Visit Jeremy's Blog.
Go Back > Forums > Non-*NIX Forums > General
User Name
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!


  Search this Thread
Old 08-08-2005, 03:18 PM   #1
Mr. New
Registered: Oct 2004
Distribution: Kubuntu and Mac OS X
Posts: 80

Rep: Reputation: 15
whats the dangers of leaving a port open?

I'm wondering if there are any dangers in leaving a port open? I have bittorrent running and would like to know if there are any serious security issues with it.
Old 08-08-2005, 04:14 PM   #2
LQ Guru
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 232Reputation: 232Reputation: 232
Anything can potentially exploit your machine. Just think of it this way, your connected and that's all that is needed for some to crack open your machine.. A truly secure machine is one that isn't powered on..
Old 08-09-2005, 04:37 PM   #3
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,567

Rep: Reputation: 164Reputation: 164
Open port means there's a program listening on that port. Programs are usually buggy. Bugs can be usually exploited... Results are not good.
Old 08-09-2005, 05:18 PM   #4
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 7,009

Rep: Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125Reputation: 2125
Are there any dangers? Technically, no. Every process on your computer that is supposed to be providing any sort of service to your internal network or to the Internet (by-definition) must "have a port open." The term simply means that a process is listening for connections on that port.

The questions is, do you know...
  • Why a process is running on your computer, and listening to that port?
  • Which process it is?
  • How that process is configured? (Is it set up correctly? Is it vulnerable?)
  • Who it is listening to? (Is it listening to "the whole Internet" or just to your internal network?
  • Whether the incoming traffic is encrypted? Validated as to source?
The typical problem is that many people just drag a public distro "out of the box," configure it according to the defaults (which usually drags in just about everything except the kitchen-sink), attach it to the Internet without a single firewall ... and thus really don't know what in the heck it's doing or why.

"Script kiddies" perform automated searches for computers like this. Among tens of millions of addresses, simple probability says that an exploitable number of systems will be found.

It is almost trivially simple to protect your system, if you actually do it. Many cat-burglars have testified that they never had to break down a door or defeat a burglar alarm: they simply went from door to door, say pretending to be delivering newspapers, and twisted the doorknob to see if the door was unlocked. (If it was, then of course the alarm was off, too.) If so, they simply walked inside, found the lady's dresser, scooped a handful of jewelry into their "newspaper" bag, closed the door and went on to the next house. Exactly the same strategy works well on the Internet!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 08:44 AM
leaving a machine on 24/7. whats the impact on hardware life-span ??? qwijibow Linux - Hardware 8 01-23-2005 07:12 PM
whats my serial port? surrealism Linux - Newbie 2 04-24-2004 08:26 AM
Need to know whats running on port 21 gr8razorx Linux - Networking 5 12-05-2003 12:19 PM
whats the open command? zexter Linux - General 17 11-02-2003 12:57 AM

All times are GMT -5. The time now is 11:28 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration