[SOLVED] Open ports and threats. How to stay convenient yet protected

Ptitifulbreak

Commendable
Apr 11, 2019
20
0
1,510
I started using the built in security features of my Cox IPS router/modem. I have a few ports I use to access my PC from the outside would either from my laptop or my mobile phone. The one I access the most is Remote Desktop which uses port 3389. I have opened this port (and a few others) but my router security always shows threats from random IP addresses and that port, among others, like several a day. I also will get dozens of notifications a week I get on from ports I have no association with. This is a new feature to me, I always relied on my own anti-virus and firewalls to keep me safe. But since I started using my ISP's security option it seems all I get are constant threat alerts. Is this really happening, am I always getting hackers trying to access my network? I have ran a Malwarebytes scan and it didn't find anything alarming.

What I am looking for are any guides on how to avoid port forwarding if possible or how to know what all the threats I see on a daily basis actually mean for me and my network.

Thanks.
 

Ptitifulbreak

Commendable
Apr 11, 2019
20
0
1,510
Take a look at THIS port security test site -- just run an all service port check to insure that only the ports you specifically authorized are open.
So I ran the test and I am now not sure what I am looking at.

Untitled-1.jpg



JySoIS4.jpg
 

RealBeast

Titan
Moderator
That means that when your router was pinged it did not respond. Instead of the very large orange button click on the thin silver bar that says all service ports. Then you will actually see the result for the first 1056 ports. You can also scan specific port ranges.

Unfortunately, being a free tool it will not do a full 0 through 65535 port scan.

There is another useful free tool you can download from HERE that you can run from one of your local machines to map all open ports so that you know for sure which are indeed open.
 

Ptitifulbreak

Commendable
Apr 11, 2019
20
0
1,510
That means that when your router was pinged it did not respond. Instead of the very large orange button click on the thin silver bar that says all service ports. Then you will actually see the result for the first 1056 ports. You can also scan specific port ranges.

Unfortunately, being a free tool it will not do a full 0 through 65535 port scan.

There is another useful free tool you can download from HERE that you can run from one of your local machines to map all open ports so that you know for sure which are indeed open.
I did find and do the individual port scans and those all passed.
 
A Freefixer scan will easily display what ports are open/listening and which applications are associated with said open ports....(it also displays 30+ ports which are 'whitelisted' and not subject to intervention)...

www.freefixer.com

Nirsoft's CurrPorts also lists an informative list of all local ports and current usage by process ID/application name...

https://www.nirsoft.net/utils/cports.html
 
Solution

Ptitifulbreak

Commendable
Apr 11, 2019
20
0
1,510
A Freefixer scan will easily display what ports are open/listening and which applications are associated with said open ports....(it also displays 30+ ports which are 'whitelisted' and not subject to intervention)...

www.freefixer.com

Nirsoft's CurrPorts also lists an informative list of all local ports and current usage by process ID/application name...

https://www.nirsoft.net/utils/cports.html
Thanks, I will check these out.