Batten Down Those Ports

Don't let malicious intruders find a way into your system. We tell you how they try to sneak in-and how to keep them out.

With worms such as Blaster prowling the Net, every user ought to know the ways a computer may be exposed to attacks. One of the simplest but most vital tests you can do to determine potential vulnerabilities is to find out which ports your PC has open to the outside world.

Computers that speak TCP/IP obtain services from one another via "handles" known as ports. Many ports are preassigned to specific network services, such as HTTP (port 80) and FTP (port 21); these are called well-known ports. There are two kinds of ports: TCP ports and UDP ports.

TCP ports are used by the Transmission Control Protocol, which allows a server to conduct a conversation, or session, with another machine. When your computer wants to request a page from a Web server, it sends a packet to that machine indicating that it wants to talk to TCP port 80 (the well-known port through which most Web servers deliver pages). The server, seeing that youve asked for port 80, connects your computer to the Web server program, which—of the many programs running on the machine—is the one that specializes in delivering Web pages. The conversation between the machines may be brief or may continue indefinitely.