List of dangerous ports?

Discussion in 'other firewalls' started by nomarjr3, Jan 4, 2010.

Thread Status:
Not open for further replies.
  1. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Can anyone provide info on ALL of the known dangerous ports?

    I'm setting up my firewall to block them, and I'm looking for a comprehensive list of well-known dangerous ports.
     
  2. wat0114

    wat0114 Guest

    They're easy to find if you Google for them. Also, you don't need to block them with your firewall. Using the "whitelist" approach is easiest. Everything else will be blocked by default.
     
  3. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    See this site http://lists.thedatalist.com/portlist/lookup.php

    It comes from the stickies at the top of the forum.
     
  4. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    Online Armor Pro says it restricts by default these ...

    Both - 7
    Both - 9
    Both - 13
    Both - 17
    Both - 19
    TCP - 113
    UDP - 123
    TCP - 135
    Both - 137
    Both - 138
    TCP - 139
    Both - 389
    Both - 445
    UDP - 500
    UDP - 520
    TCP - 1002
    TCP - 1024
    TCP - 1025
    TCP - 1026
    TCP - 1027
    TCP - 1028
    TCP - 1029
    TCP - 1030
    TCP - 1433
    TCP - 1444
    UDP - 1701
    TCP - 1720
    TCP - 1723
    TCP - 2869
    UDP - 4500

    I guess you need seperate rules for local network connections with some of these.
     
  5. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,434
    Location:
    Europe

    The best protection is anyway to block all and to allow only the very few necessary, both using a fw and an HIPS.
     
  6. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    there are many best you can go to pc flank norton port scan and securitymetrics

    https://www.securitymetrics.com/
    http://security.symantec.com
    http://www.pcflank.com/
    http://www.grc.com

    and block all common trojan ports from inside going outside (lan to wan) and best thing is scan your ports on grc.com and stop if any port is default open on outside coming to inside unless youre running a server (wan to lan )

    http://www.sans.org/security-resources/idfaq/oddports.php

    and

    some google cached site links

    http://74.125.153.132/search?q=cach...19&t=6352 known trojan port list 2009&cd=5&hl


    http://74.125.153.132/search?q=cach...nter/portlist/ known trojan port list&cd=9&hl

    74.125.153.132 = google ip
     
    Last edited: Jan 5, 2010
  7. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Any port can be dangerous if it is opened and has a vulnerable server/service behind it.
     
  8. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Just tried the ShieldsUP! scan.

    My PC failed, since it replied to Ping (ICMP Echo) requests.

    I'm using Online Armor, how do you block this Ping requests?
     
  9. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,303
    Location:
    England
  10. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    hello nomarjr3

    Some modem works as basic nat in short they act like a router but not fully router or in your router setting ping enable

    It might be your modem/router which is responding to ping requests can you give us name of modem/router.

    There are many people here would like to help you to close it properly
     
  11. wat0114

    wat0114 Guest

    Block: Type 0, echo reply

    Really, though, you don't need to worry about blocking ping replies. Those tests that respond with: "your firewall failed because it responded to ping requests..." are completely misleading and irresponsible.
     
  12. cqpreson

    cqpreson Registered Member

    Joined:
    May 18, 2009
    Posts:
    348
    Location:
    China
    Is only blocking dangerous ports useful?Ports are permanent,but human beings are alive.Any ports could be dangerous if someone wants to use them to do something bad.
     
  13. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    This is entirely based on the fact that most of the kiddie hackers consider that if a host times out when you ping it, that means that it's offline. So blocking ping can deter them. If the attacker is more determined, blocking ping is not enough.
     
  14. wat0114

    wat0114 Guest

    As long as the ports are closed, no vulnerable services listening on them, it's not easy, unless the target machine is infected with something that achieves this.
     
  15. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Agree, however I was considering the situation when not all ports were closed, just ICMP blocked. In the case you are describing, it doesn't really matter if ping is blocked or not.
     
Loading...
Thread Status:
Not open for further replies.