Способ 1: Штатный брандмауэр
Как правило, чаще всего для закрытия или открытия портов в Windows 10 используют встроенный в систему брандмауэр.
- Откройте штатный брандмауэр в режиме повышенной безопасности, для чего выполните команду
wf.msc
в диалоговом окошке, вызываемом клавишами Win + R. - Если порт закрывается только для входящего трафика, в левой колонке файрвола необходимо выбрать «Правила для входящих подключений», а если только для исходящих — «Правила для исходящих подключений».
- В правой колонке нажмите «Создать правило».
- В открывшемся окошке мастера создания правила выберите пункт «Для порта» и нажмите «Далее».
- В следующем окне выберите тип протокола «Протокол TCP», включите радиокнопку «Определенные локальные порты» и укажите номер открываемого порта, например 445. Если портов несколько, укажите их через запятую. Нажмите «Далее».
- Выберите режим блокировки и нажмите «Далее».
- В следующем окне ничего менять не нужно, по умолчанию блокируются порты всех трех профилей: доменного, частного и публичного.
- Наконец, дайте новому правилу подходящее для данного случая имя. Описание давать не обязательно. Нажмите кнопку «Готово».
Аналогичным способом можно создать правило закрытия порта для исходящих подключений.
Способ 2: Консоль «PowerShell»
Закрыть порт можно также средствами консольной утилиты «netsh», работающей из интерфейса «PowerShell» или классической «Командной строки».
- Запустите «PowerShell» от имени администратора из контекстного меню кнопки «Пуск».
- Сформируйте и выполните команду следующего вида:
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Блокировка порта 445"
.
В качестве значения параметра «localport» указывается номер блокируемого порта, значение «in» для параметра dir указывает на то, что правило создается для входящих подключений.
Закрыть порт в Windows 10 можно средствами любого стороннего файрвола, если таковой установлен. Что же касается узкоспециализированных утилит, от их использования желательно воздержаться, так как большинство из них устарело и работает некорректно в новых Windows.
Наша группа в TelegramПолезные советы и помощь
Open ports in Windows 10 are often deemed dangerous because hackers can exploit them if the service or application the ports are associated with are unpatched or lack basic security protocols. Therefore, it is recommended to close any listening network ports that your system isn’t using.
Let us brief you on what ports are and why they can be dangerous.
Table of Contents
What are network ports?
Network ports are used by Windows services and applications to send and receive data over the network. If you wonder if this is what the IP address is used for, then you are absolutely correct. However, a unique IP address defines the path to a specific device, whereas a port defines what application or service on that particular device to send that information to.
Just like the IP addresses, a port is also unique within its ecosystem. Meaning, the same port cannot be used by two different services/applications. Therefore, both of these unique identifiers, the IP address, and the port number, are used to send and receive information from a computer.
A port number can be found suffixed to an IP address, as in the example below:
xxx.xxx.xxx.xxx:80
Here, the numbers followed by the colon denote the port number. Below are a few ports used by certain services and applications by default:
- FTP – 21
- SSH – 22
- Telnet – 23
- SMTP – 25
- DNS – 53
- DHCP – 67 & 68
- HTTP – 80 & 8080
- HTTPS – 443
- SNMP – 161
- RDP – 3389
A single IP address can have 65535 TCP and 65535 UDP ports in total.
Are open network ports dangerous?
Not all ports that are listening are dangerous. Sometimes an application opens the ports automatically without informing the users. If the application is poorly constructed and the security protocols lack the basic infrastructure, an attacker might exploit those and infiltrate your PC.
An open networking port is not always dangerous, but it is always better to keep your guard up and close any ports that are not required.
2 ways to check which ports are open/listening in Windows 10
You can figure out which ports are currently open on your computer, even if the installed applications did not inform you that they are using them. Here are 2 ways to check which ports are open and which service/application uses them on your local computer before you proceed to block them.
Here is a guide to check if a remote network port is open.
Determine open ports with process name using Command Prompt
Some applications give out the name of the application/service associated with a port number. You can use the below-given command in Command Prompt to determine which ports are open and what are the names of the associated applications.
- Open Command Prompt with administrative privileges.
- Enter the following command:
netstat -ab
- Command Prompt will now display the output of open network ports with their associated application/service names, as in the image below:
Since the IP address assigned to our computer is 10.0.0.31, it displays different ports used by various applications suffixed to the IP address. However, as you may notice, some of the names of the services and applications are unidentifiable. For that, we shall adopt the second method.
