How many ports can the Linux server open at most

  • 2021-11-02 03:45:42
  • OfStack

Concepts related to directory ports:
Relationship between port and service
1: nmap tool detects open ports
2: netstat tool detects open ports
3: lsof tool detects open ports
4: ss tool detects open ports
5: Use telnet to detect if the port is open
6: The netcat tool detects whether the port is open, closed and open

Port-related concepts:

In network technology, ports (Port) include logical ports and physical ports. Physical ports refer to ports that exist physically, such as ADSL, Modem, interfaces on hubs, switches, routers that connect to other network devices, such as RJ-45 ports, SC ports, and so on. Logical port refers to the port used to differentiate services logically, such as the service port in TCP/IP protocol, and the port number ranges from 0 to 65535, such as port 80 for browsing web page service and port 21 for FTP service. Because of the large number of physical ports and logical ports, each port is numbered in order to distinguish the ports, which is the port number

Ports can be divided into three categories by port number:

1: Recognized port (Well Known Port)

The accepted port numbers range from 0 to 1023, and they are tightly bound to one common service, such as the FTP service using Port 21, which you can see in the/etc/services.

2: Registration port (Registered Ports):

From 1024 to 49151. They are loosely bound to 1 service. That is to say, there are many services bound to these ports, and these ports are also used for many other purposes.

3: Dynamic or Private Port (Dynamic and/or Private Ports)

The dynamic port, or private port number (private port numbers), is the number of ports that can be used by any software to communicate with any other software, using the Transmission Control Protocol of the Internet, or the User Transport Protocol. Dynamic Port 1 is generally from 49152 to 65535

Linux has a limited port range, and if I want to reserve some ports for my program, I need to control this port range. /proc/sys/net/ipv4/ip_local_port_range defines the port range of native TCP/UDP, and you can define net.ipv4.ip_local_port_range = 1024 65000 inside /etc/sysctl.conf


[root@localhost ~]# cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
[root@localhost ~]# echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range

As for ports and services, I used to take public toilets as an analogy. Every toilet in public toilets is like every port of the system. Solving convenience for people is the so-called service. If you provide these services, you must open ports (toilets). When someone goes to the toilet, links are established at these ports. If the toilet is occupied, it means that the port number is occupied by the service. If there is no public toilet service here one day, the public toilet will be demolished, and naturally there will be no port number. In fact, a more vivid example is like a bank lobby, where the port numbers are those counters, and those who take the numbers to handle business are like various clients linked to the server. They send business contacts to counters through port redirection technology. Let's give an easy-to-understand example. Port numbers are like each station on the high-speed rail line. For example, Changsha and Yueyang represent one port number respectively. Passengers go to their respective stations through train tickets, just like IP packets sent by various applications to server ports.

Relationship between port and service

What's the use of ports? As we know, a host with IP address can provide many services, such as Web service, FTP service, SMTP service, etc. These services can be realized by one IP address. So, how does the host distinguish different network services? Obviously, you can't rely solely on IP addresses, because the relationship between IP addresses and network services is one-to-many. In fact, different services are distinguished by "IP address + port number".

The correspondence between the port number and the corresponding service is stored in the/etc/services file, where most of the ports can be found.

How to check whether the port is open, in fact, it is not sorted out, and there are so many methods!

1: nmap tool detects open ports

nmap is a network scanning and host detection tool. The installation of the nmap is very simple, as shown in the following rpm installation.


[root@DB-Server Server]# rpm -ivh nmap-4.11-1.1.x86_64.rpm 
warning: nmap-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:nmap                   ########################################### [100%]
[root@DB-Server Server]# rpm -ivh nmap-frontend-4.11-1.1.x86_64.rpm 
warning: nmap-frontend-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:nmap-frontend          ########################################### [100%]

About the use of nmap, you can take a long capitalized close-up, so you won't expand it here. As shown below, nmap 127.0. 0.1 looks at the ports that are open locally and scans all ports. Of course, you can also scan other server ports.


