When your computer goes on the internet, it uses “ports” to help do its job. Both network administrators and hackers are keen to scan these ports for weaknesses, but what is a port, and why are people scanning them?
Let’s explore what port scanning is and how it affects you.
What Are Ports?
In networking, ports help a computer untangle all the data from the internet and ensure the data packets go to the right place. The data must go to the correct process, or else things will go horribly wrong.
Let’s say you’re watching a Netflix show while talking to someone on Skype. Both the data for your Netflix stream and the data from your call on Skype are coming down the same broadband pipe. When they arrive on your PC, they have to split off and go to separate processes.
By assigning your browser and Skype to different ports, a PC can keep track of which traffic goes where. Data can then be sent and received through these ports simultaneously, and the PC won’t get confused.
You’ll often see port numbers lurking at the end of IP addresses after a colon. For instance, 192.168.1.180:53892 will communicate using port number 53892.
Typically, if a router or your PC isn’t using a port, it’ll prevent traffic from using it to help keep you safe from intruders. This is sometimes why you need to perform “port forwarding” to allow a program to connect to the internet.
The router suspects your program is up to no good, so it starts blocking the traffic from going through the port. By opening up the port, you’re telling the router that you trust the program.
What Is Port Scanning?
You may think that leaving ports open on your router or PC will leave them susceptible to hacker attacks. And you’d be completely right.
Port scanning is a tactic that hackers use to understand how a target’s device works. A hacker will scan all the ports on a device to see which are closed off and which are in use.
You might think this knowledge is enough for hackers to worm their way into a system, but a hacker can get a lot more information from an open port.
For example, remember how we said that different processes and software would “live” on a specific port? A hacker can scan for open ports and reverse-engineer them to figure out what the device is doing.
Not only does this knowledge tell the hacker what services the device is running, but it can also tip off the hacker as to what the device’s job is. By analyzing which ports are open and which services use those ports, a hacker can deduce its role and create a “fingerprint” for a future attack.
As such, a network administrator can help protect their system by port-scanning it themselves. This lets them spot all the weaknesses that hackers would find and properly defend their network from future attacks.
How to Defend Yourself From Port Scanning
If you want to defend your home or work system from a port scan attack, the key isn’t to stop someone from scanning your ports—that’ll happen no matter what you do. The key is to stop the hacker from getting useful information from the scan.
Keep Your Firewall Updated and Running
Your firewall is your first line of defense against anything trying to abuse your system’s ports. It’s one of the many reasons you should use a firewall to browse the internet.
As such, keep your firewall running as often as possible, and make sure it gets its security updates so it knows about the threats currently out there.
Reduce the Number of Internet-Connected Devices in Your Home
The 21st century has popularised the idea of connecting devices to the internet. It began with computers, laptops, and phones… but why stop there? Now your security cameras, external hard drives, and fridge are all connected up, all day, every day.
The problem is, each of these devices needs a port to talk to the internet through. And the more ports you open up, the greater the risk that a hacker will find a flaw in one of them.
Likely, a hacker will only need one flaw to launch an attack, and it doesn’t need to be a critical device either. Do you think a hacker can launch an attack from a smart bulb? It turns out they can—and using them can put your network at risk.
The solution: reduce the number of internet-connected devices you have in your home. Obviously, devices like your PC and phone should be fine; however, if you have the choice between buying a smart gadget and a “dumb” equivalent, the latter will always be safer.
Double-Check for Unused Forwarded Ports
Sometimes a program won’t work unless you forward the port to your firewall and/or router. While having a forwarded port isn’t ideal for security, it’s sometimes a necessary evil so you can actually get use from your internet connection.
However, what about after you finish using that one game or that one piece of software that required a port forward? If you forget to delete the port forward, it’ll sit there doing nothing productive and giving hackers a potential entry point into your network.
As such, it’s a good idea to go over your forwarded ports and erase the ones that aren’t in use anymore. Be sure to double-check with any housemates or family members before closing a forwarded port you don’t remember creating; it may still be important for them!
Keeping Your Ports Safe From Intruders
When a hacker performs a port scanner, they can use the information to find an open port and sneak into a system. Even if they can’t, monitoring which ports are active can tell a potential intruder what a device does and the best way to attack it. Keep your firewalls updated, and don’t buy too many smart devices to stay safe.
If you’re worried about your router’s overall security, be sure to check up on all the ways your router isn’t as secure as you may think. There are plenty of ways you can tighten up the security and stop hackers in their tracks.
Image Credit: Casezy idea / Shutterstock.om
Here are 10 ways your router could be exploited by hackers and drive-by wireless hijackers.
About The Author