Determine open ports with process ID using Command Prompt
In this approach, we shall be comparing the process IDs of the running applications and services associated with the ports and then determining the name of the process using the Task Manager. Here is how to do so:
- Open Command Prompt with administrative privileges.
- Enter the following command:
netstat -aon
- Command Prompt will now display a list of TCP and UDP ports currently listening on your computer. Note the associated PIDs to compare from the Task Manager.
- Now open the Task Manager by right-clicking on the Taskbar and clicking on Task Manager. Or, you may use the Ctrl + Shift + Esc shortcut keys.
- Now switch to the Details tab within the Task Manager and match the PID with the associated name of the process/application.
Now you have sufficient information on the ports you would like to close, if any. Proceed to the next step to block/close any listening ports on your computer.
How to close an open port
If you have found a port that you are no longer using or are not sure if it is secure to keep open, you should preferably block it. If you wish to close an open port, you can do so with Windows Firewall or Windows Defender in case of Windows 10.
- Open the Windows Firewall by going to Start –> Control Panel –> Windows Firewall. If you are using Windows 10, you can open the Windows Defender Firewall by going to Run –> firewall.cpl.
- From the left side menu, click on Advanced settings.
- From the right side menu of the new window, select Inbound Rules.
- Then click New rule in the right pane.
- On the Rule type screen in New inbound rule wizard, select Port and then click Next.
- On the next screen, select the type of port as determined through the Command Prompt earlier, and then enter the port number you want to close in front of Specific local ports. Click Next when done.
- On the next screen, select Block the connection and then click Next.
- On the Profile screen, select All Profiles and click Next.
- Now set a name for the rule and click Finish.
You have now successfully disabled the port. You can repeat the steps to block additional ports or delete this one by navigating to the Inbound rules and removing the respective rules.
How to quickly close ports using Command Prompt
A couple of commands can be used to identify the processes that have opened the ports and then close the ports by killing the process.
- Open Command Prompt and run the command: netstat -a -o -n. This will show all the open ports in your system along with their current state and the process ID that have opened the ports.
- If you want to find a specific port, you should run the command: netstat -a -o -n | findstr “993”. Replace 993 with the port number you want to find.
- The last column on the list is the Process ID or PID number. Killing the process will automatically close the listening port. To kill the process, run the command: taskkill /pid 993.
Please note that this is a quick and temporary way of closing the port using the command prompt. If you want to permanently block the port from opening again, you should follow the first method given above.
How to block network ports in Windows Firewall using Command Prompt
Block port in Windows Firewall using command line
You can also permanently block ports in Windows Defender Firewall using the Command Prompt.
To create a block port rule in Windows Firewall, run the following command in Command Prompt:
netsh advfirewall firewall add rule name="Rule Name" protocol=TCP dir=out remoteport=993 action=block
Replace Rule Name with your own rule name, for example, since I’m blocking IMAP port, I’ll name the rule as Block IMAP. Replace TCP with either RCP or UDP, whichever port you want to block. Replace 993 with the actual port number you want to block.
Unblock/Open port in Windows Firewall using command line
To open the port again, simply run the following command in CMD:
netsh advfirewall firewall delete rule name="Rule Name"
Replace Rule Name with the actual rule name, Block IMAP in my case. This will delete the rule that we created above.
Closing words
Listening ports are not always dangerous, as it is very much dependent on what application/service it is open through. Nonetheless, it is still important not to give the attacker any chance to exploit your system’s vulnerabilities and wise to close any ports that are not being used.
The following guide walks you through the steps of blocking specific ports on a Windows machine to harden the computer system.
Most Windows users don’t come into contact with ports on a regular basis, or at all. While some may encounter ports when they set up a new email address in a desktop mail program, or when standard ports such as 80 or 21 are mentioned in news articles, ports are usually ignored for the most part.
Ports broken down to the core enable communication between a Windows PC and something else, for instance Internet sites or mails servers.
Windows is configured by default to have certain ports open. This is usually done for compatibility purposes to avoid issues when certain services are used.
It is a good idea however to close ports that are not use to harden the system and avoid attacks against these ports. The recent SMB ransomware incident for instance could have been avoided for instance if the port would not be open by default.
Which ports are open anyway?
If you never checked ports on a Windows machine, you may wonder which ports are open on it, and how to find that out.
I suggest you use programs for that, as they offer more details and are more accessible than other means.
You may use a program like Portscan for that, or, and that is my favorite, Nirsoft’s CurrPorts instead (see updated CurrPorts review here).
CurrPorts is a free portable program that you can run right after download. It lists all programs and services in the interface, all Internet connections, and all local ports that are open at that time.
