How to Block Ports in Windows and Ubuntu Firewalls

YOUSSEF MOSSTAKIM
How to Block Ports in Windows and Ubuntu Firewalls

How to Block Ports in Windows and Ubuntu Firewalls

Blocking unused or vulnerable ports is an essential step in securing your system from cyber threats. Hackers often exploit open ports to gain unauthorized access, spread malware, or launch attacks. In this guide, we'll walk you through blocking ports using Windows Firewall and Ubuntu UFW (Uncomplicated Firewall).

Understanding Ports and Why You Should Block Them

Network ports are communication endpoints used by services and applications to send and receive data. Some common ports include:

  • 22 (SSH) – Remote login on Linux
  • 80 (HTTP) – Web browsing
  • 443 (HTTPS) – Secure web browsing
  • 3389 (RDP) – Remote Desktop Protocol

If a port is open and not in use, it becomes an easy target for attackers. Blocking these ports can prevent brute-force attacks, unauthorized access, and malware infections.

Blocking a Port in Windows Firewall

Windows Firewall allows you to block incoming and outgoing connections through a graphical interface or command line.

Method 1: Using Windows Defender Firewall GUI

  1. Press Win + R, type firewall.cpl, and press Enter.
  2. Click on Advanced settings.
  3. In the left panel, select Inbound Rules (or Outbound Rules for outgoing connections).
  4. Click New Rule.
  5. Select Port and click Next.
  6. Select TCP or UDP, then enter the port number (e.g., 3389 for RDP).
  7. Select Block the connection and click Next.
  8. Apply the rule to Domain, Private, and Public profiles.
  9. Give the rule a name (e.g., "Block RDP") and click Finish.

Method 2: Using Command Prompt (Netsh)

For a faster approach, you can use the command line:

netsh advfirewall firewall add rule name="Block RDP" dir=in action=block protocol=TCP localport=3389

This will block incoming connections on port 3389 (RDP). Replace 3389 with any port you want to block.

Blocking a Port in Ubuntu (UFW Firewall)

UFW (Uncomplicated Firewall) is the default firewall tool for Ubuntu. You can use it to block specific ports quickly.

Method 1: Blocking a Port

To block an incoming port (e.g., SSH on port 22), use:

sudo ufw deny 22

Method 2: Blocking a Port for a Specific IP

If you want to block access only for a particular IP address, use:

sudo ufw deny from 192.168.1.100 to any port 22

Method 3: Blocking Multiple Ports

You can block a range of ports using:

sudo ufw deny 3000:4000/tcp

Method 4: Blocking Outgoing Traffic on a Port

If you want to stop applications from using a certain port:

sudo ufw deny out to any port 80

Checking and Managing Firewall Rules

To check active rules in Windows:

netsh advfirewall firewall show rule name=all

To list active rules in Ubuntu:

sudo ufw status numbered

To delete a rule in Ubuntu, find the rule number and run:

sudo ufw delete NUM

Conclusion

Blocking unused ports is a crucial step in securing your system from cyber threats. Whether you’re using Windows or Ubuntu, following these steps will help you reduce vulnerabilities and improve your overall cybersecurity.

Stay safe and secure! 🚀