In Windows Server, there are certain ports that should be kept closed to the outside world to increase security. By closing these ports, you can make your system more protected against external threats. Here are some common ports that should be closed to outsiders and why:
21 (FTP): File Transfer Protocol should be closed to access from the outside world. If necessary, use more secure alternatives such as SFTP or FTPS.
23 (Telnet): Telnet provides unencrypted data transmission. More secure protocols such as SSH (port 22) should be used.
25 (SMTP): Simple Mail Transfer Protocol should be turned off if your server is not a mail server.
110 (POP3): Post Office Protocol v3 should be closed to access from the outside world.
135 (RPC): Remote Procedure Call should be closed to outside access because it is often an attack surface.
137-139 (NetBIOS): NetBIOS should be closed to external access.
143 (IMAP): Internet Message Access Protocol should be closed to outside access.
445 (SMB): Server Message Block should be closed to outside access because it is often an attack surface.
3389 (RDP): Remote Desktop Protocol, should be closed to outside access if possible. Access via VPN is a more secure option.
3306 (MySQL): The MySQL database port should only be open for local network access.
5432 (PostgreSQL): The PostgreSQL database port should only be open for local network access.
8080 (HTTP Proxy): This port is typically used for proxy and alternate HTTP ports. It should be closed to external access.
Turn on Advanced Security with Windows Firewall:
Open the "Advanced Security with Windows Firewall" application from the Start menu.
Configure Inbound Rules:
Click "Inbound Rules" in the left panel.
Click "New Rule" in the right panel.
Select the "Port" option and click the "Next" button.
Select "TCP" and "Specific Local Ports", type the ports you want to close separated by commas (for example, 21,23,25,110,135,137-139,143,445,3389,3306,5432,8080).
Select the "Block Connection" option and click "Next".
Select for which profiles (domain, private, public) you want to apply this rule and click "Next".
Give a name for the rule (for example, "Ports Closed to the Outside") and click "Finish".
Monitor and Update: Review your firewall settings and open ports regularly and update them if necessary.
VPN Usage: Use a VPN to access remote desktops or other sensitive services. This prevents direct access from the outside world and provides an additional layer of security.
Security Updates: Apply the latest security updates and patches for your Windows Server and all installed software.
By following these steps, you can securely configure ports on your Windows Server that should be closed to the outside world.
1. Ports that should be kept closed in general
21 (FTP): File Transfer Protocol should be closed to access from the outside world. If necessary, use more secure alternatives such as SFTP or FTPS.
23 (Telnet): Telnet provides unencrypted data transmission. More secure protocols such as SSH (port 22) should be used.
25 (SMTP): Simple Mail Transfer Protocol should be turned off if your server is not a mail server.
110 (POP3): Post Office Protocol v3 should be closed to access from the outside world.
135 (RPC): Remote Procedure Call should be closed to outside access because it is often an attack surface.
137-139 (NetBIOS): NetBIOS should be closed to external access.
143 (IMAP): Internet Message Access Protocol should be closed to outside access.
445 (SMB): Server Message Block should be closed to outside access because it is often an attack surface.
3389 (RDP): Remote Desktop Protocol, should be closed to outside access if possible. Access via VPN is a more secure option.
3306 (MySQL): The MySQL database port should only be open for local network access.
5432 (PostgreSQL): The PostgreSQL database port should only be open for local network access.
8080 (HTTP Proxy): This port is typically used for proxy and alternate HTTP ports. It should be closed to external access.
2. Configure Firewall Settings
You can close these ports by configuring your firewall:Turn on Advanced Security with Windows Firewall:
Open the "Advanced Security with Windows Firewall" application from the Start menu.
Configure Inbound Rules:
Click "Inbound Rules" in the left panel.
Click "New Rule" in the right panel.
Select the "Port" option and click the "Next" button.
Select "TCP" and "Specific Local Ports", type the ports you want to close separated by commas (for example, 21,23,25,110,135,137-139,143,445,3389,3306,5432,8080).
Select the "Block Connection" option and click "Next".
Select for which profiles (domain, private, public) you want to apply this rule and click "Next".
Give a name for the rule (for example, "Ports Closed to the Outside") and click "Finish".
3. Extra Safety Tips
Review Default Rules: Review other ports that are open by default and close them as needed.Monitor and Update: Review your firewall settings and open ports regularly and update them if necessary.
VPN Usage: Use a VPN to access remote desktops or other sensitive services. This prevents direct access from the outside world and provides an additional layer of security.
Security Updates: Apply the latest security updates and patches for your Windows Server and all installed software.
By following these steps, you can securely configure ports on your Windows Server that should be closed to the outside world.
OWNER 