How To Find And Close Listening Ports In Windows 10

Open ports in Windows 10 are often deemed dangerous because hackers can exploit them if the service or application the ports are associated with are unpatched or lack basic security protocols. Therefore, it is recommended to close any listening network ports which your system isn’t using.

Let us brief you on what ports are and why they can be dangerous.

What are network ports?

Network ports are used by Windows services and applications to send and receive data over the network. If you wonder if this is what the IP address is used for, then you are absolutely correct. However, a unique IP address defines the path to a specific device, whereas a port defines what application or service on that particular device to send that information to.

Just like the IP addresses, a port is also unique within its ecosystem. Meaning, the same port cannot be used by two different services/applications. Therefore, both of these unique identifiers, the IP address, and the port number, are used to send and receive information from a computer.

A port number can be found suffixed to an IP address, as in the example below:

xxx.xxx.xxx.xxx:80

Here, the numbers followed by the colon denote the port number. Below are a few ports used by certain services and applications by default:

  • FTP – 21
  • SSH – 22
  • Telnet – 23
  • SMTP – 25
  • DNS – 53
  • DHCP – 67 & 68
  • HTTP – 80 & 8080
  • HTTPS – 443
  • SNMP – 161
  • RDP – 3389

A single IP address can have 65535 TCP and 65535 UDP ports in total.

Are open network ports dangerous?

Not all ports that are listening are dangerous. Sometimes an application opens the ports automatically without informing the users. If the application is poorly constructed and the security protocols lack the basic infrastructure, an attacker might exploit those and infiltrate your PC.

An open networking port is not always dangerous, but it is always better to keep your guard up and close any ports that are not required.

2 ways to check which ports are open/listening in Windows 10

You can figure out which ports are currently open on your computer, even if the installed applications did not inform you that they are using them. Here are 2 ways to check which ports are open and which service/application uses them on your local computer before you proceed to block them.

Here is a guide to check if a remote network port is open.

Determine open ports with process name using Command Prompt

Some applications give out the name of the application/service associated with a port number. You can use the below-given command in Command Prompt to determine which ports are open and what are the names of the associated applications.

  1. Open Command Prompt with administrative privileges.
  2. Enter the following command:
    netstat -ab
  3. Command Prompt will now display the output of open network ports with their associated application/service names, as in the image below:
    cmd 1 1

Since the IP address assigned to our computer is 10.0.0.31, it displays different ports used by various applications suffixed to the IP address. However, as you may notice, some of the names of the services and applications are unidentifiable. For that, we shall adopt the second method.

Determine open ports with process ID using Command Prompt

In this approach, we shall be comparing the process IDs of the running applications and services associated with the ports and then determining the name of the process using the Task Manager. Here is how to do so:

  1. Open Command Prompt with administrative privileges.
  2. Enter the following command:
    netstat -aon
  3. Command Prompt will now display a list of TCP and UDP ports currently listening on your computer. Note the associated PIDs to compare from the Task Manager.
    PID
  4. Now open the Task Manager by right-clicking on the Taskbar and clicking on Task Manager. Or, you may use the Ctrl + Shift + Esc shortcut keys.
  5. Now switch to the Details tab within the Task Manager and match the PID with the associated name of the process/application.
    task manager

Now you have sufficient information on the ports you would like to close, if any. Proceed to the next step to block/close any listening ports on your computer.

How to close an open port

If you have found a port that you are no longer using or are not sure if it is secure to keep open, you can block it using the guide below.

  1. Open the Windows firewall by navigating to the following:
    Control Panel -> System and Security -> Windows Defender Firewall -> Advanced Settings
  2. Click on Inbound Rules in the left pane, and then click New rule in the right pane.
    new rule
  3. On the Rule type screen in New inbound rule wizard, select Port and then click Next.
    port
  4. On the next screen, select the type of port as determined through the Command Prompt earlier, and then enter the port number you want to close in front of Specific local ports. Click Next when done.
    local port
  5. On the next screen, select Block the connection and then click Next.
  6. On the Profile screen, select all profiles and click Next.
    profiles
  7. Now set a name for the rule and click Finish.

You have now successfully disabled the port. You can repeat the steps to block additional ports or delete this one by navigating to the Inbound rules and removing the respective rule.

Closing words

Listening ports are not always dangerous, as it is very much dependent on what application/service it is open through. Nonetheless, it is still important not to give the attacker any chance to exploit your system’s vulnerabilities and wise to close any ports that are not being used.

Join 6000+ other users and have new posts emailed to you

Discover new tech tips and troubleshooting guides as soon as they are published

Leave a Comment