How to close all the ports in ubuntu except those I need them

https://askubuntu.com/questions/843395/how-to-close-all-the-ports-in-ubuntu-except-those-i-need-them

You can usenmapto show you all open ports.

Open a terminal and install thenmapapplication:

sudo apt install nmap

The nmap man pages can be brought up usingman nmapwhich can show you all the commands you can use after it is installed.

After it is installed,you can scan all the ports that are open on your host with the-pswitch ofnmaplike the following (I set it to scan all ports from 1 to 65535):

terrance@terrance-ubuntu:~$ nmap -p1-65535 10.0.0.100

Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-29 23:28 MDT
Nmap scan report for terrance-ubuntu.local (10.0.0.100)
Host is up (0.00025s latency).
Not shown: 65522 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
25/tcp    open  smtp
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
902/tcp   open  iss-realsecure
1936/tcp  open  unknown
10000/tcp open  snet-sensor-mgmt
17500/tcp open  db-lsp
32400/tcp open  unknown
32469/tcp open  unknown
33400/tcp open  unknown
33443/tcp open  unknown

You can kill the process that has the port open like webmin (or port 10000) on my list,or you can useiptablesto create a simple rule toDROPthe packets to that port for the time being until next reboot (If you want them permanent you might want to install theiptables-persistentpackage):

sudo iptables -A INPUT -p tcp --dport 10000 -j DROP

Then if you want to add it back for this session,delete the rule:

sudo iptables -D INPUT -p tcp --dport 10000 -j DROP

Examples below:

terrance@terrance-ubuntu:~$ sudo iptables -A INPUT -p tcp --dport 10000 -j DROP

terrance@terrance-ubuntu:~$ nmap -p1-65535 10.0.0.100
Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-29 23:49 MDT
Nmap scan report for terrance-ubuntu.local (10.0.0.100)
Host is up (0.00028s latency).
Not shown: 65522 closed ports
PORT      STATE    SERVICE
21/tcp    open     ftp
22/tcp    open     ssh
25/tcp    open     smtp
139/tcp   open     netbios-ssn
445/tcp   open     microsoft-ds
902/tcp   open     iss-realsecure
1936/tcp  open     unknown
10000/tcp filtered snet-sensor-mgmt
17500/tcp open     db-lsp
32400/tcp open     unknown
32469/tcp open     unknown
33400/tcp open     unknown
33443/tcp open     unknown

Nmap done: 1 IP address (1 host up) scanned in 4.13 seconds

terrance@terrance-ubuntu:~$ sudo iptables -D INPUT -p tcp --dport 10000 -j DROP

terrance@terrance-ubuntu:~$ nmap -p1-65535 10.0.0.100
Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-29 23:49 MDT
Nmap scan report for terrance-ubuntu.local (10.0.0.100)
Host is up (0.00027s latency).
Not shown: 65522 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
25/tcp    open  smtp
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
902/tcp   open  iss-realsecure
1936/tcp  open  unknown
10000/tcp open  snet-sensor-mgmt
17500/tcp open  db-lsp
32400/tcp open  unknown
32469/tcp open  unknown
33400/tcp open  unknown
33443/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 4.10 seconds

Hope this helps!

相关文章

1.安装过程出现0x00000000指令引用的0x00000000内存该内存不能为written 如果你安装的是inux系统 需要在...
写在全面:如果根据以下教程涉及到只读文件需要更改文件权限才能需修改文件内容,参考我的另一篇博客:...
写在前面:以下步骤中需要在终端输入命令,电脑端查看博客的朋友可以直接复制粘贴到终端,手机端查看的...
ubuntu16.04和18.04更换国内源 写在前面:安装好ubuntu双系统后,默认的软件更新源是国外的,在国内使用...
ubuntu双系统启动时卡死解决办法(在ubuntu16.04和18.04测试无误) 问题描述: 在安装完ubuntu双系统后...
又来造轮子了。。。。。。。。。。。。。。。。 今天使用w3af向文件中写入的时候,发现没有write权限,...