List of dangerous ports?

Can anyone provide info on ALL of the known dangerous ports?

I'm setting up my firewall to block them, and I'm looking for a comprehensive list of well-known dangerous ports.

 

They're easy to find if you Google for them. Also, you don't need to block them with your firewall. Using the "whitelist" approach is easiest. Everything else will be blocked by default.

 

See this site http://lists.thedatalist.com/portlist/lookup.php

It comes from the stickies at the top of the forum.

 

Online Armor Pro says it restricts by default these ...

Both - 7
Both - 9
Both - 13
Both - 17
Both - 19
TCP - 113
UDP - 123
TCP - 135
Both - 137
Both - 138
TCP - 139
Both - 389
Both - 445
UDP - 500
UDP - 520
TCP - 1002
TCP - 1024
TCP - 1025
TCP - 1026
TCP - 1027
TCP - 1028
TCP - 1029
TCP - 1030
TCP - 1433
TCP - 1444
UDP - 1701
TCP - 1720
TCP - 1723
TCP - 2869
UDP - 4500

I guess you need seperate rules for local network connections with some of these.

 

The best protection is anyway to block all and to allow only the very few necessary, both using a fw and an HIPS.

 

there are many best you can go to pc flank norton port scan and securitymetrics

https://www.securitymetrics.com/
http://security.symantec.com
http://www.pcflank.com/
http://www.grc.com

and block all common trojan ports from inside going outside (lan to wan) and best thing is scan your ports on grc.com and stop if any port is default open on outside coming to inside unless youre running a server (wan to lan )

http://www.sans.org/security-resources/idfaq/oddports.php

and

some google cached site links

http://74.125.153.132/search?q=cach...19&t=6352 known trojan port list 2009&cd=5&hl


http://74.125.153.132/search?q=cach...nter/portlist/ known trojan port list&cd=9&hl

74.125.153.132 = google ip

 

Any port can be dangerous if it is opened and has a vulnerable server/service behind it.

 

Just tried the ShieldsUP! scan.

My PC failed, since it replied to Ping (ICMP Echo) requests.

I'm using Online Armor, how do you block this Ping requests?

 

hello nomarjr3

Some modem works as basic nat in short they act like a router but not fully router or in your router setting ping enable

It might be your modem/router which is responding to ping requests can you give us name of modem/router.

There are many people here would like to help you to close it properly

 

Block: Type 0, echo reply

Really, though, you don't need to worry about blocking ping replies. Those tests that respond with: "your firewall failed because it responded to ping requests..." are completely misleading and irresponsible.

 

Is only blocking dangerous ports useful?Ports are permanent,but human beings are alive.Any ports could be dangerous if someone wants to use them to do something bad.

 

This is entirely based on the fact that most of the kiddie hackers consider that if a host times out when you ping it, that means that it's offline. So blocking ping can deter them. If the attacker is more determined, blocking ping is not enough.

 

As long as the ports are closed, no vulnerable services listening on them, it's not easy, unless the target machine is infected with something that achieves this.

 

Agree, however I was considering the situation when not all ports were closed, just ICMP blocked. In the case you are describing, it doesn't really matter if ping is blocked or not.