Ports

hkjz · 05-05-2019, 04:52 PM

while diving into the networks, with command

Code:

$ sudo nmap -sUT -O localhost

Starting Nmap 7.60 ( https://nmap.org ) at 2019-05-05 23:48 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00040s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 1988 closed ports
PORT     STATE         SERVICE
22/tcp   open          ssh
111/tcp  open          rpcbind
139/tcp  open          netbios-ssn
445/tcp  open          microsoft-ds
631/tcp  open          ipp
68/udp   open|filtered dhcpc
111/udp  open          rpcbind
123/udp  open          ntp
137/udp  open          netbios-ns
138/udp  open|filtered netbios-dgm
631/udp  open|filtered ipp
5353/udp open|filtered zeroconf
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 - 3.10
Network Distance: 0 hops

i found a list of few ports which are open, which is great

Now considering security purposes,
should i keep all of them open, or close some of them as unnecessary?

Thanks

berndbausch · 05-05-2019, 06:37 PM

From the man page:

Quote:

Open means that an application on the target machine is listening for connections/packets on that port.
Filtered means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed.
Closed ports have no application listening on them, though they could open up at any time.

The question is: Does your computer need the listening applications. In your case, do you want to accept ssh, SMB, NTP etc. connections. If not, block the ports with a firewall and don’t run the applications.

Also, consider protecting the 1988 closed ports with a firewall.