Linux View Port Status and Close Port Method

Prerequisites: First of all, you must know that the port does not exist independently, it is attached to the process. When a process is started, its corresponding port is opened, and when the process is closed, the port is closed. The next time if a process is turned on again, the corresponding port will be turned on again. Instead of purely understanding it is to turn off a port, but you can disable a port.

1. You can see which ports are open by "~$ netstat -anp". (Note: Adding the parameter '-n' will turn the application into port display, ie the address in digital format, such as: nfs->2049, ftp->21, so you can open two terminals, one by one corresponding to the program The corresponding port number) 2. Then you can view the program that applies the port ($PORT refers to the corresponding port number) through "~$ lsof -i:$PORT". Or you can look at the file /etc/services, from which you can find out which service the port corresponds to. (Note: Some ports can't be found through netstat. The more reliable method is "~$ sudo nmap -sT -O localhost") 3. To close a port, you can: 1) Ban the port with the iptables tool. Off, such as: "~$ sudo iptables -A INPUT -p tcp --dport $PORT -j DROP" "~$ sudo iptables -A OUTPUT -p tcp --dport $PORT -j DROP" 2) or off When the corresponding application is dropped, the port is naturally closed, such as: "~$ kill -9 PID" (PID: process number) such as: by "~$ netstat -anp |  Grep ssh" has the display: tcp 0