So what’s a port? Does my computer have one and where do I find it? Are a selection of questions I often get asked when trying to explain why they can’t access their favorite proxy server, or use file sharing sites whilst they are at work.
Computer ports are of course very dull, but they are intrinsic to how computers work. Firstly a quick distinction – there are actually two distinct categories of ‘ports’ when you’re referring to computers – hardware/physical/peripheral ports or network/virtual ports. With regards to computer security, it’s the network ports which we are most interested in, physical ports are just the places you plug things in on the back or side of your computer. The common ones are USB, Serial, Parallel, VGA and stuff like that – here’s a picture of two common physical ports you might find –
The network ports are virtual, they don’t physically exist but are merely exist to allow information to flow across a network between different devices and programs. They are an important part of TCP/IP networking and some knowledge can be of great benefit if you are having filtering or blocking issues. Your computer will be constantly opening and closing these virtual ports when you’re online and you can see which ones are open by running a program called netstat from the command prompt, or for a more user friendly display try one of the freeware tools like Currports which will allow you to see them a little easier.
You’ll see in the graphic that there are loads of ports open in response to what programs and applications are running on my computer. Most popular services tend to use standard ports, although this isn’t essential – in the list above you’ll see that there are processes being established on port 443 – this is the SSL port and is open on my computer as I’m logged into my Facebook account in my browser. It’s worth having a look at these lists on your computer because every process there is effectively using your computers resources in some way. For instance I noticed that Dropbox which I stopped using months ago was still sitting running on my computer listening on several network ports.
You can often tell which program or service is running simply by the port number. For example web browsing will normally take place over 80 or 8080, SSL on 443, FTP on 21, DNS Services use 53 and Email 25. I’ll put a more extensive list up in a separate post because it’s useful to have a reference. These ports are therefore also used when someone is trying to block access to something. So for example if you’re the administrator for a corporate network and you want to stop people using FTP to upload or download files from the internet, you could block port 21 which would effectively break standard FTP clients.
It’s a common tactic and is a simple way to control access on a large scale, for example the Great Firewall of China will block ports that are used by anonymity programs like TOR or indeed those using a UK proxy for BBC. However it’s also possible to circumvent blocks like these if you are able to utilise non-standard ports. For example modify your FTP client to use something other than Port 21 to communicate or relay your email through something other than port 25. In the next post I’ll show you how you can use Identity Cloaker to redirect any application traffic onto whichever port your decide and bypass these filters.