How to close a port in Linux

0 votes
I'm working on securing my Linux server by closing any unnecessary open ports. What are the steps to close a port, and are there specific tools or commands I should use? Should I be aware of any best practices or potential risks when closing ports, especially on a production server?

Insights on securely closing ports without affecting necessary services would be helpful.
Nov 13, 2024 in Cyber Security & Ethical Hacking by Anupam
• 10,590 points
104 views

1 answer to this question.

0 votes

Closing ports in Linux is essential for reducing your server’s attack surface and securing the system from unauthorized access. The following procedures, resources, and best practices outline how to securely close ports on a Linux server:

1. Identify Open Ports

  • Before closing ports, identify which ports are currently open and determine which ones are unnecessary.
  • Use netstat, ss, or lsof to list open ports:
sudo netstat -tuln

or

sudo ss -tuln

2. Close Ports Using Firewall Rules

  • iptables: On servers using iptables, you can block incoming traffic on a specific port:
sudo iptables -A INPUT -p tcp --dport PORT_NUMBER -j DROP

Replace PORT_NUMBER with the port you want to close.

  • firewalld: On systems using firewalld, you can use this command to remove a port from the public zone:
sudo firewall-cmd --zone=public --remove-port=PORT_NUMBER/tcp --permanent
sudo firewall-cmd --reload
  • ufw: For servers using ufw, you can deny access to a specific port:
sudo ufw deny PORT_NUMBER

3. Stop or Disable the Service Using the Port

  • If a service you don’t need is listening on an open port, it’s best to stop or disable the service itself rather than just blocking the port.
  • Use systemctl to check the status and stop a service:
sudo systemctl status SERVICE_NAME
sudo systemctl stop SERVICE_NAME
sudo systemctl disable SERVICE_NAME

4. Check for Effectiveness

  • After applying firewall rules or stopping services, check that the port is closed:
sudo netstat -tuln | grep PORT_NUMBER

or 

sudo ss -tuln | grep PORT_NUMBER

Be careful when closing ports related to core services. Accidentally closing SSH can lock you out, so ensure you have alternative access or know how to revert settings in case of an error.

answered Nov 13, 2024 by CaLLmeDaDDY
• 18,160 points

Related Questions In Cyber Security & Ethical Hacking

0 votes
0 answers

How to track deleted log files in a compromised Linux system?

After a suspected security incident, I discovered ...READ MORE

2 days ago in Cyber Security & Ethical Hacking by Anupam
• 10,590 points
15 views
0 votes
0 answers

How to check integrity of a file in Linux?

I want to verify whether a file ...READ MORE

1 day ago in Cyber Security & Ethical Hacking by Anupam
• 10,590 points
16 views
0 votes
1 answer
0 votes
1 answer
+1 vote
1 answer

How do you decrypt a ROT13 encryption on the terminal itself?

Yes, it's possible to decrypt a ROT13 ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 18,160 points
363 views
+1 vote
1 answer

How does the LIMIT clause in SQL queries lead to injection attacks?

The LIMIT clause in SQL can indeed ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 18,160 points
395 views
+1 vote
1 answer

Is it safe to use string concatenation for dynamic SQL queries in Python with psycopg2?

The use of string concatenation while building ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 18,160 points
250 views
+1 vote
1 answer
0 votes
1 answer

How to script a privilege escalation attack simulation in Linux?

Simulating a privilege escalation attack in Linux ...READ MORE

answered Feb 19 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 18,160 points
55 views
+1 vote
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP