port scan - which should be open / closed, how to open / close

[SM777]

I found a php script which test for open ports on the linux server.

I have found a list stating what each port is used for. What I don't know is:

Which ones are the security risks?

Which opened ports are not needed and should be closed if I am not using those services? e.g. things like Finger. Do I really need that port open?

How to close those ports?

Is there a good guide somewhere?

 

[danielhozac]

The default attitude about open ports are that there should be none, unless you absolutely need them.
As an example, for a webserver you would only want port 80 and port 443 (if using SSL) open, all others should be closed.
To close a port is usually just a matter of shutting down the application listening on that port. It can also be accomplished with a firewall like [tt]iptables[/tt] or [tt]ipchains[/tt]. //Daniel

 

[SM777]

I have Portscan and Snort running. I guess if they are listening on certain ports then those ports should be left alone?

 

[danielhozac]

You can find out which application is listening on what port with the command [tt]netstat -pnat[/tt]. //Daniel