How to protect your smart home with Home Guard (part 3)
Attacks on all types of connected devices are soaring not only due to ever-smarter hacker attacks, but also because of poorly protected devices. Read on to learn how to close dangerous ports.
Router attacks are commonplace on the internet. Even a simple Google search is enough to reveal hacking guides on how to quickly hijack routers. Cybercriminals are aiming for open ports, which are actually used for accurate data packet mapping. Here’s an example: Port 21 is used to connect a router as a drive in Windows via FTP (File Transfer Protocol), and port 2 is used to grant a program the necessary access rights to the network. The key ports are numbered consecutively according to a global standard. When surfing the internet, your computer and the web server exchange data using port 80, which is reserved for HTTP (Hyper-Text Transfer Protocol) traffic. This rules out server data being sent to your FTP client, as this is port 21’s job. There are 65535 ports, but only ports 0 to 1023 are actually used.
Danger of open ports
A port can either be open or closed. By default, they are closed. Only when a service opens a port can data reach the computer via this port. The operating system simply ignores requests sent to a closed port. If you close open ports that aren’t required, you lessen your exposure to attack. The reason is simple: If a port is open, anyone can access the service using it via the internet. If system services, for example, are behind a port, this is a serious security issue. As such, the rule of thumb is to only open those ports that are actually required. This approach of keeping open ports to a bare minimum is referred to as hardening. Check whether the port labeled by Home Guard as being “open” is important or not. If it isn’t, close the port via your router.
Potentially dangerous ports you absolutely must close
- Port 135: Windows uses this port to establish a connection between the user’s PC and a server. By default, this port is open on many Windows systems.
- Ports 137/138/139: Are responsible for distributing data between computers on your network, e.g. when you use multiple Windows PCs on your network.
- Port 500: A protocol used to exchange cryptographic keys on the internet.
Tip: For a list of important default ports, see https://wiki.botfrei.de/Port_Check.
FRITZ!Box: Checking and modifying port shares
- Open your browser and enter your login credentials at http://fritz.box.
- The integrated security diagnostics function gives you an overview of the port shares used by the FRITZ!Box for network communications. To start it, click Diagnostics and Security. A few seconds later, you’ll see which ports are open under “Port Sharing with Home Network Devices”. These ports let internet devices establish a connection on your FRITZ!Box. If you see “No port sharing configured”, that’s a good sign.
- Additionally, “1. Connection, Internet” also lists the default ports that should remain open so that the FRITZ!Box can establish internet and telephony connections. Irrespective of this, you should open ideally none or just a few ports.
- You will find the settings, if your box has them, by clicking Internet, Permit Access, and then Port Sharing. In the default configuration no ports should be open in the list. Under the entry “List of Ports Opened via UPnP or PCP”, you can see which ports have been opened. Click the red cross next to the port to close it. Then click Apply to save your changes.
Important: Before removing any suspicious-looking port shares, first backup your FRITZ!Box’s settings via Wizards and Save and Restore Settings. If a network device stops working after closing a port, simply restore your former settings.