Without a firewall are all your ports open?

[chiwawa626]

Without a firewall are all your ports open? Like would that be the same as going in my router and forwarding ports 1-100000? or would it be more dangerous to do that in the router?

 

[Wedesdo]

Nope.

I love my SpeedStream 5660 DSL Modem/Router...

 

[chiwawa626]

What does nope mean? im assuming it means that forwarding all my ports is the same as not haveing a firewall

 

[yakko]

Nope.

 

[tweakmm]

I would assume that the only ports open would be the ports that programs have open. For a hacker to make use of ports, there needs to be a service running on them

 

[duragezic]

No I don't think so. There is a test on DSLReports that checks them, and when I did it, all of them checked out fine as being secure, except one or two that were open to hacks or whatever and I don't have a firewall.

 

[chiwawa626]

so whats the highest port num, when i put 99999 in my router i get an error:
An Error Was Detected On The Previous Page The number was too large for an unsigned 16 bit integer HTML Item value: 90701


now whats hte lenght of that?

 

[Descartes]

<< Like would that be the same as going in my router and forwarding ports 1-100000? >>



FYI, port 100000 doesn't exist. The field in an IP header for a destination port is 16 bit, thereby limiting it to a total of 65536 ports, giving you a maximum port of 65535.

Oh, and your answer is, yes. Having a port "open" means that you have a daemon listening on one of those ports offering some type of a service. Otherwise, per the TCP spec, any attempt to connect to a destination port not having a service sends a "reset" packet to the sender. This does no harm.

Depending on what your OS is, you'd have different ports open. Just because a port is open doesn't mean you're necessarily open to attack. Windows boxes are traditionally able to be exploited by having NetBIOS over TCP/IP enabled, and establishing a null session of the ipc$ share, then brute forcing the administrator account. Often times, it's not even password protected.

 

[Grommet5]

Descartes is right, they are 65535 ports. I usually have the following rule in my TPF firewall Block all ports 0 to 65535, and only allow applications i want to access the internet. So far i've gotten perfect scores on dsl reports.

 

[bsobel]

> Descartes is right, they are 65535 ports.

Sort of, there are 65535 ports in IPv4 per protocol. E.g. there are 65535 TCP port, but there are also 65535 usable UDP ports. You can be having seperate conversations on the same port number but with a different protocol.

Bill

 

[Grommet5]

bsobel, you are also right. However, in my TPF firewall, i have 2 rules block all UDP and block all TCP ports 0-blah blah. so i think i've covered all bases

 

[Descartes]

<< Sort of, there are 65535 ports in IPv4 per protocol. E.g. there are 65535 TCP port, but there are also 65535 usable UDP ports. You can be having seperate conversations on the same port number but with a different protocol. >>



That's true, but we were talking number of ports, regardless of the protocol because he was trying to use port number 99999.