The list of open ports may be useful on its own, but most of the time you may have a hard time deciding whether it is required for functionality, or not. There is also the case where you may need the functionality on a network, but not over the Internet.
You do need to research the ports that you don’t know about to make an educated decision about that. One site that you may find useful for that is Steve Gibson’s website where you can search for ports and get information on many common ones.
You may also run port checks from the Gibson website directly by clicking on one of the available port scan options there (e.g. common ports, file sharing, or all service ports). You need to concentrate on the ports listed as open in this case.
Blocking ports in Windows
Once you have made the decision to block a port on a Windows machine, you need to find a way to do so. Most personal firewalls, including Windows Firewall, support the blocking of ports. You may also block ports if you have access to the admin interface of a router or modem, as many come with options to do that as well.
The benefit of blocking it in the router is that it is blocked for all devices you use on the router level. So, if you’d block it on the machine level, you’d have to do so for any device you use at that point or in the future.
Blocking ports using Windows Firewall
The process itself is simple, and should not take long to complete:
- Tap on the Windows-key, type Windows Firewall, and select Windows Firewall with Advanced Security from the results.
- Click on Inbound Rules when the firewall window opens.
- Select New Rule from the Actions pane.
- Select Port from the Rule Type listing.
- Select TCP or UDP, and specify the ports, or a port range (e.g. 445, or 137-139).
- Select block the connection.
- Select when the rule applies (leave default if unsure).
- Add a name, e.g. Port 445, and a description, (e.g. reason for blocking, and date/time).
Note: It can happen that you run into issues after blocking ports on the machine. Apps may not work properly anymore, or you may not be able to connect to certain resources. If that is the case, the port that you disabled in firewall may be needed for that. You can undo the blocking of ports at anytime in the firewall as well.
Repeat the steps for any other port that you want blocked on the Windows PC.
Second note: Programs such as Nirsoft’s CurrPorts will still reveal that services or programs are listening on those ports. This does not change when you block ports on Windows. What happens however is that the connection to these services and programs is refused, because connections to the port are blocked by the system.
Closing Words
It is not difficult to block ports on Windows PCs. While you may spend some time researching the open ports before you start blocking them, doing so will pay off in the long run.
Some ISPs have started to block common attack ports on behalf of their users as well to reduce the attack surface. You can run scans on Gibson’s website to find out if that is the case for you.
Now You: Do you block ports on Windows? If so which and why?
Summary
Article Name
How to block ports in Windows
Description
The following guide walks you through the steps of blocking specific ports on a Windows machine to harden the computer system.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement
By on 28 Sep 2024 0 Categories / windows
In order to keep out harmful programs and block unwanted ports, you can employ Windows firewalls. This handy Windows tool, accessible from the control panel, lets you disable or block any specific ports by using its Advanced Security console.
We will show you how to successfully block all inbound or outbound port with just a few steps on Windows VPS server.
How to disable or block port in Windows Firewall?
In just about all versions of Microsoft Windows, the firewall is enabled by default, so you don’t need to activate it manually in most cases as it already protects your PC and Windows VPS.
Sometimes it is necessary to open a specific port in the Windows VPS firewall, which you can use the article on How to open a port in Windows VPS, Or it may be that a process is executed on the port by another program and that port is unusable for other process, so we must identify and kill port in windows or change it.
Step 1- Open Windows Defender Firewall
Press the Windows + R key to open the Run section of Windows and type “firewall.cpl” and click Ok.
Step 2- Firewall Advanced setting
In this section, you can turn off or turn on your Windows server firewall, but we choose from the Advanced security setting section on the left bar.
Step 3- Select Properties
Now, take a look at the right side of the window that just popped up. There’s an option that says “Properties”.
Step 4- Turn on the firewall profile for different sections
In the opened pane, you must switch the firewall profile to On in all three tabs for domain, private and public networks.
Note: On the first advanced security screen, the mode of private and public networks is displayed. If it is off, you can go to Properties to change it.
How to Disable Inbound Ports on Windows VPS Firewall?
Port blocking process is pretty similar across all versions of Windows, although there might be tiny differences. Just follow the steps to get those specific Inbound or Outbound ports closed.
Block Inbound Connections
Once the Windows Firewall with Advanced Security is up and running, you’ll find a menu on the left-hand pane. “Inbound Rules” and “Outbound Rules” can both be selected here.
Go with the “Inbound Rules“, if you value security and want to limit incoming traffic from a particular port. Here’s how you do it:
1- In the left-hand menu, choose “Inbound Rules“. In the right-hand pane, click “New Rule…“. open the New Inbound Rule Wizard.
