Downloads   Registration   Customer Service    Service Offerings    Discussion Forums    Support Home    NETGEAR Home    
How Are a Computer's or a Router's Ports Secured?

How Are a Computer's or a Router's Ports Secured?

As described in How is Port Forwarding Configured?, software ports are numbered connections that computers and routers use to tell one type of network traffic from another. For data to pass to or from the Internet, there must be an open port for that traffic on your computer or router.

A port can be attacked when it is open. Generally, it cannot be attacked when closed. Therefore, to protect your computers, the tasks are to protect the ports that are open, and close the ones that are not used. NETGEAR routers can easily be configured to open or close ports. Depending on the router, there additional features to secure ports as well. The document "How is Port Forwarding Configured" (above) explains one of the important ways to secure ports to the Internet.

By default, with NETGEAR, all ports to the Internet, and most ports to your LAN are closed. A few LAN-side ports are open — such as FTP and HTTP — since they are needed for basic router connectivity.

Ports can be controlled by hardware such as a router, or by software firewalls. NETGEAR firewall routers are fast, do not slow your computers, and often have more features than a software firewall. Software firewalls, such as the one included in Windows XP, may conflict with a hardware firewall, resulting in problems such as loss of connectivity. Generally, NETGEAR recommends not using software firewalls.

Even with a NETGEAR firewall router in place, other security issues exist:

  • When a port is open, the software using that port can be attacked. Therefore anti-virus programs, and installing critical security updates for your operating system and other software are still absolutely critical.
  • Hackers will probe your network frequently to see whether there is a problem with the way you have secured your ports. Here are three programs to test if your router or computer's ports are secure. The first gives the simplest "good / bad" results.

Symantec Security Check (Once on the page, click Start under "Security Scan".)

Gibson Research Corporation (On the page, scroll down, and click ShieldsUP!)

Sygate Online Services (On the page, click Scan Now.)

Since these programs are concerned with any possible threat, they may report things that are in practice usually safe. For example, although the Sygate and Gibson sites note ports that are not "stealthy", in practice ports that are "just" closed are usually quite secure.

(For a very detailed and technical explanation of hardware and software firewalls, see the site Firewalls FAQ.)

ID: N100734.asp Sept. 15, 2003

  
   


Support Knowledgebase
Manuals
Sales and Company Information
                © 1998-2006 NETGEAR | Contact Us | Configure Your Network | Home