though; it blurs the distinction between a given port being reachable (unfiltered) and whether or not there is an application actually listening on that port. Technically, a given port being "open" (in this context, reachable) is not enough for a communication channel to be established. There needs to be an application (service) listening on that port, accepting the incoming packets and processing them. If there is no application listening on a port, incoming packets to that port will simply be rejected by the computer's operating system.▼ ▲The above use of the terms "open" and "closed" can sometimes be misleading, though; it blurs the distinction between a given port being reachable (unfiltered) and whether ~~or not~~ there is an application actually listening on that port. Technically, a given port being "open" (in this context, reachable) is not enough for a communication channel to be established. There needs to be an application (service) listening on that port, accepting the incoming packets and processing them. If there is no application listening on a port, incoming packets to that port will simply be rejected by the computer's operating system. Ports can be "closed" (in this context, filtered) through the use of a [[firewall]]. The firewall will filter incoming packets, only letting through those packets for which it has been configured. Packets directed at a port which the firewall is configured to "close" will simply be dropped in transit, as though they never existed. It is common security practice to close unused ports in personal computers, so as to block public access to any services which might be running on the computer without the user's knowledge, whether due to misconfiguration, presence of malicious software, or simply the user not knowing about it.▼ ▲Ports can be "closed" (in this context, filtered) through the use of a [[Firewall (computing)\|firewall]]. The firewall will filter incoming packets, only letting through those packets for which it has been configured. Packets directed at a port which the firewall is configured to "close" will simply be dropped in transit, as though they never existed. It is common security practice to close unused ports in personal computers, so as to block public access to any services which might be running on the computer without the user's knowledge, whether due to misconfiguration, presence of malicious software, or simply the user not knowing about it. [[hacker (computer security)\|Malicious hackers]] (or crackers) commonly use [[port scanning]] software to find which ports are "open" (unfiltered) in a given computer, and whether or not an actual service is listening on that port.▼ Some malicious software acts as a service, waiting for connections from a remote attacker in order to give them information or control over the machine. It is common security practice to close unused ports in personal computers, so as to block public access to any services which might be running on the computer without the user's knowledge, whether due to legitimate services being misconfigured, or the presence of malicious software. ▲Malicious ("[[~~hacker~~black hat (computer security)\|~~Malicious~~black ~~hackers~~hat]]") [[hacker (orcomputer ~~crackers~~security)\|hackers]] commonly use [[port scanning]] software to find which ports are "open" (unfiltered) in a given computer, and whether or not an actual service is listening on that port. They can then attempt to exploit potential [[vulnerability (computing)\|vulnerabilities]] in any services they find. ~~==See also==~~ [[Port scanning]]▼ [[Computer security]]▼ [[Computer insecurity]] [[List of TCP and UDP port numbers]]▼ ==~~References~~ Example == <syntaxhighlight lang="console"> ~~<div class="references-small">~~ alice@wikipedia:~$ netstat --tcp --listening --numeric ~~<references />~~ Active Internet connections (only servers) ~~</div>~~ Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN tcp6 0 0 ::1:631 :::* LISTEN </syntaxhighlight> ==~~External~~ ~~links~~See also == ▲* [[Port scanning]] [http://www.ports-services.com/ Searchable Ports & Services Database] [[Nmap]] [http://www.emsisoft.com/en/kb/articles/tec021114/ How can I close a port?]▼ ▲ [[Computer security]] [[Category:Internet protocols]]▼ ▲* [[List of TCP and UDP port numbers]] ~~[[Category:TCP/IP]]~~ == References == ~~{{compu-network-stub}}~~ {{refbegin}} {{refend}} {{reflist}} == External links == ▲* [http://www.emsisoft.com/en/kb/articles/tec021114/ How can I close a port?] ▲[[Category:Internet protocols]]