Before scanning:
Nmap Scan Report for 192.168.0.39
Host is up (0.00029s latency).
All scanned ports on 192.168.0.39 is filtered
MAC Address:00:0c:29:ef:80:d6 (VMware)
After opening:
Nmap Scan Report for 192.168.0.39
Host is up (0.00038s latency).
Not shown:997 filtered ports
PORT State SERVICE
22/TCP closed SSH
80/TCP closed HTTP
8080/TCP closed Http-proxy
MAC Address:00:0c:29:ef:80:d6 (VMware)
The process is as follows:
1. Scan Port
With Ubuntu's own network tools in the port scan is not strong enough, the scan results may not be complete, recommended to use nmap, hackers commonly used port scanning Tool! Installation method: sudo apt-get install nmap, want to scan the port nmap plus domain name or IP. Scan the local port below: nmap localhost
2. View the port process
Command: sudo lsof-i:p ort (port changed to the one you want to query);
Command: sudo netstat-nap|grep port (the last line shows the process number)
3. Start | stop | Restart port
There are roughly three different ways
(1) such as Apache2, MySQL port, direct sudo service apache2 stop (|start|restart) can
(2) Some ports cannot be closed with the service, you can consider Sudo/etc/init.d/service Start|stop|restart
(3) If you can't turn it off, try killing the process: sudo kill pid,pid is the port service process number, and the command to view the process number is described above.
Open mouth Ubuntu use
Use UFW in Ubuntu to see if it is installed and enabled:
sudo dpkg--get-selections | grep UFW
sudo apt-get install UFW
You should check to see if the UFW is already running
sudo UFW status
If you find the status is: inactive, meaning is not activated or does not work.
Enable:
sudo UFW enable
Disable:
Sudo
UFW Disable
After the firewall is activated, you can add your own rules to the inside. If you want to see the default rules, you can enter
sudo ufw status verbose
Status:active
Logging:on (Low)
Default:deny (incoming), allow (outgoing)
New Profiles:skip
$
By default, all external access connections are not allowed. If you want to connect your machine remotely, you have to open the appropriate port. For example, you want to use SSH to connect, here is the command added
sudo ufw allow ssh or Nikki SSH configuration is which port directly sudo UFW allow 22 (the default is 22, the path looks:
sudo UFW status
To Action from
-- ----------- ------
Allow Anywhere
Allow Anywhere (V6)
If you have many rules and want to quickly add an ordinal number to each rule, use the numbered parameter.
sudo UFW status numbered
The first rule means that all TCP or UDP packets that access the machine via the 22 port are allowed. What if you want to allow only TCP packet access? You can add a TCP parameter after the service port. The following example and the corresponding output.
sudo ufw allow ssh/tcp or UFW allow 22/tcp
Adding a Deny rule is the same trick. Let's say you want to deny FTP access, you just type
sudo UFW deny FTP
Add a specific port
Sometimes, we customize a port instead of using the standard provided. Let's try to change the 22 port of SSH on the machine into 2290 port and then allow access from 2290 port, we add it like this:
sudo ufw allow 2290
You can also add the port range into the rules. If we want to open a port from 2290 to 2300 for use by the TCP protocol, the command looks like this:
sudo ufw allow 2290:2300/tcp
If you want to use UDP, do the following.
sudo ufw allow 2290:2300/udp
Please note that you have to explicitly specify ' TCP ' or ' UDP ', otherwise there will be an error message similar to the one below.
Error:must specify ' TCP ' or ' UDP ' with multiple ports
Add a specific IP
The rules we added earlier are based on the service program or port, and UFW can also add rules based on IP addresses. Here is a sample command.
sudo ufw allow from 192.168.0.104
You can also use a subnet mask to widen the range.
sudo ufw allow form 192.168.0.0/24
You can also use a subnet mask to widen the range.
sudo ufw allow form 192.168.0.0/24
To Action from
-- ----------- ------
Anywhere Allow 192.168.0.104
Anywhere Allow 192.168.0.0/24
As you can see, the from parameter only restricts the source of the connection, and the purpose (represented by the to column) is everywhere
sudo ufw allow to any port 22
The above command allows access to port 22 from anywhere and from any protocol.
Combination parameters
For more specific rules, you can also combine IP addresses, protocols, and ports. We want to create a rule that restricts only the IP from 192.168.0.104, and only uses the TCP protocol and accesses the local resources via Port 22. We can use the command shown below.
sudo ufw allow from 192.168.0.104 Proto TCP to any port 22
The command to create a deny rule is similar to the allowed rule, so you only need to change the Allow parameter to the deny parameter.
Delete Rule
sudo ufw delete Allow FTP
Method Two:
sudo ufw delete allow SSH
Or
sudo ufw delete Allow 22/tcp
Some of the errors that appear are as follows:
Could Not delete non-existent rule
Could Not delete non-existent rule (V6)
We have another trick. As mentioned above, you can sequence numbers instead of the rules you want to delete. Let's try.
sudo UFW status numbered
Then we remove the first rule that is in use. Pressing "Y" will permanently delete this rule.
sudo UFW Delete 1
Deleting:
Allow from 192.168.0.104 to any port proto TCP
Proceed with Operation (y|n)? Y
From these usages you can see the difference between them. Method 2 requires user confirmation before deletion, and Method 1 does not.
Reset All Rules
sudo ufw reset
Resetting all rules to installed defaults. Proceed with Operation (y|n)? Y
If you enter "Y", UFW will back up all existing rules before resetting your UFW, and then reset. Resetting the operation also puts your firewall in an unusable state if you want to use it again to enable it.
Advanced Features
As I said above, UFW firewall can do everything iptables can do. This is done through a few rules files, they are just iptables-restore of the corresponding text file. Whether the UFW command can be used to fine-tune UFW and/or logic to add iptables commands is actually a matter of editing several text files.
/ETC/DEFAULT/UFW: The master configuration file for the default policy, supporting IPV6 and kernel modules.
/etc/ufw/before[6].rules: The rules that exist before adding rules through the UFW command are evaluated first.
/etc/ufw/after[6].rules: rules that exist after adding rules through the UFW command are calculated.
/ETC/UFW/SYSCTL.CONF: Kernel network tunable parameters.
/etc/ufw/ufw.conf: Sets whether UFW is available at system startup, and sets the log level.
Conclusion
As the front-end application of Iptables, UFW provides users with a simple interface interface. There is no need to remember the very complex iptables syntax. UFW also uses ' Simple English ' as its parameter.
Like allow, deny, and reset are part of them. I believe there are many iptables front-end applications, but UFW is definitely one of the best alternatives for users who want to build their own firewalls quickly and easily, but also very secure. Please enter man UFW to view the UFW user manual for more details.
Support for open source support sharing!!! If in doubt, please dabigatran: Click on the link to join the group "Linux Technology Exchange Discussion Group": Http://jq.qq.com/?_wv=1027&k=cIQijs
This article is from the "lake and Laughter" blog, please make sure to keep this source http://hashlinux.blog.51cto.com/9647696/1733291
Ubuntu port scanning and opening