Can you explain the different ports to me? How do I know which to open or close for a firewall?
You need to understand Transport Control Protocol (TCP). Ports are a parameter of the
TCP. There are many different services that can
run using TCP as the mechanism to get data from one place to another. TCP
keeps these services separate from each other by assigning a unique "port"
to each service. Since the "port" parameter is a 16-bit field, there are
65,536 possible "ports" or services. Some of these, such as port 0, are reserved
and not used.
The ports from 0-1,023 are called "Well Known Ports." The Well Known Ports
are assigned by the Internet Assigned Numbers Authority (IANA) and on most
systems can only be used by system (or root) processes or by programs
executed by privileged users.
The ports from 1,024-49,151 are called "Registered Ports." The Registered
Ports are listed by the IANA and on most systems can be used by ordinary
user processes or programs executed by ordinary users. They are not
controlled by IANA and can be used for most any purpose. However, IANA
does maintain a "registry" of port numbers and their common uses as a
convenience to the community.
The ports from 49,152 through 65,535 are called dynamic or "private ports."
As the name implies, these ports are not registered and may be used
for anything by any program.
A listing of the Well-Known and Registered ports, along with their common
can be found at http://www.iana.org/assignments/port-numbers
With regard to firewall security, your default policy should be to close all
except those that need to be open for operational reasons. How you define
which ports are open and which are closed will depend on which firewall
you are using.
This was first published in August 2001