Under the Linux operating system, the system defines a total of 65536 available ports. These ports are divided into two parts, with 1024 as the dividing point, which are "ports that can only be enabled by root users" and
"ports for clients":
1. Only Ports that can only be enabled by the root user
Under Linux systems, ports 0-1023 need to be enabled as root. These ports are mainly used for some common communication services in the system. In general, these ports are
reserved for some preset services. It is best not to use these reserved ports for services that are not frequently used. For example, port 21 is reserved for ftp service, port 23 is reserved for
telnet service, 25 is reserved for mail service, and port 80 is reserved for www service. The corresponding
list .
2. The ports
above 1024 (including 1024) of the client terminal are mainly used by the client software, and these ports are randomly allocated by the software. For example, if Sina.com is accessed through a browser, the
browser first randomly allocates a port above 1024 locally, and establishes a connection with the Sina.com server port 80 (ie www service) through this port, thus realizing the browser to the web page
. access.
The enabling of ports greater than or equal to 1024 is not controlled by the root user. For example, for the frequently used MySQL database, the default port for the service is 3306, and this port is
enabled by the MySQL user. The default port for the Oracle database is 1521, which is also started by the Oracle user.
3. The relationship between services and ports
There is a one-to-one relationship between services and ports, which depend on each other and set off each other. If there is no service running, it does not matter the port. The opening and closing of the port is the starting and closing of the software service
. For example, the common port 80 runs the www service by default, and the default port 53 runs the DNS service.
These services are not necessarily running on the default port. For example, the www service can run on the port you like, and you can specify it to run on port 81. It's just that
because the browser defaults to looking for services on port 80, if you access the www service at this time, you need to add ":81" after the address of the visit, which means high-speed browser. This www service is
running on the non-default 81 under the port.
4. Port and system security
5. In order to ensure the security of the system, under normal circumstances, unnecessary ports will be closed in the system. In fact, there is no so-called security for ports, because ports correspond to services enabled by software, so it is not the ports that
really affect security, but the software corresponding to the ports.
How to check the status of the port:
To check the port listening status of the current server, you can use the following command netstat -tunl
To display the link status that has been connected, use the command netstat -tun
to check what service the port corresponds to. Netstat -antlp
Check the service status
6. Linux generally uses the chkconfig command to determine whether the service is on or off, such as chkconfig --list sshd
"ports for clients":
1. Only Ports that can only be enabled by the root user
Under Linux systems, ports 0-1023 need to be enabled as root. These ports are mainly used for some common communication services in the system. In general, these ports are
reserved for some preset services. It is best not to use these reserved ports for services that are not frequently used. For example, port 21 is reserved for ftp service, port 23 is reserved for
telnet service, 25 is reserved for mail service, and port 80 is reserved for www service. The corresponding
list .
2. The ports
above 1024 (including 1024) of the client terminal are mainly used by the client software, and these ports are randomly allocated by the software. For example, if Sina.com is accessed through a browser, the
browser first randomly allocates a port above 1024 locally, and establishes a connection with the Sina.com server port 80 (ie www service) through this port, thus realizing the browser to the web page
. access.
The enabling of ports greater than or equal to 1024 is not controlled by the root user. For example, for the frequently used MySQL database, the default port for the service is 3306, and this port is
enabled by the MySQL user. The default port for the Oracle database is 1521, which is also started by the Oracle user.
3. The relationship between services and ports
There is a one-to-one relationship between services and ports, which depend on each other and set off each other. If there is no service running, it does not matter the port. The opening and closing of the port is the starting and closing of the software service
. For example, the common port 80 runs the www service by default, and the default port 53 runs the DNS service.
These services are not necessarily running on the default port. For example, the www service can run on the port you like, and you can specify it to run on port 81. It's just that
because the browser defaults to looking for services on port 80, if you access the www service at this time, you need to add ":81" after the address of the visit, which means high-speed browser. This www service is
running on the non-default 81 under the port.
4. Port and system security
5. In order to ensure the security of the system, under normal circumstances, unnecessary ports will be closed in the system. In fact, there is no so-called security for ports, because ports correspond to services enabled by software, so it is not the ports that
really affect security, but the software corresponding to the ports.
How to check the status of the port:
To check the port listening status of the current server, you can use the following command netstat -tunl
To display the link status that has been connected, use the command netstat -tun
to check what service the port corresponds to. Netstat -antlp
Check the service status
6. Linux generally uses the chkconfig command to determine whether the service is on or off, such as chkconfig --list sshd