1, check which ports are open.
2. Close the port number: iptables-a input -ptcp-drop port number -jDROP, iptables-a output -ptcp-dport.
Port number -jDROP.
3. open the port number: iptables-ainput-PTCP-DPORT port number -jACCEPT.
4. The following is how to use the linux open port command. Nc-lp22 (open port 22, that is, telnet), netstat-an|grep22 (check whether port 22 is open).
5. Every time the linux open port command opens a port.
Close port number: iptables-a input -ptcp-drop port number -jDROP, iptables-a output -ptcp-dport.
Port number -jDROP.
Extended data:
Detailed description of common ports of liunx:
1, port: 7
Service: echo
Description: When searching for Fraggle amplifier, you can see many messages sent by people to X.X.X.0 and X.X.X.255.
2. Port: 2 1
Service: FTP
Description: FTP server opens ports for uploading and downloading. The most common attacker is to find a way to open anonymous's FTP server. These servers have read-write directories. Trojan horses DolyTrojan, Fore, InvisibleFTP, WebEx, WinCrash, BladeRunner open ports.
3. Port: 22
Service: Ssh
Description: The connection between TCP established by PcAnywhere and this port may be to find ssh. This service has many weaknesses. If configured in a specific mode, many versions that use the RSAREF library will have many loopholes.
Existence.
4. Port: 23
Service: Telnet
Description: Remote login, the intruder is searching for the service of remote login UNIX. In most cases, scanning this port is to find the operating system running on the machine. And using other technologies, intruders will also find the password. Trojan TinyTelnetServer opens this port.
5. Port: 25
Service: SMTP
Description: The port opened by SMTP server is used to send mail. Intruders are looking for SMTP servers to send their spam. The intruder's account is closed, and they need to connect to a high-bandwidth email server and send simple information to different addresses. Trojan horse antigen, EmailPasswordSender, HaebuCoceda, ShtrilitzStealth, WinPC and WinSpy all open this port.
6. Port: 53
Service: Domain Name Server (DNS)
Description: For the port opened by DNS server, intruders may try to pass TCP, cheat DNS(UDP) or hide other communication. Therefore, firewalls usually filter or record this port.
7. Port: 80
Service: HTTP
Description: used for web browsing. The Trojan Executor opened the port.
8. Port: 102
Service: Message Transfer Agent (MTA)-X.400 over TCP/IP.
Description: Message Transfer Agent.
9. Port: 1 10
Service: pop3
Caption: POP3 (post office protocol
The server opens this port to receive mail, and the client accesses the mail service on the server side. POP3 services have many recognized weaknesses. There are at least 20 weaknesses about user name and password exchange buffer overflow, which means that intruders can enter the system before actually logging in. There are other buffer overflow errors after successful login.
10, port: 137, 138, 139.
Service: NETBIOSNameService
Note: Among them, 137 and 138 are UDP ports, which are used when transmitting files through network neighbors. And port 139: the connection coming through this port attempts to obtain NetBIOS/SMB service. This protocol is used for windows file and printer sharing and SAMBA. WINSRegisrtation also uses it.
1 1, port: 143
Service: InterimMailAccessProtocolv2
Description: Like the security problem of POP3, many IMAP servers have buffer overflow vulnerabilities.
Remember: LINUX worms (admv0rm) will spread through this port, so many scans of this port come from uninformed infected users. These vulnerabilities became popular when REDHAT allowed IMAP by default in its LINUX distribution. This port is also used for IMAP2, but it is not popular.
12, port: 16 1
Service: SNMP
Description: SNMP allows remote management of devices. All configuration and operation information is stored in the database and can be obtained through SNMP. Many administrators' misconfigurations will be exposed online. Cackers will try to access the system using the default passwords public and private. They will try all possible combinations.
SNMP packets may be incorrectly pointed to the user's network.
13, port: 389
Services: LDAP, ILS
Description: Lightweight Directory Access Protocol and NetMeeting Internet Locator server * * * use this port.
14, port: 443
Service: Https
Description: Web browsing port, another HTTP that can provide encryption and transmission through a secure port.
15, port: 993
Service: IMAP
Description: SSL(SecureSocketslayer)
16, port: 1433.
Service: SQL
Description: Microsoft SQL service open port.
17, port: 1503.
Service: NetMeetingT. 120
Description: NetMeetingT. 120
18, port: 1720.
Service: NetMeeting
Description: NetMeetingH.233callSetup.
19, port: 173 1
Service: NetMeetingAudioCallControl
Description: NetMeeting audio call control.
20. Port: 3389
Service: HyperTerminal
Description: WINDOWS2000 terminal opens this port.
2 1, port: 4000
Service: QQ client
Description: Tencent QQ client opens this port.
22. Port: 563 1
Service: pcAnywere
Note: Sometimes you will see many scans of this port, depending on the user's location. When a user opens pcAnywere, it will automatically scan the Class C network of the local area network for possible agents (the agent here refers to the agent, not the agent). Intruders will also look for computers that turn on this service. So you should check the source address of this scan. Some scan packets searching for pcAnywere usually contain UDP packets on port 22.
23. Port: 6970
Service: real-time audio
Description: RealAudio client will receive audio data stream from UDP port of server 6970-7 170. This is set by the outgoing control connection of TCP-7070 port.
24. Port: 7323
Services:
Description: Sygate server.
25. Port: 8000
Service: OICQ
Description: Tencent QQ server opens this port.
26. Port: 80 10
Service: wingate.
Description: Wingate proxy opens this port.
27. Port: 8080
Service: proxy port
Description: WWW proxy opens this port.
How to open the port for linux minimum installation?
Open the port: If you want to open the port, just select "Automatic" in the startup type, click "OK" button, then open the service, click "Start" button to enable the port in the service status, and finally click "OK" button. Close the port: For example, to close port 25 of SMTP service in Windows2000/XP, you can do this: first open the control panel, double-click the administrative tools, and then double-click the service. Then find and double-click the Simple Transfer Protocol (SMTP) service in the opened service window, click the Stop button to stop the service, then select Disable in the Startup Type, and finally click the OK button. In this way, closing the SMTP service is equivalent to closing the corresponding port.
What are the commands of linux open port?
First, check which ports netstat-anp has opened. Second, close the port number: iptables-a input-ptcp-drop port number -jdropptitables-aoutput-ptcp-dport port number-jdrop. Third, open the port number: iptables-a input-ptcp-dport port number -jACCEPT. Four, the following is the use of linux open port command. Nc-lp23 (open port 23, telnet)netstat-an|grep23 (check whether to open port 23) V. linux open port command Each open port needs a corresponding listener.
How to open and close ports?
First, check which ports netstat-anp has opened. Second, close the port number: iptables-a input-ptcp-drop port number -jdropptitables-aoutput-ptcp-dport port number-jdrop. Third, open the port number: iptables-a input-ptcp-dport port number -jACCEPT. Four, the following is the use of linux open port command. NC-LP23 (telnet) netstat-an | grep23 (check whether to open port 23) V. linux open port command Each open port needs a corresponding listener to suit the learning path of entry. Please read "This is how Linux should learn".