Before discussing this issue, let's first understand computer concepts such as physical ports, logical ports, and port numbers.
Port-related concepts:
In network technology, ports include logical ports and physical ports. Physical ports refer to physically existing ports, such as ports on ADSL Modem, hubs, switches, and routers that are used to connect other network devices, such as RJ-45 ports, SC ports, and so on. Logical port refers to the port used to differentiate services in a logical sense, such as the service port in the TCP/IP protocol. The port number ranges from 0 to 65535, such as port 80 for browsing web services and port 21 for FTP services. Wait. Due to the large number of physical ports and logical ports, in order to distinguish the ports, each port is numbered, which is the port number
Ports can be divided into three categories according to the port number:
1: Well Known Port
The recognized port numbers are from 0 to 1023, and they are tightly bound to some common services. For example, the FTP service uses port 21. You can see the mapping relationship in /etc/services.
2: Registered Ports:
From 1024 to 49151. They are loosely bound to some services. That is, there are many services bound to these ports, and these ports are also used for many other purposes.
3: Dynamic and/or Private Ports
Dynamic ports, or private port numbers, are the number of ports that can be used by any software to communicate with any other software, using the Internet's Transmission Control Protocol, or the User Transport Protocol. Dynamic ports are generally from 49152 to 65535
There is a limited range of ports in Linux, if I want to reserve some ports for my program, then I need to control this port range. /proc/sys/net/ipv4/ip_local_port_range defines the local TCP/UDP port range, you can define net.ipv4.ip_local_port_range = 1024 65000 in /etc/sysctl.conf
[root@localhost ~]# cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
[root@localhost ~]# echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range
Regarding ports and services, I used to use public toilets as an analogy. Every toilet in a public toilet is like every port in the system. Providing convenience for people is the so-called service. If you provide these services, then you must open the port (toilet). , when someone goes to the toilet, the link is established on these ports. If the toilet is occupied, it means that the port number is occupied by the service. If one day the public toilet service is not provided here, the public toilet is removed, and naturally there will be no port number. In fact, a more vivid example is like the bank lobby, the port numbers are those counters, and those who take the numbers to handle the business are like various clients linked to the server. They send business contacts with the counter through port redirection technology. To give another easy-to-understand example, the port number is like each station on the high-speed rail line. For example, Changsha, Yueyang, etc. respectively represent a port number. Passengers go to their respective stations through train tickets, just like each application is sent to the server. The IP packet of the port.
The relationship between ports and services
What is the port for? We know that a host with an IP address can provide many services, such as Web services, FTP services, SMTP services, etc. These services can be achieved through one IP address. So, how do hosts differentiate between different network services? Obviously can not rely on IP addresses, because the relationship between IP addresses and network services is a one-to-many relationship. In fact, different services are distinguished by "IP address + port number".
The correspondence between port numbers and corresponding services is stored in the /etc/services file, where most ports can be found.
How to check whether the port is open, in fact, I don't know how to do it, there are so many methods!
1: nmap tool detects open ports
nmap is a tool for network scanning and host detection. The installation of nmap is very simple as shown in the following rpm installation.
[root@DB-Server Server]# rpm -ivh nmap-4.11-1.1.x86_64.rpm
warning: nmap-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:nmap ########################################### [100%]
[root@DB-Server Server]# rpm -ivh nmap-frontend-4.11-1.1.x86_64.rpm
warning: nmap-frontend-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:nmap-frontend ########################################### [100%]
[root@DB-Server Server]#
关于nmap的使用,都可以长篇大写特写,这里不做展开。如下所示,nmap 127.0.0.1 查看本机开放的端口,会扫描所有端口。 当然也可以扫描其它服务器端口。
[root@DB-Server Server]# nmap 127.0.0.1
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2016-06-22 15:46 CST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1674 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
631/tcp open ipp
1011/tcp open unknown
3306/tcp open mysql
Nmap finished: 1 IP address (1 host up) scanned in 0.089 seconds
You have new mail in /var/spool/mail/root
[root@DB-Server Server]#
2:netstat 工具检测开放端口
[root@DB-Server Server]# netstat -anlp | grep 3306
tcp 0 0 :::3306 :::* LISTEN 7358/mysqld
[root@DB-Server Server]# netstat -anlp | grep 22
tcp 0 0 :::22 :::* LISTEN 4020/sshd
tcp 0 52 ::ffff:192.168.42.128:22 ::ffff:192.168.42.1:43561 ESTABLISHED 6198/2
[root@DB-Server Server]#
如上所示,这个工具感觉没有nmap简洁明了。当然也确实没有nmap功能强大。
3:lsof 工具检测开放端口
[root@DB-Server Server]# service mysql start
Starting MySQL......[ OK ]
[root@DB-Server Server]# lsof -i:3306
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
mysqld 7860 mysql 15u IPv6 44714 TCP *:mysql (LISTEN)
[root@DB-Server Server]# service mysql stop
Shutting down MySQL..[ OK ]
[root@DB-Server Server]# lsof -i:3306
[root@DB-Server Server]#
[root@DB-Server Server]# lsof -i TCP| fgrep LISTEN
cupsd 3153 root 4u IPv4 9115 TCP localhost.localdomain:ipp (LISTEN)
portmap 3761 rpc 4u IPv4 10284 TCP *:sunrpc (LISTEN)
rpc.statd 3797 rpcuser 7u IPv4 10489 TCP *:1011 (LISTEN)
sshd 4020 root 3u IPv6 12791 TCP *:ssh (LISTEN)
sendmail 4042 root 4u IPv4 12876 TCP localhost.localdomain:smtp (LISTEN)
4: 使用telnet检测端口是否开放
服务器端口即使处于监听状态,但是防火墙iptables屏蔽了该端口,是无法通过该方法检测端口是否开放的。
5:netcat工具检测端口是否开放。
[root@DB-Server ~]# nc -vv 192.168.42.128 1521
Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded!
[root@DB-Server ~]# nc -z 192.168.42.128 1521; echo $?
Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded!
0
[root@DB-Server ~]# nc -vv 192.168.42.128 1433
nc: connect to 192.168.42.128 port 1433 (tcp) failed: No route to host
关闭端口和开放端口
关闭端口和开放端口应该是两种不同的概念,每个端口都有对应的服务,因此要关闭端口,只要关闭相应的服务就可以了。像下面例子,开启了MySQL服务,端口3306处于监听状态,关闭MySQL服务后,端口3306自然被关闭了
[root@DB-Server Server]# service mysql start
Starting MySQL......[ OK ]
[root@DB-Server Server]# lsof -i:3306
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
mysqld 7860 mysql 15u IPv6 44714 TCP *:mysql (LISTEN)
[root@DB-Server Server]# service mysql stop
Shutting down MySQL..[ OK ]
[root@DB-Server Server]# lsof -i:3306
[root@DB-Server Server]#
所以,系统里面有些不必要的端口和服务,从安全考虑或资源节省角度,都应该关闭那些不必要的服务。关闭对应的端口。另外,即使服务开启,但是防火墙对对应的端口进行了限制,这样端口也不能被访问,但端口本身并没有关闭,只是端口被屏蔽了。