What is port scanning and what can you do to protect yourself from it?

If you read ‘How to harden your home router for maximum security’, you will already know that most home routers have some work to do to be truly secure. One thing I mentioned in that piece was about disabling port forwarding. Today I’m going to go a little more into why that is necessary.

The team here at Dave’s Computers in New Jersey are often faced with picking up after hack attacks. That is either trying to recover data that has been maliciously deleted or trying to remove malware and viruses placed on a computer as a result of a hack. Both can have serious consequences for your identity and personal data.

What is port scanning?

Before we get to the scanning part, what is a port? A port is a virtual doorway a particular app uses to communicate with the network. HTTP, or browser traffic uses port 80, HTTP, secure browser traffic uses port 143. There are hundreds of ports used by different programs and they are created virtually by your operating system.

When a computer talks to the internet, the program doing the talking will ask the server to respond on a particular port. That way, when the traffic arrives at your router, the operating system knows where to send that piece of traffic. If you have a dozen apps all using the internet at once, ports are one way of making sure the right traffic goes to the right program.

Port scanning is where someone external to your network sends a request to every port on your computer in turn to see which are open and which are secure. Programs can query many thousands of ports per minute so it is an easy way for a hacker to find out how secure you are.

There are a few types of port scan that will tell a hacker different things. If a port is open, a hacker can try to gain access to pretending to be the program that typically uses that port. Once inside, they can freely do their nefarious work.

Protecting against port scanning

The main defense against port scanning is to use a good firewall. Most quality routers will have a firewall built in but I also suggest running a software firewall on every device that connects to the internet. A firewall will block anonymous requests so will not reply to a random scan from the internet.

Set up correctly, which more firewalls are by default now, a firewall will block any connection from the internet that was not set up from your computer. So if you don’t have a browser open and are using it to surf the net, the firewall will block a hacker pretending to be a firewall because your computer did not set up that connection.

Aside from a firewall, not using port forwarding on your router is the best way to protect against it. You shouldn’t need to use port forwarding anymore as firewalls are intelligent enough to figure out what traffic is real and should be let through and what is not.

It is well worth checking your router to make sure port forwarding is not enabled. It should be under security or firewall depending on the router. Make sure there are no ports being forwarded for any reason.

If you need help with network security or anything to do with computers, the guys here at Dave’s Computers can help. Contact us to see what we can do for you!