2- open the New Inbound Rule Wizard.
There are four types of rules available in Windows firewall: You can set rules for;
1- Program: To block or allow a program
2- Port: To block or open a port, port range or protocol
3- Predefined: To apply a predefined firewall rule
4- Custom: To specify a combination of application, port and IP address to block or unblock.
We need to close a port, so select the Port option and tap “Next“.
3- Up at the top, select your preferred protocol, i.e., TCP (to block Transmission Control Protocol data) or UDP (to block User Datagram Protocol data).
In the Specific local ports field listed below the Protocol and Ports page, enter the ports you want to block. Then hit “Next“.
4- Select “Block the connection” and click “Next“.
5- On the Profile page, a screen will appear asking which sorts of networks you wish to apply the rule to.
Whenever you’re connected to a private (home or work) network, use private profile and connections to public networks or direct Internet connections are considered public profile. Then, click “Next“.
6- Name your new rule and optionally include a brief description in the next field, so you can remember what it is for. Finally, click Finish to save your new rule.
As a result, the new role is activated now and your preferred port is disabled.
How to Disable Outbound Ports on Windows VPS Firewall?
Outbound firewall rules are policies that specify which traffic can leave your network via secured ports. By default, there is no restriction applied to outgoing traffic.
Block Outbound Connections
Configuring outbound firewall rules will protect your data from being directed to malicious websites and untrusted domains.
Also, you can use outbound rules to decide which applications on your system can access the Internet and send data over the Web. Let’s find out how to set outbound rule in Windows firewall.
Outgoing traffic can be blocked by following a similar process to how you create an inbound rule.
1- in the top left corner of the window, find and click Outbound Rules.
2- Now, enter the necessary port numbers and set up the rest of settings to configure a new outbound rule. For example, we have blocked one of the ports named abcd.
Well done! Now the traffic trying to leave your computer through this port has been successfully stopped.
Just keep in mind that the settings you’ve just adjusted are specific to the port number you’ve entered. In case you need to block other ports, repeat this process.
Conclusion
To sum up, port blocking is a powerful strategy provided by the Windows Firewall to secure your system. In this way, you block any communication channels that could be abused by dangerous software or unidentified users. This not only protects your system from hacking attempts, but it also improves your bandwidth by preventing unnecessary data exchanges.
Now that you understand how firewalls block inbound or outbound ports through the Advanced Security console, you can effectively control the data traffic entering or leaving your system.
In order to secure your system from potential threats, just follow the steps carefully and keep your firewall rules updated. Not to forget the settings are only effective as long as your Windows Firewall is active. If you disable the firewall, all the rules (including the one you just created) will be inactive.
Introduction
In this article, you will learn how to block or allow ports in windows firewall.
Your Windows machine can be protected from any threats posed by the network by using the Windows Firewall. You have the option of controlling who is granted to enter your system as well as the level of accessibility that is granted.
Block port in Firewall
Step 1. Navigate to the Windows Firewall and advanced settings.
Step 2. To see the list of rules, select “Inbound Rules” from the menu that appears on the left side of the window. then click on the new rule.
Step 3. Select port and then press the next button.
Step 4. Click on “Specific local ports” and choose a port number (e.g., 80). then click on “next.”
Step 5. Choose Block the Connection and then click Next.
Step 6. Apply Your New Rule to Each of the Different Types of Profiles. To apply your rule to each of the three kinds of profiles (domain, private, and public), under the Profile window, you must check the appropriate boxes. To proceed, click the “Next” button.
Step 7. Give your new rule a name. You can also add a description to your rule if you want to. Click “Finish” when you’re done to set up the settings.
Allow port in Firewall
Step 1. Navigate to the Windows Firewall and advanced settings.
Step 2. To see the list of rules, select “Inbound Rules” from the menu that appears on the left side of the window. then click on the new rule.
Step 3. Select port and then press the next button.
Step 4. Click on “Specific local ports” and choose a port number (e.g., 80). then click on “next.”
Step 5. Choose Allow the Connection and then click Next.
Step 6. Apply Your New Rule to Each of the Different Types of Profiles. To apply your rule to each of the three kinds of profiles (domain, private, and public), under the Profile window, you must check the appropriate boxes. To proceed, click the “Next” button.
Step 7. Give your new rule a name. You can also add a description to your rule if you want to. Click “Finish” when you’re done to set up the settings.
Conclusion
Hopefully, you have learned how to block or allow ports in windows firewall.
Thank You 🙂