When using specific tools or programs, or playing video games, it may be necessary to open specific ports on the router at certain times. That is why we have discussed how to open ports on various routers from companies such as Movistar, O2, Vodafone, Orange, and others. There are a number of ports that should not be opened.
By default, ports are closed, especially if they deal with dynamic or private ports. However, according to the latest security report, it is recommended not to open these 14 entries to avoid cyber attacks. Through penetration testing, it is possible to initiate authorized simulated cyber security attacks against web pages, mobile apps, networks, and systems in order to find vulnerabilities. Now, these vulnerabilities may occur when these 14 ports are opened.
The 14 ports that should not be touched are listed below.
Not all ports are vulnerable, but in this case, the following ports are vulnerable. Therefore, it is best not to touch them in order to keep the network safe. These ports are prone to exploitation.
-
FTP ports (20, 21):
- Port 20 and 21 are TCP ports used for the File Transfer Protocol (FTP), which allows users to send and receive files from a server to a personal PC. This entry is completely outdated and insecure, and can be exploited by anonymous authentication, cross-site scripting, brute force password, or directory traversal attacks.
SSH (22)
Next, you will find the SSH (Secure Shell) entry. This is a TCP port used to secure remote access to a server. However, exploits may be abused by brute-forcing SSH credentials or using secret keys to gain access to the target system.
Telnet (23)
This TCP protocol allows users to connect to a remote computer via the internet. Opening port 23 may make it vulnerable to malware if it is outdated and insecure. In addition, it may also pave the way for personal information theft.
SMTP (25)
Port 23 is used for sending and receiving emails through the SMTP protocol. In this case, you may be vulnerable to spam, personal information theft due to being insufficiently protected against cyber-attacks.
DNS (53)
These are TCP and UDP ports used for DNS transfers and queries, respectively. By opening it, hackers can exploit quite common exploits on the DNS port, such as Distributed Denial of Service (DDoS) attacks.
TFTP (69)
The Trivial File Transfer Protocol (TFTP) is used to send and receive files between users and servers over the internet via UDP port. Therefore, by opening it, attackers can spread passwords and conduct attacks through unauthorized access.
SMB (139, 137, 445)
This SMB port stands for Server Message Block. In this confusion, we are facing a communication protocol created by Microsoft, which allows access to files and printers across the network. This entry includes the vulnerability of EternalBlue, which exploits SMB port using brute-force to obtain SMB login credentials, capture NTLM and connect to SMB using PSexec.
HTTP/HTTPS (443, 80, 8080, 8443)
HTTP (Hyper Text Transfer Protocol) and HTTPS (Hyper Text Transfer Protocol Secure) are other common entries for browsing the internet. In this case, they are vulnerable to SQL injection, cross-site scripting, and other attacks.
