Are there any dangers?
Technically, no. Every process on your computer that is supposed
to be providing any sort of service to your internal network or to the Internet (by-definition) must
"have a port open." The term simply means that a process is listening for connections on that port.
The questions is, do you know...
- Why a process is running on your computer, and listening to that port?
- Which process it is?
- How that process is configured? (Is it set up correctly? Is it vulnerable?)
- Who it is listening to? (Is it listening to "the whole Internet" or just to your internal network?
- Whether the incoming traffic is encrypted? Validated as to source?
The typical problem is that many people just drag a public distro "out of the box," configure it according to the defaults (which usually drags in just about everything except the kitchen-sink), attach it to the Internet without a single firewall ... and thus really don't know what in the heck it's doing or why.
"Script kiddies" perform automated
searches for computers like this. Among tens of millions of addresses, simple probability says that an exploitable number of systems will
It is almost trivially simple to protect your
you actually do
it. Many cat-burglars have testified that they never had to break down a door or defeat a burglar alarm: they simply went from door to door, say pretending to be delivering newspapers, and twisted the doorknob to see if the door was unlocked. (If it was, then of course the alarm was off, too.) If so, they simply walked inside, found the lady's dresser, scooped a handful of jewelry into their "newspaper" bag, closed the door and went on to the next house. Exactly
the same strategy works well on the Internet!