Make sure your firewall is working
September 9, 2018
By
One essential tool that keeps hackers from seeing your computer online is a firewall. Even if they manage to know your computer’s location and IP address, the firewall keeps them from accessing your system and your network.
Not sure if you have a firewall in place? Well, newer Windows and Mac systems all have built-in software firewalls for configuring your outgoing and incoming internet ports. Although useful for certain applications, you have to be careful when tweaking your firewall port settings.
A wrong port setting can leave your computer vulnerable to port scanners, giving hackers an opportunity to slip past.
Also, if your computer has been exposed to a virus, it might have changed your port settings without you knowing.
What exactly is a port?
Your router has thousands of “ports” that let different kinds of information pass between your network and the internet. Port 80, for example, is always used for general web traffic and port 143 is for IMAP email. If hackers find an exposed networking port on your computer, they can jump right in. That’s why you should always use a firewall to hide and protect your computer.
But how do you know if your firewall is doing its job? Here’s a free tool you can use.
A port testing service like Gibson Research Corporation’s (GRC) ShieldsUP!! scans your firewall to make sure your ports are not exposed and vulnerable to internet hacks. If ShieldsUP!! can see your ports over the internet, then so will someone with the right port scanning tools.
This is a browser-based tool that you can use to check if your system is vulnerable to hackers who use open port scanners.
It has six specific internet port vulnerability tests you can run (namely, File Sharing port check, Common Port scan, All Service Port scan, Messenger Spam test, Browser Header test, and a UPnP exposure test) to see if parts of your network are exposed.
File Sharing port check
This test checks for port 139, which is used for NetBIOS — Windows system’s File and Print Sharing protocol. It is important that this port is closed or unscannable since having it open leaves all your shared folders and resources available over the entire internet. Certain worms and viruses also exploit this port for propagation.
Common Port Scan
This quickly tests for the widely used and most common vulnerable internet ports used by a variety of services. These include FTP: 21, SSH: 22, Telnet: 23, HTTP: 80, and HTTPS: 443. It’s critical that you have all these ports set this to “Stealth” or “Closed” for security purposes.
Scan of the first 1056 standard service ports
This is a complete test of your standard service ports 1-1056.
Why these ports? Internet ports are numbered from 1 through 65535, but according to GRC, ports 1 through 1023 are generally reserved as listening ports for services waiting for incoming connections running on the receiving system.
GRC also added an additional 33 ports due to the “insecure behavior of Microsoft’s Windows operating systems,” bringing this number to 1056. Again, unless done for a specific purpose, these ports should always be scanned as “Stealth” or “Closed.”
Windows Messenger Spam check: Port 135
Port 135 is apparently used by spammers to exploit the Windows “Messenger Service” to flood the internet with unsolicited emails. By sending text packets to your IP address, this tool tests if your computer is vulnerable to Messenger Spam.
Browser Headers Check
This tool checks what identifying information is being sent by your browser when it requests data from a web server. This information may contain cookies, the webpage that contained the referral link, the type and version of the browser you’re using, display setting, operating system and more.
UPnP Exposure Test
UPnP, or Universal Plug and Play, is a feature that is enabled by default in most consumer routers. This allows your network’s home appliances that support UPnP to discover and connect with each other without password authentication.
While it is a convenient feature, UPnP is commonly exploited by hackers to connect to your network remotely. For users’ safety, UPnP was meant to be used within your internal network and it shouldn’t be exposed publicly.
Other port tests
ShieldsUP!! also has a Custom Port Probe tool for scanning any port of your choosing plus a useful port information tool.
How to run the test
To access this test, click the yellow button below.
Note: Before you start, please keep in mind that ShieldsUp!! doesn’t allow browser refreshes so please refrain from reloading pages. If you do, you’ll have to go back to the GRC home page to reload the tool.
https://www.komando.com/tips/cybersecurity/test-your-firewall-to-make-sure-its-working/