Open port
Encyclopedia
In security parlance, the term open port is used to mean a TCP/IP
port
number that is configured to accept packets. In contrast, a port which ignores all packets directed at it is commonly referred to as a "closed port".
Ports are an integral part of the Internet's communication model
— they are the channel through which applications on the client computer
can reach the software on the server
. Services, such as web page
s or FTP, require their respective ports to be "open" on the server in order to be publicly reachable.
The above use of the terms "open" and "closed" can sometimes be misleading, though; it blurs the distinction between a given port being reachable (unfiltered) and whether or not there is an application actually listening on that port. Technically, a given port being "open" (in this context, reachable) is not enough for a communication channel to be established. There needs to be an application (service) listening on that port, accepting the incoming packets and processing them. If there is no application listening on a port, incoming packets to that port will simply be rejected by the computer's operating system.
Ports can be "closed" (in this context, filtered) through the use of a firewall
. The firewall will filter incoming packets, only letting through those packets for which it has been configured. Packets directed at a port which the firewall is configured to "close" will simply be dropped in transit, as though they never existed.
Some malicious software acts as a service, waiting for connections from a remote attacker in order to give him information or control over the machine. It is common security practice to close unused ports in personal computers, so as to block public access to any services which might be running on the computer without the user's knowledge, whether due to legitimate services being misconfigured, or the presence of malicious software.
Malicious hackers
(or crackers) commonly use port scanning software to find which ports are "open" (unfiltered) in a given computer, and whether or not an actual service is listening on that port. They can then attempt to exploit potential vulnerabilities
in any services they find.
Internet protocol suite
The Internet protocol suite is the set of communications protocols used for the Internet and other similar networks. It is commonly known as TCP/IP from its most important protocols: Transmission Control Protocol and Internet Protocol , which were the first networking protocols defined in this...
port
TCP and UDP port
In computer networking, a port is an application-specific or process-specific software construct serving as a communications endpoint in a computer's host operating system. A port is associated with an IP address of the host, as well as the type of protocol used for communication...
number that is configured to accept packets. In contrast, a port which ignores all packets directed at it is commonly referred to as a "closed port".
Ports are an integral part of the Internet's communication model
Internet socket
In computer networking, an Internet socket or network socket is an endpoint of a bidirectional inter-process communication flow across an Internet Protocol-based computer network, such as the Internet....
— they are the channel through which applications on the client computer
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
can reach the software on the server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
. Services, such as web page
Web page
A web page or webpage is a document or information resource that is suitable for the World Wide Web and can be accessed through a web browser and displayed on a monitor or mobile device. This information is usually in HTML or XHTML format, and may provide navigation to other web pages via hypertext...
s or FTP, require their respective ports to be "open" on the server in order to be publicly reachable.
The above use of the terms "open" and "closed" can sometimes be misleading, though; it blurs the distinction between a given port being reachable (unfiltered) and whether or not there is an application actually listening on that port. Technically, a given port being "open" (in this context, reachable) is not enough for a communication channel to be established. There needs to be an application (service) listening on that port, accepting the incoming packets and processing them. If there is no application listening on a port, incoming packets to that port will simply be rejected by the computer's operating system.
Ports can be "closed" (in this context, filtered) through the use of a firewall
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
. The firewall will filter incoming packets, only letting through those packets for which it has been configured. Packets directed at a port which the firewall is configured to "close" will simply be dropped in transit, as though they never existed.
Some malicious software acts as a service, waiting for connections from a remote attacker in order to give him information or control over the machine. It is common security practice to close unused ports in personal computers, so as to block public access to any services which might be running on the computer without the user's knowledge, whether due to legitimate services being misconfigured, or the presence of malicious software.
Malicious hackers
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
(or crackers) commonly use port scanning software to find which ports are "open" (unfiltered) in a given computer, and whether or not an actual service is listening on that port. They can then attempt to exploit potential vulnerabilities
Vulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
in any services they find.
See also
- Port scanning
- Computer securityComputer securityComputer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
- Computer insecurityComputer insecurityComputer insecurity refers to the concept that a computer system is always vulnerable to attack, and that this fact creates a constant battle between those looking to improve security, and those looking to circumvent security.-Security and systems design:...
- List of TCP and UDP port numbers