Network Security Basic Training Series: Programs, Ports and Services
In this fourth article of the series, we continue to explore some of the basic ways that businesses of all sizes can keep their computer systems safer. We will discuss the topic of programs, ports and services.
Many computer users are very unaware of the various programs that may be running on their computer. Whether it be that they installed the program months or years ago and have now forgotten it was there, or maybe it’s that they know about the program but they don’t use it regularly.
It could also be that they use the program every day but they don’t know enough about computers to know how it works and whether or not it is leaving their system open to hackers and malware.
If you are unsure of what programs are installed on your computer, go look. If you use a Windows based system, navigate to the Control Panel and look under Programs and Features to see a list of programs that are currently installed on your system.
Caution – before you proceed – be sure you have a good backup of your PC – just in case!
The Control Panel is a good place to check for unknown or unwanted programs that can be uninstalled, but be careful, some of the things listed here are utilities and drivers that make your PC work – so if you accidentally remove those items, you could make your PC not work any longer.
A good piece of advice is to sort this list by the date that it was installed on, and examine the list from the most recently installed to the items that were installed a long time ago.
Look for programs that just plain “look strange” to you – such as printer drivers for printers you don’t have connected to your PC, or coupon printers that you don’t recall installing, or other applications that make absolutely no sense to you.
The other thing to focus on when reviewing this list are applications that you may have once installed for a reason but no longer use or need. If you don’t need to use them, remove them.
This will save space on your hard drive and will help you as we progress through the review of the remaining items in this article.
If you do decide to uninstall some programs, you should reboot your system after you are done.
When we discuss ports, we are discussing TCP and UDP ports. A good definition from WikiPedia on what ports are can be found here.
Knowing what ports are open and listening for traffic to/from your PC is a big part of computer security. For example, if you happen to be running an FTP server on your PC but don’t know it, you could be exposing holes on your PC that others (hackers) could use to get into your system and get data out of it.
One way to find out what ports your computer is listening on is to use the NETSTAT command – this article explains this method.
If you are comfortable with computers and want a more comprehensive test that you can run on your own, using the NMAP utility is a favorite choice for many. Using the NMAP utility will not only tell you what ports are open on a system, but the utility will also try to determine the operating system of the device that is tested.
This utility is a great way to inventory all the devices on your home or corporate network as well (if used on a corporate network, be sure you have permission to use it before you start scanning the network!).
Services go along with programs that are installed on your computer, and by reviewing what services are running, you can learn a lot about your system and potentially speed things up a bit too. To review services on a Windows based system, go to Computer Management, and click the Services link.
From here you will see a list of services and their status (Running or Not) along with information about the service (usually) and the user account that the service runs under.
Before disabling any running services, be sure you know what you are disabling. From this screen you can also disable certain services from reloading the next time you start your computer, and by doing so, you may speed up the overall performance of your system.
Be careful though, as with programs, these services may be needed to run your computer, so be sure you know what you are disabling before you do it.
In summary, it is best practice to know what programs are installed don your computer and to uninstall the ones that you don’t need anymore. It’s also good to know what ports and services are running on your PC.
Doing all of the steps above doesn’t mean that a virus or a hacker cannot get into your computer, but by not checking your system periodically for things that just “look weird”, you are simply asking for trouble.
In future articles we will discuss more topics that can help you keep your system and your data safer.
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.