How to close all the ports in ubuntu except those I need them

https://askubuntu.com/questions/843395/how-to-close-all-the-ports-in-ubuntu-except-those-i-need-them

up vote
down vote

You can usenmapto show you all open ports.

Open a terminal and install thenmapapplication:

sudo apt install nmap

The nmap man pages can be brought up usingman nmapwhich can show you all the commands you can use after it is installed.

After it is installed,you can scan all the ports that are open on your host with the-pswitch ofnmaplike the following (I set it to scan all ports from 1 to 65535):

terrance@terrance-ubuntu:~$ nmap -p1-65535 10.0.0.100

Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-29 23:28 MDT
Nmap scan report for terrance-ubuntu.local (10.0.0.100)
Host is up (0.00025s latency).
Not shown: 65522 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
25/tcp    open  smtp
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
902/tcp   open  iss-realsecure
1936/tcp  open  unknown
10000/tcp open  snet-sensor-mgmt
17500/tcp open  db-lsp
32400/tcp open  unknown
32469/tcp open  unknown
33400/tcp open  unknown
33443/tcp open  unknown

You can kill the process that has the port open like webmin (or port 10000) on my list,or you can useiptablesto create a simple rule toDROPthe packets to that port for the time being until next reboot (If you want them permanent you might want to install theiptables-persistentpackage):

sudo iptables -A INPUT -p tcp --dport 10000 -j DROP

Then if you want to add it back for this session,delete the rule:

sudo iptables -D INPUT -p tcp --dport 10000 -j DROP

Examples below:

terrance@terrance-ubuntu:~$ sudo iptables -A INPUT -p tcp --dport 10000 -j DROP

terrance@terrance-ubuntu:~$ nmap -p1-65535 10.0.0.100
Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-29 23:49 MDT
Nmap scan report for terrance-ubuntu.local (10.0.0.100)
Host is up (0.00028s latency).
Not shown: 65522 closed ports
PORT      STATE    SERVICE
21/tcp    open     ftp
22/tcp    open     ssh
25/tcp    open     smtp
139/tcp   open     netbios-ssn
445/tcp   open     microsoft-ds
902/tcp   open     iss-realsecure
1936/tcp  open     unknown
10000/tcp filtered snet-sensor-mgmt
17500/tcp open     db-lsp
32400/tcp open     unknown
32469/tcp open     unknown
33400/tcp open     unknown
33443/tcp open     unknown

Nmap done: 1 IP address (1 host up) scanned in 4.13 seconds

terrance@terrance-ubuntu:~$ sudo iptables -D INPUT -p tcp --dport 10000 -j DROP

terrance@terrance-ubuntu:~$ nmap -p1-65535 10.0.0.100
Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-29 23:49 MDT
Nmap scan report for terrance-ubuntu.local (10.0.0.100)
Host is up (0.00027s latency).
Not shown: 65522 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
25/tcp    open  smtp
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
902/tcp   open  iss-realsecure
1936/tcp  open  unknown
10000/tcp open  snet-sensor-mgmt
17500/tcp open  db-lsp
32400/tcp open  unknown
32469/tcp open  unknown
33400/tcp open  unknown
33443/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 4.10 seconds

Hope this helps!

How to close all the ports in ubuntu except those I need them

相关文章