How to secure Linux Open Ports

sohail
sohail

Table of Contents

Securing Linux open ports is important to protect it from threats. Learn the steps to ensure your computer has its ports securely open, find open ports using open ports checker and configure them to be secure.

Find Open Ports

It is very important to know what ports are open on the computer. This will allow you to ensure those ports are secure, all open ports are necessary and have minimal security risks. If you want to find out the open ports, you can use a tool like nmap to scan your computer for open ports. You can then use this information to configure the firewall on the Linux system to block all unnecessary ports.

nmap — Best open ports checker

Nmap is a popular open-source tool used for network exploration and security auditing. It can scan networks and find open ports, services running on those ports, and the operating system running on the networked devices.

To use Nmap to find open ports on a network, you can follow these steps –

Install Nmap on your system. You can download it from the official Nmap website or install it using your package manager.

Open a terminal window and run the following command to scan for open ports on a specific IP address:

nmap

For example, to scan the IP address 192.168.1.1, you would run the:

nmap 192.168.1.1

By default, Nmap will perform a basic scan that checks for the most common ports used by common services. If you want to scan for all ports, you can add the -p- option:

nmap -p-

Once the scan is complete, Nmap will list open ports and the services running on those ports. You can use this information to identify potential vulnerabilities and secure your network.

9 Steps To Prevent Phishing Attacks

Internet pirates steal personal financial information using a new sort of Internet piracy known as “phishing,” which is pronounced “fishing,” and that is exactly what these hackers are doing: “fishing” for your personal financial information.

Use Zenmap to find open ports

Scanning open ports with nmap is simple, but if you want an easier tool, use Zenmap, the graphical interface for nmap.

Zenmap is available in almost all Linux distributions repository, so use the package manager to install it.

Install Zenmap
Install Zenmap

Once installed, enter the target IP address to scan all open ports. For local computers, use 127.0.0.1.

Zenmap scan open ports
Zenmap scan open ports

Use lsof to find open ports

We can also use lsof, a command-line utility, to find all open ports on our Linux server. Use the following command to list all the open network connections –

sudo lsof -i -P -n | grep LISTEN

Block Unnecessary Services on the Host System

One of the easiest ways to secure Linux open ports is to block unnecessary services on the host computer. All unnecessary services running on the machine can leave ports open and accessible to potential attackers.

First, review the list of services currently running, then disable or uninstall any unnecessary or potentially dangerous services. This will help reduce opportunities for potential exploits and keep your system safe.

Remember that sometimes killing or terminating a service might be a good idea to stop the connections to/from an open port, but it’s only temporary. The service will communicate through open ports if it is set up to auto-start. So if you do not need a process, remove the package that created the process instead of killing it.

kill PID

If you open the port manually for a specific service, you must close the port by dropping all the network packets.

For example, if you installed an FTP server without using it, the FTP port 21 is open. You can manually uninstall the FTP server and close the FTP port using iptable.

sudo iptables -A INPUT -p tcp --dport 21 -j DROP

Change Default Passwords on Any Accessible services

You must change the default passwords to access any services that cannot be uninstalled. Attackers are always looking for opportunities to take advantage of machines with default settings, so updating passwords and usernames is a key step in securing Linux open ports. Updating credentials regularly can also provide an extra layer of security.

Remove or Restrict Access to Unnecessary and Sensitive Files and Directories

After all services have been secured; it’s important to ensure access to unnecessary and sensitive files and directories is removed or restricted. Any files or folders containing confidential information should be protected with the highest level of security by setting up strong authentication methods such as two-factor authentication.

If a service is not being used, you can disable it or enable restrictive permissions on the file\ system to protect your Linux device further.

We have written an article on Linux file permissions. Please read it carefully and make it a habit of setting up correct directory/file permissions.

Top Private & Secure Email Providers

When it comes to email providers, some popular names that come to mind are Gmail, Microsoft Outlook, Yahoo Mail, iCloud, and so on. In this article, I will discuss the top private and secure email service providers in 2023.

Use Firewalls and Port Forwarding for Optimal Protection On Remote-Access Services

If you allow people to access your device remotely, set up firewalls and port forwarding for the services. To protect the service from possible attackers, configure a firewall to restrict access from unwanted sources by setting rules based on an IP address or domain name and enable a secure authentication method such as two-factor authentication.

Also, use port forwarding for good measure and redirect any incoming traffic to the ports required for the service. This helps improve security and reduce the chances of unnecessary data leakage.

We can use iptables` for port forwarding –

sudo iptables -t nat -A PREROUTING -p tcp --dport <source_port> -j DNAT --to-destination <destination_IP_address>:<destination_port>

Conclusion

All open ports on a computer network are open doors for attackers to sniff into. The least open ports have the lowest chance of attackers exploiting any vulnerability to get into the system.

Monitoring ports’ status is a healthy habit of keeping the server secure. Use iptables, ufw or other firewalls to close unnecessary open ports. If you need help with any article section, please let me know in the comment section.

Uncategorizedhow-to