[root@DB-Server Server]# nmap 127.0.0.1
 
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2016-06-22 15:46 CST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1674 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
25/tcp   open  smtp
111/tcp  open  rpcbind
631/tcp  open  ipp
1011/tcp open  unknown
3306/tcp open  mysql
 
Nmap finished: 1 IP address (1 host up) scanned in 0.089 seconds
You have new mail in /var/spool/mail/root
[root@DB-Server Server]# 

2: netstat tool detects open ports


[root@DB-Server Server]# netstat -anlp | grep 3306
tcp        0      0 :::3306                     :::*                        LISTEN      7358/mysqld         
[root@DB-Server Server]# netstat -anlp | grep 22
tcp        0      0 :::22                       :::*                        LISTEN      4020/sshd           
tcp        0     52 ::ffff:192.168.42.128:22    ::ffff:192.168.42.1:43561   ESTABLISHED 6198/2              
[root@DB-Server Server]# 

As shown above, this tool feels less concise than nmap. Of course, it is not as powerful as nmap.

3: lsof tool detects open ports


[root@DB-Server Server]# service mysql start
Starting MySQL......[  OK  ]
[root@DB-Server Server]# lsof -i:3306
COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE NAME
mysqld  7860 mysql   15u  IPv6  44714       TCP *:mysql (LISTEN)
[root@DB-Server Server]# service mysql stop
Shutting down MySQL..[  OK  ]
[root@DB-Server Server]# lsof -i:3306
[root@DB-Server Server]# 

[root@DB-Server Server]# lsof -i TCP| fgrep LISTEN
cupsd     3153    root    4u  IPv4   9115       TCP localhost.localdomain:ipp (LISTEN)
portmap   3761     rpc    4u  IPv4  10284       TCP *:sunrpc (LISTEN)
rpc.statd 3797 rpcuser    7u  IPv4  10489       TCP *:1011 (LISTEN)
sshd      4020    root    3u  IPv6  12791       TCP *:ssh (LISTEN)
sendmail  4042    root    4u  IPv4  12876       TCP localhost.localdomain:smtp (LISTEN)

4: ss tool detects open ports


[root@localhost ~]# ss -ntl
State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN     0      50           *:3306                     *:*                  
LISTEN     0      128          *:111                      *:*                  
LISTEN     0      128          *:22                       *:*                  
LISTEN     0      32           *:8808                     *:*                  
LISTEN     0      128       [::]:111                   [::]:*                  
LISTEN     0      128       [::]:22                    [::]:*                  
[root@localhost ~]# 

5: Use telnet to detect if the port is open

Even if the server port is in a listening state, the firewall iptables shields the port, so it is impossible to detect whether the port is open by this method.

6: The netcat tool detects if the port is open


[root@DB-Server ~]# nc -vv 192.168.42.128 1521
Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded!
[root@DB-Server ~]# nc -z 192.168.42.128 1521; echo $?
Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded!
0
[root@DB-Server ~]#  nc -vv 192.168.42.128 1433
nc: connect to 192.168.42.128 port 1433 (tcp) failed: No route to host

Closed port and open port

Closed port and open port should be two different concepts, each port has a corresponding service, so to close the port, just close the corresponding service. As in the following example, when the MySQL service is turned on, port 3306 is in a listening state, and after the MySQL service is turned off, port 3306 is naturally turned off


[root@DB-Server Server]# service mysql start
Starting MySQL......[  OK  ]
[root@DB-Server Server]# lsof -i:3306
COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE NAME
mysqld  7860 mysql   15u  IPv6  44714       TCP *:mysql (LISTEN)
[root@DB-Server Server]# service mysql stop
Shutting down MySQL..[  OK  ]
[root@DB-Server Server]# lsof -i:3306
[root@DB-Server Server]# 

Therefore, there are some unnecessary ports and services in the system. From the perspective of security or resource saving, those unnecessary services should be closed. Close the corresponding port. In addition, even if the service is turned on, the firewall restricts the corresponding port, so that the port cannot be accessed, but the port itself is not closed, only the port is shielded.


Related articles: