How to close a port in Linux

0 votes
I'm working on securing my Linux server by closing any unnecessary open ports. What are the steps to close a port, and are there specific tools or commands I should use? Should I be aware of any best practices or potential risks when closing ports, especially on a production server?

Insights on securely closing ports without affecting necessary services would be helpful.
Nov 13 in Cyber Security & Ethical Hacking by Anupam
• 5,390 points
28 views

1 answer to this question.

0 votes

Closing ports in Linux is essential for reducing your server’s attack surface and securing the system from unauthorized access. The following procedures, resources, and best practices outline how to securely close ports on a Linux server:

1. Identify Open Ports

  • Before closing ports, identify which ports are currently open and determine which ones are unnecessary.
  • Use netstat, ss, or lsof to list open ports:
sudo netstat -tuln

or

sudo ss -tuln

2. Close Ports Using Firewall Rules

  • iptables: On servers using iptables, you can block incoming traffic on a specific port:
sudo iptables -A INPUT -p tcp --dport PORT_NUMBER -j DROP

Replace PORT_NUMBER with the port you want to close.

  • firewalld: On systems using firewalld, you can use this command to remove a port from the public zone:
sudo firewall-cmd --zone=public --remove-port=PORT_NUMBER/tcp --permanent
sudo firewall-cmd --reload
  • ufw: For servers using ufw, you can deny access to a specific port:
sudo ufw deny PORT_NUMBER

3. Stop or Disable the Service Using the Port

  • If a service you don’t need is listening on an open port, it’s best to stop or disable the service itself rather than just blocking the port.
  • Use systemctl to check the status and stop a service:
sudo systemctl status SERVICE_NAME
sudo systemctl stop SERVICE_NAME
sudo systemctl disable SERVICE_NAME

4. Check for Effectiveness

  • After applying firewall rules or stopping services, check that the port is closed:
sudo netstat -tuln | grep PORT_NUMBER

or 

sudo ss -tuln | grep PORT_NUMBER

Be careful when closing ports related to core services. Accidentally closing SSH can lock you out, so ensure you have alternative access or know how to revert settings in case of an error.

answered Nov 13 by CaLLmeDaDDY
• 6,540 points

Related Questions In Cyber Security & Ethical Hacking

0 votes
1 answer
0 votes
1 answer
0 votes
1 answer

how to start a career in cyber security?

Many of us are familiar with the ...READ MORE

answered Dec 14, 2021 in Cyber Security & Ethical Hacking by Edureka
• 12,690 points
636 views
+1 vote
1 answer

How do you decrypt a ROT13 encryption on the terminal itself?

Yes, it's possible to decrypt a ROT13 ...READ MORE

answered Oct 17 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 6,540 points
114 views
+1 vote
1 answer
+1 vote
1 answer
+1 vote
1 answer
0 votes
1 answer

How to send a bearer token in a header?

To send a bearer token in an ...READ MORE

answered Nov 7 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 6,540 points
47 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP