In continuation of this post - https://www.ozbargain.com.au/node/158849, I'm having an idea to block all ports of my PC except the ones used by regular and trusted programs such as Remote desktop, Internet browser etc.
Is there any way to block the ports manually?
Is there any app that will tell me that X software uses Y number port?
I don't use P2P. So was looking for the port number of remote desktop and Google chrome, and will block all ports except these two. Sounds good? and why not just use software firewall to block ports?
Have you thought about switching to Linux or Chrome OS if you are indeed that prone to malware infections? Just putting it out there. Or perhaps invest in some kind of sandbox or virtual machine program.
Also, having to set exceptions for every program that has network access will be extremely time consuming.(security.stackexchange.com), and most network security guys will tell you it's overkill for a home network.
Some programs use a range of ports, not just one or two.
There is a partial list at Wikipedia
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_number…
From the wiki list, is it safe to assume that Port 0-1023 are only used by system (e.g. Windows, Linux, Mac etc) and those should not be blocked? And safe to keep them open?
Those do seem like critical ports and shouldn't be blocked, and there are ports outside of that range you specified which are also essential as well.
Port 8080 for instance, is an alternative port for HTTP, if blocked you won't be able to use proxy servers or encrypted traffic,
and NFS (network file system) uses TCP/UDP port 2049.
Dang, then how do I take full control of my Win 7 PC? Note that, I need to use PC directly, no other option is possible.
Are you the only one accessing the PC? If this is the case then your best option is to be cautious with where you go and what you view on it, blocking the ports will make your life more difficult then it is most likely worth.
You seem very cautious and careful already, that is pretty much the best practice to keeping a PC safe.
And yes, you could use software to port block, I just use my modem when I want to block specific ports.
@scrimshaw, Are you talking about this? - http://www.techsupportalert.com/content/introduction-and-qui…
If you know, 'cos I'm no expert: angryIP.org to check which are open and there is PrivateFirewall7.0 from privacyware.com might shut them off. Or block the traffic anyways.
A search found http://www.e-systems.ro/port_blocker.htm haven't used it but it's free. Another one was $70.
You don't use p2p but if you did there is peerblock.com just to see what it's like, maybe it'll still work.
I think angryip is not needed as any decent 3rd party Firewall will have that feature. Tried PrivateFirewall7.0 but it seemed hebrew to me! Need something easy to understand.
Just keep in mind, if you decide to block dynamic ports (49152 through 65535) you are likely to lose a lot more than you bargained for, including DNS and a whole heap of Windows features that you may or may not use :).
You seem paranoid, and blocking ports isn't really going to help you here, as you are going to have to leave open atleast the dynamic range, 80, 443, and SMTP/POP/IMAP/SSL/TLS ports if you decide to use mail locally.
Your best bet is easily just a bit of common sense, and by the way your "trusted ports" theory would be the most likely way your PC will get infected anyway, as most would just use 3389 and 80/443.
Your best bet is easily just a bit of common sense, and by the way your "trusted ports" theory would be the most likely way your PC will get infected anyway, as most would just use 3389 and 80/443.
This. Malicious software will likely communicate over port 80, as this port is commonly open (and if it is not, you cannot use the internet (in general).
You seem paranoid
I have to agree with this comment. Share with us what your specific concerns / threats are, maybe there is an alternate or more simple solution.
Do you want to perform the block from your PC, or your network to the outside world, as doing this is 2 separate pieces of work, and are differing levels of complexity?
I would suggest having a piece of software which logs existing traffic for a period of time before thinking about configuring blocks on traffic, so you can learn what is normal. Many home routers would have a verbose logging mode which would allow you to see all firewall traffic, and some will even save the logs for you or email them to you so you can collect over a longer period of time.
@bargainaus
Get Comodo firewall free.
It's (arguably) the best free firewall around. Once you install it, you can pretty much leave it be. It will ask for input from time to time, and then go on it's merry way.
It can show you, in real time, which program is using various ports, allow you to block individual programs or block all programs from accessing the internet completely.
It has a reasonably nice user interface now for non-technical users and loads of advanced tools if you want like them.
Just set it to training mode, and it hardly ever pesters you.
Update: After installing Comodo Firewall (without bloatwares), My PC slowed down. Its a Win 7.1 X64 on Core2Duo E7500, 8GB DDR3 Ram. :(
Lets see what Microsoft has to say on port opening -
Q. What are the risks of allowing programs through a firewall? [Windows Help and Support]
A. It's generally safer to add a program to the list of allowed programs than to open a port. If you open a port, it stays open until you close it, whether or not a program is using it. If you add a program to the list of allowed programs, the "hole" is open only when needed for a particular communication.
To help decrease your security risk:
Only allow a program or open a port when you really need to, and remove programs from the list of allowed programs or close ports that you no longer need.
Never allow a program that you don't recognize to communicate through the firewall.
Update: Blocking ports will be an overkill, the best solution is to block all apps and only allow those I trust. Switched to Binisoft Firewall and its super easy to use!
Through your modem. But you might want to be sure about what ports you are blocking as different programs require different ports and programs such as P2P ones use a lot of different ports.
That said, if stuff doesn't work, its not hard to undo a port block so go nuts!