Sunshadowz logo Banner

Computer Port Security

Main Menu

Firewalls

Antivirus

Intrusion Detection

Spyware

Data Encryption

Home


firewalls

Computer Port Security - understanding the mechanics

A brief definition of TCP/IP and TCP/IP virtual ports follows to ensure an understanding of what a firewall must achieve in order to be effective at computer port security.

TCP/IP

All Internet (TCP/IP-Transmission Control Protocol/Internet Protocol) communication is facilitated by the exchange of IP data packets between two connected computers. Each IP data packet is transmitted from the source "sending" PC to the destination "receiving" PC. These two PCs agree that they are connected and maintain their connection to allow for the continued transmission of data between them. Each PC also sends and receives data packets that acknowledge the receipt of the other PC's transmitted data. Internet data transmission requires that every Internet data packet contain a destination address and port number. Also, so that the receiving computer knows the origin of the message, the data packet must also contain the IP address and port number of the sending PC. In general terms every Internet data packet must contain its complete source and destination addresses. This is the general concept of the TCP/IP Protocol and how it relates to the transmission of Internet data packets. TCP/IP makes it possible to exchange information over the Internet. TCP/IP also ensures that data arrives at the correct computer in the proper order. An example of a TCP/IP address is 205.188.146.146, which is assigned to www.microsoft.com.

TCP/IP Ports

Personal computers use TCP/IP ports to communicate with other computers. A TCP/IP port on your computer is only opened when your computer accepts the request from the first arriving data packet to establish a connection. If the request for a connection to a port is denied that port is effectively invisible from the Internet, no one and nothing will be able to connect to it. A personal Firewall software's function is to inspect each and every packet as it arrives at your computer prior to it being seen by any other application running on your computer. When properly configured the firewall has total power to veto the receipt of any packet from the Internet by blocking access to the requested TCP/IP port. The uniqueness of a firewall is the ability it has to be "selective" about what data packets it allows thru and which ones it blocks out. This selective "filtering" is based on any combination of the originating IP and port addresses as well as, the destination PC's IP and port address. As an example all HTTP (Hyper Text Transfer Protocol packets) require access to port 80 in order to communicate with the World Wide Web, however, if the firewall blocked this port all HTTP traffic would be disabled. To permit this traffic the firewall inspects all IP data packets and only initiates a connection for those packets, which have requested access to port 80 via the TCP/IP address in the header address of the data packet. Here is an example of some other common TCP/IP ports and the services that connect to them:

  1. Port 21 - FTP (File Transfer Protocol)
  2. Port 25 - SMTP (Simple Mail Transfer Protocol)
  3. Port 49 - Login (Login Host Protocol)
  4. Port 113 - Auth (Authentication Service)
  5. Port 114 - Audionews (Audio news multistream)
Google

Related Articles Below

Related Articles on Firewalls




Top