Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1382
Views
0
Helpful
3
Replies

Network Ports

Go to solution
sfaisalnaseem
Level 1
Level 1

‎10-01-2018 12:48 AM

I have opened one port e.g. (50000) inbound rule in windows firewall in my PC. when I try with  (netstat -a) in command line that port is not showing. Even I restarted the PC but still the same thing. I tried with (nmap) but that port is not there. In nmap only 6/7 ports are showing which is open. but in netstat so many ports are showing with status LISTENING, ESTABLISHED.

 

1) my question is do I need to associate some service in that port? how to do that.

2) suppose I opened one port and no service is running. Do a hacker can enter through that port?

 

Regards,

 

Syed Faisal Naseem

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joel
Level 1
Level 1

‎10-01-2018 01:55 AM

Hi,

Yes you need a service bound to that port. If I was to run on a windows host netstat -aon I will see my host listening on port 3389 for instance  (RDP). The port is 3389, the 1404 is the PID, which under task manager is  TermService. 

 

 TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING       1404

 

The option -a = All connections and listening ports o= Displays the owning process ID associated with each connection and -n displays addresses and port numbers in numerical form.

 

In terms of hacking, why would you open a port if nothing is bound to it? If you nmap the machine, I believe it would be classed as an closed port. This could give you at least OS detection, which could lead to a more specific and targeted attack. I suggest closing ports that are not required.  NMAP guide https://nmap.org/book/man-port-scanning-basics.html

 

joel

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Joel
Level 1
Level 1

‎10-01-2018 01:55 AM

Hi,

Yes you need a service bound to that port. If I was to run on a windows host netstat -aon I will see my host listening on port 3389 for instance  (RDP). The port is 3389, the 1404 is the PID, which under task manager is  TermService. 

 

 TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING       1404

 

The option -a = All connections and listening ports o= Displays the owning process ID associated with each connection and -n displays addresses and port numbers in numerical form.

 

In terms of hacking, why would you open a port if nothing is bound to it? If you nmap the machine, I believe it would be classed as an closed port. This could give you at least OS detection, which could lead to a more specific and targeted attack. I suggest closing ports that are not required.  NMAP guide https://nmap.org/book/man-port-scanning-basics.html

 

joel

 

0 Helpful

Go to solution
sfaisalnaseem
Level 1
Level 1
In response to Joel

‎10-01-2018 02:22 AM

Thanks for your reply.

 

 

How to associate any service with the specified port?

 

And as you have mentioned that close the unwanted port. so in that case 80, 139, 21 etc.. when I nmap my local pc 4/5 ports are open. So do I need to close these ports for security reasons.?

0 Helpful

Go to solution
Joel
Level 1
Level 1
In response to sfaisalnaseem

‎10-01-2018 02:32 AM

To modify a service to operate/bind on a particular port will vary per service. If a website hosted say on IIS you modify within IIS. RDP, I believe you do via a registry change.

 

In terms of whether a port should be open or closed, depends on the OS and what it is running. You might have a Linux host, you need SSH to be open but only from certain networks. You would modify IPTABLES for instances to permit SSH for certain networks. If a web server that needs connectivity from anywhere in the world, port 80/443 are likely required.

 

To summarize, it will vary per case but in general shutdown any service and ports that are not required.

 

Joel

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card