How to Find Open Ports and Close Them in Linux
So you are dealing with a critical server where you have to maintain security at any cost. And closing ports to block unwanted traffic is the first step you'd take.
Find open ports in Linux
In this tutorial, I am going to use the ss command to find open ports.
You can use the -l
option with the ss command to get listening ports. But to be more specific, I'm going with -lt
to get listening TCP ports:
ss -tl
Similarly, if you want to have a list of both TCP and UDP in the listening state, you can use the given command:
ss -tul
And to get the listening port of each service, you can use -n
and for more fine-tuned results, you can always use the grep command:
ss -tuln | grep LISTEN
Enough of finding open ports, let's jump to how you can close them.
Close open ports in Linux
To close the port, first, you will need to stop the service and to find the service name, you can use the same ss command with -p
option:
sudo ss -tulnp | grep LISTEN
As you can see, the NGINX is utilizing port number 80. So let's stop it using the given command:
sudo systemctl stop nginx
As it will enable itself on every boot and you can alter this behavior using the given command:
sudo systemctl disable nginx
For better results, I would recommend changing firewall rules.
Here, I'm going to block port no 80 (used by NGINX) in UFW (which is pre-installed in Ubuntu).
First, let's check the status of UFW:
sudo ufw status
And if it shows inactive
, you can use the given command to enable it:
sudo ufw enable
Now, you just have to pair the deny
option with the port number
:
sudo ufw deny 80
And here's the end result:
No sign of NGINX!
Wrapping Up
This was my take on how you can find and close open ports in Linux. I hope you will find this helpful.
And if you have any queries, let me know in the comments.