All computers connecting to the Internet (using TCP/IP) use different "ports" to establish connections and communicate with other network devices. There are 65535 TCP and 65535 UDP ports available for connections. (For additional information on ports, see:
What are ports and protocols ?) If you run some type of server, the service opens a certain port on your computer and accepts connections to it. Even when not running servers, if someone attempts to connect to an arbitrary port on your computer, they get a reply back that the port is closed.
For example, if someone types your IP/hostname in their Web browser, they try to connect to port 80 on your computer (that's the default for www traffic). Your computer in turn responds whether the port is open (if you run a web server), closed (no server on this port)... Or, there is a third possibility that your computer is behind a firewall and does not respond at all (the port is filtered, and your computer does not appear to exist).
A portscan is very similar in functionality to the above example. It attempts to connect to certain ports on your end in order to determine whether/which ports accept a connection.
What this means is that a portscan by itself is not an attack, rather probing for what services and ports are open on your end. The results of such a scan however could possibly be used against you.
We do offer a free security audit in the form of a portscan of commonly exploited ports. Some ports are open by default and can't be closed unless a firewall is used.
