Unfortunately you can only open a port on Windows when running with administrative privileges.

http://msdn.microsoft.com/en-us/library/ms740548%28v=VS.85%29.aspx

To use a socket of type SOCK_RAW requires administrative privileges. Users running Winsock applications that use raw sockets must be a member of the Administrators group on the local computer, otherwise raw socket calls will fail with an error code of WSAEACCES. On Windows Vista and later, access for raw sockets is enforced at socket creation. In earlier versions of Windows, access for raw sockets is enforced during other socket operations.

Raw sockets offer the capability to manipulate the underlying transport, so they can be used for malicious purposes that pose a security threat. Therefore, only members of the Administrators group can create sockets of type SOCK_RAW on Windows 2000 and later.

edit: If you have access to the machine as admin, you can use netsh http://technet.microsoft.com/en-us/library/cc725935(v=ws.10).aspx to permit certain user opening a port.

netsh http add urlacl url=http://+:80/Uri user=DOMAIN\User listen=yes

I've found a solution. Please correct me if there is another best practice I could follow!

I've added an 'Enable' and 'Disable' buttons to the client application that runs netsh to open (or close) and reserve a port.

Enable

Process process = new Process();
process.StartInfo = new ProcessStartInfo("netsh", @"http add urlacl url=http://+:" + PortNumber + @"/ user=DOMAIN\username");
process.StartInfo.Verb = "runas";
process.Start();
process.WaitForExit();

Disable

Process process = new Process();
process.StartInfo = new ProcessStartInfo("netsh", "http delete urlacl url=http://+:" + PortNumber + "/");
process.StartInfo.Verb = "runas";
process.Start();
process.WaitForExit();