Can i block these ports without any trouble?

In my firewall these ports are "open" or "listen"

Do i need all of those in my environment.

*Home network PC
*Gaming with Steam service
*Firefox - normal daily browser

Process |      Service |      Protocol |  Local port | Local address |  Remote port | Remote address |      State



Best regards
 

Edited by Pajajn, 13 June 2022 - 08:49 AM.

Open and listen are all in the localhost  (0.0.0.0 and 127.0.0.1 and ::1 and :: ) or loopback. See  https://en.wikipedia.org/wiki/Localhost So this is very normal and much needed for computer functionality. Do not block (windows firewall does not block localhost by default configuration). These IPs are not internet connected by any means and are just used for the computer itself. And these ports are very much needed, so do not block.

169.254.x.x is an address given by the computer itself when the DHCP server (router or gateway) can not be connected and therefore could not get a proper IP address.  https://www.quora.com/What-would-the-IP-address-169-254-x-x-signify

Edited by 0lds0d, 13 June 2022 - 11:35 AM.

A list of ports... https://social.technet.microsoft.com/wiki/contents/articles/1772.windows-ports-protocols-and-system-services.aspx and these previously listed ports (as seen in your uploaded image) are all related to window processes and windows services. Nothing nefarious or incorrect is happening.

A port/service list is seen in C:\Windows\System32\drivers\etc\services Open this service file with the notepad to view.

In my firewall these ports are "open" or "listen"

Do i need all of those in my environment.

*Home network PC
*Gaming with Steam service
*Firefox - normal daily browser

Process |      Service |      Protocol |  Local port | Local address |  Remote port | Remote address |      State



Best regards
 

You don't need to make exceptions for any of them in your firewall ruleset.

This is the pf rulest I'm using on the machine I'm posting from and everything works as it should:

### Macro name for external interface

ext_if = "em0"
netbios_tcp = "{ 22, 23, 25, 80, 110, 111, 123, 512, 513, 514, 515, 6000, 6010, 8000, 8080 }"

netbios_udp = "{ 123, 512, 513, 514, 515, 5353, 6000, 6010 }"
 
### Default deny everything

block log all



### Pass loopback

set skip on lo0



### Block spooks

antispoof for lo0

antispoof for $ext_if inet

block in from no-route to any

block in from urpf-failed to any

block in quick on $ext_if from any to 255.255.255.255

block in log quick on $ext_if from { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 255.255.255.255/32 } to any



### Block all IPv6

block in quick inet6 all

block out quick inet6 all


### Block to and from port 0

block quick proto { tcp, udp } from any port = 0 to any

block quick proto { tcp, udp } from any to any port = 0



### Block specific ports

block in quick log on $ext_if proto tcp from any to any port $netbios_tcp

block in quick log on $ext_if proto udp from any to any port $netbios_udp



### Keep and modulate state of outbound tcp, udp and icmp traffic

pass out on $ext_if proto { tcp, udp, icmp } from any to any modulate state