How to Block Ports on a Computer

A TCP or UDP port is the way that specific information gets passed into and out of a computer. For example, port 80 is used for HTTP traffic. Port numbers range from 0 to 65535 with ports 0 to 1024 reserved for specific types of traffic. When ports are not in use, they are a security risk. Traffic can get in and out without your knowledge. Blocking ports keeps unwanted traffic from passing through.

Young businesswoman eating lunch at desk
credit: Siri Stafford/Digital Vision/Getty Images

Windows XP or Windows Server 2003

Step

Download the \"Netdiag.exe\" utility from the Microsoft website.

Step

Install the utility.

Step

Open a Command Prompt window which will be found under the \"Accessories\" submenu of the \"Start\" menu.

Step

Type the command \"cd C:\Program Files\System Tools\" folder.

Step

Type the command \"netdiag /test:ipsec\" to check that there are no policies already in place.

Step

Type the command \"IPSeccmd.exe -w REG -p \"Block Filter\" -r \"Block Rule\" -f *=0: -n BLOCK –x\" to create a filter that blocks a particular port. Replace \"\" with the protocol and port number that is to be blocked (e.g. \"TCP 80\"). Replace \"\" with either \"Inbound\" or \"Outbound\" depending on whether you want to block inbound or outbound traffice. Replace \"\" with the port number and protocol (e.g. \"80:TCP\").

Step

Type the command \"netdiag /test:ipsec /debug\" to verify that the filter has been created.

Linux

Step

Open a terminal window. This is where you will type the following commands.

Step

Type the command \"su\" to switch to the root user.

Step

Type the command \"iptables -A INPUT -p tcp --destination-port -j DROP\" to block a particular port. Replace \"\" with the port number you want to block. For example, \"iptables -A INPUT -p tcp --destination-port 80 -j DROP\" will block port 80 for all traffic.

Step

Type the command \"exit\" to close the root session.