Shulou(Shulou.com)06/01 Report--

The open port of the server is actually an entry point for the server. Once there is a security risk at the entry point, the * * person will concentrate on the port, but some administrators do not check the open ports of the server when deploying related businesses, resulting in the opening of many non-business ports. Once open ports are used by users (such as windows port 445), it doesn't matter how well your business (port) security measures are done! Therefore, after we deploy business on the server, we must close those non-business ports in time, so how do we know which ports we have opened? How should we close these ports?

View open ports

To view open ports, we can use the netstat command, which is supported for windows and linux, and for windows, we can use the

Netstat-ano

To quickly view the open ports and corresponding PID numbers, as shown below:

For linux systems, we can use the

Netstat-anp

To quickly view our open ports, PID and corresponding program names (services), as shown below:

By using the above methods, we can see what ports we have opened, and then determine what ports we need and what ports we do not need. For those we do not need, we should close them in time!

Shut down non-business ports

When we find out which ports we don't need, we should close them directly to prevent them from being used!

For linux systems, we can use the command

Kill PID

PID is the specific PID found above so that unwanted ports can be closed. In addition, we can use commands.

Sudo netstat-anp | grep port

Or

Lsof-i:port

Port is the specific port number, so you can view the PID corresponding to individual ports and view PID to close non-business ports.

For the windows system, when we know which ports are not needed, we can use the shortcut key [Ctrl+shift+Esc] to open the task manager, select the [Service] item, find the service corresponding to PID (description is the service name), stop with the right mouse button, or open the service, find the corresponding service, and then prohibit related services, or use the command net stop service name to prohibit!

For windows systems, we can use the

Tskill PID

To kill the process, but this way is not recommended, there is a certain risk, may lead to a blue screen! Use it carefully!

In addition, we can use

Netstat-ano | findstr "port"

Check the PID number of a port separately.

If this method does not work, it is recommended to use firewall policy for port restrictions!

Verify that the port shutdown is successful

After we have used the above method, we also need to verify whether the port is closed successfully. If it is closed directly, we can use the query open port for verification. If we are using the policy of firewall, then we can let an interworking host use the command.

Telnet ip port

To check whether the port is blocked successfully. The port is the specific port number. If the following message is displayed, the port is blocked successfully!

Connecting xx.xx.xx.xx... Unable to open the connection to the host. On port xx: connection failed

On the contrary, the blocking did not succeed!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.