User profile for user: jinniferb
jinniferb Author
User level: Level 2
168 points

Closing ports?

I ran a port scan on our 10.6.8 SL server (the Firewall was off at the time of the scan), I compared the list of open ports to the list of the services they were associated with vs. which ports we actually need to have open. There were a few "rogue" ones though that seemed like they should need to be closed.


Unfortunately (port 7001, for example) these port numbers aren't showing up in the list of Services in the Firewall service in Server Admin.


How would I go about closing ports that aren't even listed by the server? Is there a Terminal command for that?


Thanks in advance!

Posted on Jan 20, 2012 9:46 AM

Reply
3 replies
User profile for user: Camelot
Camelot
User level: Level 9
58,299 points

Jan 20, 2012 10:38 AM in response to jinniferb

How would I go about closing ports that aren't even listed by the server? Is there a Terminal command for that?


Before you close them you kind of need to know which application is using them. Only then can you decide if it's needed, and whether or not it should be closed. Just because a port is open that doesn't necessarily mean there's a problem.


This will show you the process that's using any given port number:


sudo lsof -i :<port number>

Reply
User profile for user: MrHoffman
MrHoffman
Community+ 2025
User level: Level 10
144,965 points

Jan 20, 2012 12:12 PM in response to jinniferb

You could install and use a network gateway; a perimeter firewall. Use that at the edge of your network.


Preferably a gateway with NAT and VPN server capabilities, among other features.


As for your question, it depends. When you want to shut down the specific components that have the ports open, well, how you do that depends on which particular service, what Mac OS X Server is doing with it, and how the particular service is managed.


TCP port 7001 might be a QuickTime Streaming server, or it might well be some other server that's active.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Closing ports?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up