Prerequisite: First you must know that the port is not independent, it is dependent on the process. When a process is turned on, its corresponding port is turned on and the process shuts down, and the port is closed. The next time a process is turned on again, the corresponding port is turned on again. Instead of purely understanding that a port is closed, you can disable a port.
1. You can use "NETSTAT-ANP" to see which ports are open.
(Note: The parameter '-n ' will convert the application to port display, that is, the address of the number format, such as: nfs->2049, ftp->21, so you can open two terminals, one for each corresponding to the port number of the program)
2. The program that applies the port can then be viewed by "Lsof-i: $PORT" ($PORT refers to the corresponding port number). Or you can view the file/etc/services, from which you can find the service that corresponds to the port.
(Note: Some ports cannot be found through Netstat, the more reliable method is "sudo nmap-st-o localhost")
3. To close a port, you can:
1) Disable the port via the Iptables tool, such as:
"Sudo iptables-a input-p tcp--dport $PORT-j DROP"
"Sudo iptables-a output-p tcp--dport $PORT-j DROP"
2) or turn off the corresponding application, the port will naturally shut down, such as:
"Kill-9 pid" (PID: Process number)
such as: Through the NETSTAT-ANP | grep ssh "
There is a display: TCP 0 127.0.0.1:2121 0.0.0.0:* LISTEN 7546/ssh
Then: "Kill-9 7546"
("Chkconfig" can be used to view the open state of the system service.)
Reference: http://blog.csdn.net/wudiyi815/article/details/7473097