Default port in linux

How to Change the Default SSH Port in Linux for Security Reason?

By default, SSH bind on port 22. Changing the default SSH port adds an additional layer of security to your Linux system.

It could save you from unnecessary attack specifically from bots and port scan attack.

This tutorial explains how to change the default SSH port in Linux.

Also, we will show you how to configure your firewall to allow access to the new SSH port.

We had written many articles for SSH in the past, you can check these by navigating to the following link.

What’s a port scan attack?

Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems.

What’s SSH?

SSH stands for Secure Shell is a cryptographic network protocol that provide secure encrypted communications between two untrusted hosts over an insecure network.

What’s TCP and How the Port Numbers are Assigned?

TCP stands for Transmission Control Protocol is one of the main protocol, that keep a connection alive until the application programs at each end have finished exchanging messages.

TCP/UDP ports are segregated in three types.

• Well-known or System Ports – 0 to 1023
• Registered Ports – 1024 to 49151
• Dynamic, Private or Ephemeral Ports – 49152 to 65535

How to Change the Default SSH Port in Linux?

Changing the SSH port in Linux system is not a big deal and it can be done easily by making the change in the ssh.conf file.

I would advise users to take an additional care when you are making any changes in config files. I mean to say, make a copy of the config file before making any changes in that.

# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk

To do so, run the following command.

# sed -i 's/#Port 22/Port 2200/g' /etc/ssh/sshd_config

We can check the changes by running the following command.

# grep -w Port /etc/ssh/sshd_config Port 2200

How to Adjust Firewall to Allow the newly configured port for SSH?

Don’t forget to make a changes on your firewall before exit your session. If not, you can’t able to login back.

It means, you have to allow the new port in firewall for ssh access.

UFW is a default firewall for Ubuntu based systems. To adjust the UFW firewall, run the following command.

FirewallD is a default firewall tool for RHEL7/8 and CentOS 7 systems and it’s enabled by default so, we need to make a necessary changes by running the following command.

$ sudo firewall-cmd --permanent --zone=public --add-port=2200/tcp $ sudo firewall-cmd --reload

Also, we need to adjust the SELinux rules to allows the new SSH port.

$ sudo semanage port -a -t ssh_port_t -p tcp 2200

Make a note and you must insert the “INPUT” rule before the reject line based on your iptables line number.

# iptables -nvL --line-n Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 2162 205K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 990 32304 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 3 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 4 51 2988 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 5 215 15302 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

In my case the “reject” input rule sits on the fifth line, so I’m going to add a new rule in the fifth line.

For RHEL 6/CentOS 6 systems, run the following command to adjust a iptables rules.

$ sudo iptables -I INPUT 5 -p tcp --dport 2200 -m state --state NEW,ESTABLISHED -j ACCEPT $ sudo iptables -A OUTPUT -p tcp --sport 2200 -m state --state ESTABLISHED -j ACCEPT $ sudo service iptables save

Once you made all the above changes, it’s time to restart the ssh service.

$ sudo service sshd restart

For RHEL based systemd Systems.

$ sudo systemctl restart sshd

For Debian based systemd Systems.

$ sudo systemctl restart ssh

Now, check whether the SSH daemon is listening on the new port 2200 or not?

$ sudo netstat -tplugn | grep ssh tcp 0 0 0.0.0.0:2200 0.0.0.0:* LISTEN 1968/sshd tcp 0 0 . 2200 . * LISTEN 1968/sshd

Finally try to access the remote Linux system with standard port and the new SSH port and see the difference.

It’s throwing an error when i use the standard SSH port.

$ ssh 192.168.1.4 -l daygeek ssh: connect to host 192.168.1.4 port 22: Connection refused

But at the same time, it’s allowing me to login with the new SSH port.

$ sh 192.168.1.4 -l daygeek -p 2200 Password: Last login: Sun Jun 23 23:39:36 2019 from 192.168.1.6 Have a lot of fun.

I hope this tutorial helped you to change the default SSH port on Linux system. As always, if you found this article is useful, then subscribe to our free newsletter to get more latest tips and tricks about Linux.

Источник

Linux Port numbers

This is bit important post on understanding the ports, their details and numbers.

Some FAQ related PORTS

Q. What is a port?

A port is piece of software which is used as docking point in your machine, where remote application can communicate. This is analogy to the physical ports for entering in to a country from different sea ports.

Q. What is hardware port?

This is a physical peripheral connecting point to a machine from a physical device.

Q. What is a socket?

Socket is combination of software Port and IP address.

Q. What is the range of ports or how many ports are there?

Port numbers can vary from 0 to 65535, so total we can get 65536 ports

Q. Why port numbers are just 65536?

This is because limitation in TCP/IP stack where the port number field is just 16bit size. So we get only 2^16(2 to the power of 16) ports which are equal to 65536 available ports

Q. What are the well-known ports or assigned ports or default ports?

Well known ports are from 0 to 1023(total 2^10=1024 ports)

Q. What do you mean by default port?

Default port is a designated port for particular well-known service such as web server, mail server, ftp server etc. By default FTP uses 21 port, DNS uses 53 and Apache uses 80 port.

Q. Can we change default port for a service(example Apache, squid)?

Yes, we can change. In Apache and DNS we can change this using listen configuration entry in httpd.conf and named.conf. Squid have port entry in it’s squid.conf file to mention port number.

