Alwina's open source efforts


Specialized in FreeBSD and CentOS

Closing ports in CentOS

October 19th, 2010 at 5:49

Recently I found too many open ports on my remote CentOS server. You can use the excellent program nmap to do a portscan. The following command gave me insight to my open ports from a client.

nmap -sS

You should replace with the remote IP of your server.
The result:

Starting Nmap 5.00 ( ) at 2010-10-18 22:59 CEST
Interesting ports on (
Not shown: 991 closed ports
22/tcp open ssh
25/tcp filtered smtp
111/tcp open rpcbind
135/tcp filtered msrpc
5900/tcp open vnc
5901/tcp open vnc-1
5902/tcp open vnc-2
5903/tcp open vnc-3
5904/tcp open unknown

For maximum security all unnecessary ports should be closed down. You can do this with the following steps.

1. login to your server

ssh root@

Replace with the remote IP of your server

2. start tool for CentOS firewall settings


3. adjust firewall settings

I usually enable the firewall but disable SELLinux. This fine-grained security mechanism adds to security but is difficult to use and error-prone. The next step is to customize the settings.

I enabled SSH, HTTP, HTTPS and cleared the setting under “Other ports”.

Juist press the button OK 2x and your are ready.

4. recheck open ports on your clients

nmap -sS

The result:

Starting Nmap 5.00 ( ) at 2010-10-19 06:04 CEST
Interesting ports on (
Not shown: 997 filtered ports
22/tcp  open   ssh
80/tcp  closed http
443/tcp closed https

Job done, ready.

Tags: , , , ,

One Response to “Closing ports in CentOS”

  1. Homepage Says:

    … [Trackback]…

    [...] Read More here: [...]…