CurrPorts is a free, standalone network monitoring utility by NirSoft that displays a live list of all currently opened TCP/IP and UDP ports on your local Windows computer. Closing unwanted ports using this utility involves terminating active, unauthorized connections or killing the processes bound to those network sockets.
Here is the step-by-step guide to managing and closing unwanted ports using CurrPorts. Step 1: Download and Set Up CurrPorts
Download the utility from the official NirSoft homepage, ensuring you select the 64-bit version if your Windows architecture supports it.
Extract the downloaded ZIP archive; the utility is portable and can be run directly without installation.
Open cports.exe with administrative privileges by right-clicking and selecting Run as administrator to ensure you can close connections and kill protected processes. Step 2: Configure the Display for Real-Time Tracking
Press Alt + 1 immediately upon opening the app to change the refresh interval to 1 second for live, real-time monitoring.
Press Ctrl + Plus (on the numeric keypad) to automatically resize columns so all network data is fully legible.
Go to View > Choose Columns to rearrange data, and ensure columns like Process Name, Local Port, and Process Path are grouped on the left. Step 3: Identify Unwanted or Suspicious Ports
Look for rows highlighted in pink; CurrPorts automatically flags open TCP/UDP ports owned by unidentified applications lacking version info or icons.
Analyze the Local Port column to see which network entry points are open (e.g., common targets like port 135 or 445).
Double-click any suspicious row to view a dedicated property sheet summarizing the file description, product name, and the exact user account that initiated it. Step 4: Close the Connection or Kill the Process
CurrPorts offers two primary methods for dealing with an unwanted port depending on your objective:
Disconnect an Active Connection (Soft Close): Select the suspicious line and click File > Close Selected TCP Connections (or press Ctrl + X). This severs the connection instantly, though the host application may attempt to reopen it later.
Terminate the Hosting Program (Hard Close): Select the entry and click File > Kill Processes Of Selected Ports (or press Ctrl + T). This completely terminates the underlying executable file, permanently closing the network port until the application is manually relaunched. Step 5: Prevent the Port from Reopening
Note the path listed in the Process Path column for any malware or unwanted software you terminated.
Delete or uninstall the application to prevent it from spinning back up.
Open the Windows Defender Firewall and create a new Inbound Rule to explicitly block the specific port number if the application is a required core system service that cannot be uninstalled.
If you want to dive deeper into securing your system, let me know:
What specific port numbers or process names look suspicious to you?
Leave a Reply