A port in networking world refers to a logical gateway on your computer that acts as a communication channel for remote computers for services. Your computer connects to any server/computer on the same network or the internet via a port.
There are numerous ports on your computer, but not all of them are open. Those ports connected to any incoming remote IP address and capable of exchanging data packets are called open ports.Such open ports can be abused to penetrate your computer if not monitored properly.
Some methods to check and monitor open ports on your computer have been addressed in this article.
How to Check Open Ports on Windows?
Windows provides its users with various inbuilt tools to detail information related tonetworking in a computer.The tools that will help to check open ports on your computer areNetstat,Get-NetTCPConnection, andTelnet. The steps for each have been listed below:
Netstat
Netstat (Network Statistics) is a command line tool in Windows that is able to provide various details related to thenetwork connections of your computer.By running the right command on your Command prompt, you will be able to check for open ports. The steps for this include the following:
Here, switch ‘n’ would show the IP address and ports numerically. And the ‘a’ switch filters to show only active ports.
Referring to the above image, the numbers beyond the colon on both local and foreign addresses show the port number and, before the colon are the IPs.
For instance,Local address0.0.0.0:135is inListeningstate forTCPprotocols, which means port number135on your computer is open and ready to connect from all networks.
Except, foreign address shows theIP address:port numberof theremote system where the connectionhas been established.
Get-NetTCPConnection
An alternative to thenetstatcommand in Command Prompt would beGet-NetTCPConnectioninPowershell.The availability of filtering features in Powershell provides an upper hand, as it can provide a list of only open ports. The steps mentioned below will guide you in doing so:
TCPView
TCPView is afree tool from Microsoft Sysinternals to get network statisticsin an interactive GUI(graphical user interface) form. You will be able to view the open ports on your computer as soon as you download and launch the application. Follow the steps to do so:
Telnet
Telnet is a Microsoft service that uses a virtual terminal to connect to computers within the same network. Upon running its command, telnet tries to connect to any specified port of the mentioned IP address (computer). If the port is open on that IP, the connection establishes, and if it isn’t, theconnection fails.
You can follow the steps below to do so:
Should I Close All the Open Ports?
Seeing so manyopen ports on the computercan be overwhelming for a user. However, if you have checked your ports through thenetstatcommand, you can get more information about what type of open ports and established connections are safe.
As already covered, the local address (IP:port_number) shows to which IPs (network IPs) the computer is open and at which specific port. If the IP addresses start with 127.#.#.#, the corresponding port is open to only loopback addresses meaning local hosts(your own computer). No need to worry about threats there.
But 0.0.0.0 IPs mean the suffixed ports are open to any type of connection, so they may be at potential risk but not at the current moment. PortsListeningto the local network IPs might be at slightly lower risks. However, other ports havingEstablishedconnections should be kept an eye on.
Peculiar local addresses/ports connected to unknown foreign IP addresses/ports might be risky. But before you rush to close all the open ports, just know that not all the open ports are at a security risk.
If you’re worried about any specific port, we recommend checking your firewall rules to understand what it’s used for before closing it.
How to Close an Open Port on Windows?
If you find a port connected to any unwanted computer/server/service, you can disconnect the connection and free up the port by using the Process ID(PID). PID associated with any port can be viewed withnetstat -aona command on the Command Prompt. The Process ID would list on the PID column of the returned tabular result.
Now, to free up the port, you run the command:taskkill /f /im
But, if you want to completely block incoming connections to any desired port using Windows Firewall, you can run the following command in Command Prompt:
netsh advfirewall firewall add rule name= “” dir=in action=block protocol=TCP localport=
you’re able to change the to any rule name you want and to the actual port number you want to block incoming connections to.
Furthermore, to open the blocked port, you’re able to edit the action as allow (action=allow)in the command. And you can alsoedit dir as out, (dir=out), to perform an action on outgoing connections.Also, you can toggle between TCP and UDP protocols by changingprotocol=UDP.
