Closing Open Port at Linux

[warik]

Dear,

I try to scan my server using nmap myserver, and it shown an unknown port 757/tcp.

So, what should I do to close that port. I try to delete that port from /etc/services, but I can not find port 757 there.

Anyone can give me idea to close that port at my linux server.

Thank you in advance.

::Warik?::

 

[pupu]

Use 'lsof -i tcp:757' or 'netstat -pta |grep 757'. It will show you the name of the process that listens on this port. Then you should decide if you want to keep it running or not.

 

[warik]

Dear Pupu,

Right, I could now saw the service run at 757 port. Thank you.

If I would like to close that port, what should I do?

thank's

 

[pupu]

Stop this service. If the service is not running, then the port is closed.

Or, you can 'close' the port for outside by implementing firewall. I don't know if you are using ipchains, iptables or even have no firewall at all (try to issue iptables -L -n, for example), but you can do it like this:

iptables -A INPUT -i eth+ -p tcp -m tcp -s 0.0.0.0/32 -d <your_ip_address>/32 --dport 757 -j REJECT --reject-with icmp-host-prohibited

I strongly suggest reading some HOWTOs and man pages between diving deeper into this.

 

[warik]

Ok, now, I know how to solve that problem.

Thank's a lot.