To perform testing of open ports using a port scanner, you will need Nmap port scanner installed on your system.
Although you want to close any unnecessary ports, ports are opened to provide a benefit to users. Enabling the Windows Firewall and closing ports will reduce the utility of a system, and many potentially desirable features of a system will no longer function. You must proceed cautiously and test the system to ensure the desirable features are still functional while making sure that you’ve closed as many ports as you can.
Procedure: You will implement Windows Firewall and close ports that aren’t required for the given requirements of the system. You will then test the system both internally and externally and confirm that you’ve achieved the desired results.
At the command prompt, type: netstat -a -n -o
This command displays all open ports and connections, places them in numeric or alphabetic order and shows the process ID (PID) that opened the port.
C:\>netstat -a -n -o
By comparing the PID value in the results from the netstat command to the PID value in Task Manager, you can identify which processes opened which ports as well as who launched the process.
To take a look at how the system appears from outside the firewall from an external system looking at the firewall, use Nmap:
Open a command window:
At the C:\prompt, enter:
nmap -sS -O <IP address of the system>
This command tells your machine to run a port scan on the system of the IP address, use Stealth Scan mode, and attempt to identify the operating system.
Notice which ports report back as open. If other ports are open identify their sources and determine whether they are desirable or undesirable. If undesirable, then disable the applications and services related to these ports and reconfigure the Windows firewall to block these ports correctly.