About open port

Discussion in 'other firewalls' started by The Gloomy Kestrel, Jul 11, 2004.

Thread Status:
Not open for further replies.
  1. The Gloomy Kestrel

    The Gloomy Kestrel Registered Member

    Joined:
    Jul 9, 2004
    Posts:
    15
    Hi,

    as I am behind a firewall/routeur (hardware then) my only port open is the one used by my p2p software...

    So is it safe letting this port opened ? Or can someone use this open port to send me malicious stuff ?

    Thanks
     
  2. Hyperion

    Hyperion Registered Member

    Joined:
    Sep 29, 2003
    Posts:
    302
    If you use p2p, you can't close the port and it's normal to appear "open" from the outside.

    As far as i know,you are safe unless the p2p programme you use has a vulnerability that can be exploited remotely.
     
  3. The Gloomy Kestrel

    The Gloomy Kestrel Registered Member

    Joined:
    Jul 9, 2004
    Posts:
    15
    I can, because I'm behind a firewall/routeur hardware, so if I do not bind the port to my computer, no port is opened.

    But then I am low Id, and I find less sources, as I cannot download from people behind a firewall.

    So the question is not if I can, but if it is needed.

    And my exact question was : if port xxx is binded to my computer, cannot a hacker use this port (even without a software at the other side) to send virus or trojans to my computer ?

    I do not know what a hacker can do with an open port.

    Thanks
     
  4. gerico

    gerico Registered Member

    Joined:
    Jul 6, 2002
    Posts:
    14
    If you want your PC to act as a P2P server you can't close the port, obviously.

    However, if you use P2P only as a client (eg. not allowing connections requested externally) then it's more safe to stealth that port (by a software firewall) and to allow your P2P application to act only as a client on that port.

    An open port accepting all packets from the outside is quite dangerous, you should check vulnerabilities of the PSP software and vulnerabilities of your OS. Both of them should be patched.
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    First thing, I fully agree with the above recommendation about patching both your OS and P2P software, if you are going to act as a P2P server for others. The reason is that it is not "a port" that is ever vulnerable. A port can not be exploited, only the application that is connected to and communicating on a port can be hacked.

    When you say you are leaving the port "open", from your first post it appears what you mean is that you have forwarded the specific P2P port from your router to your PC. (A totally normal thing to do for people using P2P software.) But, from your second post you've said: "so if I do not bind the port to my computer, no port is opened." This makes it sound like you are not running the P2P server software, so nothing is listening on that port on your PC. So, you are correct - that port is not open on your PC and therefore it is not vulnerable to attack because, again a port is not vulnerable in and of itself, only the application that is using the port.
     
Loading...
Thread Status:
Not open for further replies.