Q. What are the protocol numbers for TCP and UDP?

Do not confuse this one with port numbers. TCP and UDP have their own numbers in TCP/IP stack.

TCP protocol number: 6

UDP protocol number: 17

Q. Is there any way I can see all the port information in Linux?

Yes, you can get that from /etc/services files.

Q. How can I see open ports in Linux?

Well known ports

20 – FTP Data (For transferring FTP data)

21 – FTP Control (For starting FTP connection)

22 – SSH (For secure remote administration which uses SSL to encrypt the transmission)

23 – Telnet (For insecure remote administration)

25 – SMTP (Mail Transfer Agent for e-mail server such as SEND mail)

53 – DNS (Special service which uses both TCP and UDP)

69 – TFTP (Trivial file transfer protocol uses udp protocol for connection less transmission of data)

80 – HTTP/WWW(Apache)

88 – Kerberos

110 – POP3 (Mail delivery Agent)

123 – NTP (Network time protocol used for time syncing uses UDP protocol)

137 – NetBIOS (nmbd)

139 – SMB-Samba (smbd)

161 – SNMP (For network monitoring)

389 – LDAP (For centralized administration)

443 – HTTPS (HTTP+SSL for secure web access)

514 – Syslogd (udp port)

636 – ldaps (both ctp and udp)

989 – FTPS-data

2049 – NFS (nfsd, rpc.nfsd, rpc, portmap)

2401 – CVS server

3306 – MySql

6000-6063-X11

Note 1: If protocol(TCP or UDP) is not mention then the above port are solely for TCP. Some service use UDP as mention in above list.

Note 2: X11 use 6000 to 6063.. ports for connecting X11 from remote server.

Surendra Anne

Mr Surendra Anne is from Vijayawada, Andhra Pradesh, India. He is a Linux/Open source supporter who believes in Hard work, A down to earth person, Likes to share knowledge with others, Loves dogs, Likes photography. He works as Devops Engineer with Taggle systems, an IOT automatic water metering company, Sydney . You can contact him at surendra (@) linuxnix dot com.

Latest posts by Surendra Anne (see all)

• Docker: How to copy files to/from docker container — June 30, 2020
• Anisble: ERROR! unexpected parameter type in action: Fix — June 29, 2020
• FREE: JOIN OUR DEVOPS TELEGRAM GROUPS — August 2, 2019
• Review: Whizlabs Practice Tests for AWS Certified Solutions Architect Professional (CSAP) — August 27, 2018
• How to use ohai/chef-shell to get node attributes — July 19, 2018

Источник

Default Port Numbers You Need to Know as a Sysadmin

Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

One of the challenging tasks for an administrator is to remember the default port number.

You may remember the most common ones like HTTP, FTP, SSH but if you are working on various technology stacks then it’s difficult to remember all of them.

Here I have listed the default port numbers of various applications to help you in the real world.

Application/Web Servers

Name	Port Number
Tomcat Startup	8080
Tomcat Startup (SSL)	8443
Tomcat Shutdown	8005
Tomcat AJP Connector	8009
GlassFish HTTP	8080
GlassFish HTTPS	8181
GlassFish Admin Server	4848
Jetty	8080
Jonas Admin Console	9000
IHS Administration	8008
JBoss Admin Console	8080
WildFly Admin Console	9990
WebLogic Admin Console	7001
WAS Admin Console (SSL)	9043
WAS Admin Console	9060
WAS JVM HTTP	9080 (first one only)
WAS JVM HTTPS	9443 (first one only)
Alfresco Explorer/Share	8080
Apache Derby Network Server	1527
OHS	7777
OHS (SSL)	4443
Jenkins	8080
Administrative server	4848
HTTP	8080
HTTPS	8181
IIPO	3700
IIOP_SSL	3820
IIOP_MUTUALAUTH and mutual authentication	3920
JMX_ADMIN	8686

Well-Known Common Protocols

Name	Port Number
FTP	20 and 21
HTTP	80
HTTPS	443
LDAP	389
LDAP (SSL)	636
SNMP	161
SSH	22
Telnet	23
SMTP	25
Microsoft RDP	3389
DNS Service	53
NNTP	119
IMAP	143
IMAP (SSL)	993
DNS	53
DHCP server	67
DHCP client	68
TFTP	69
SNMPTRAP	162
POP	110
NTP	123
Netstat	15
ARPA	42
Windows Internet Name Service	42
WHOIS	43
TACACS	49
Kerbos	88
SFTP	115
Network News Transfer Protocol	119
VMNET	175
BGP	179
IMAP	220
Border Gateway Multicast Protocol	264
POP3	995
Telnet	992

Database/Datastore

Name	Port Number
DB2	50000
Redis Server	6379
Oracle Listener	1521
mongoDB	27017
MySQL	3306
MS SQL	1433
Memcached	11211
MariaDB	3306
SQL Service	156

Messaging/Transfer

Name	Port Number
MQ Listener	1414
IBM Connect:Direct	1364
RabbitMQ Web UI	15672
Tibco RV Daemon	7474
GoToMyPC	8200

Misc

Here is an infographic version which you can download or share with your friends.

Some of the abbreviations used in the above list

• WAS – WebSphere Application Server
• AJP – Apache JServ Protocol
• SSL – Secure Socket Layer
• HTTP – HyperText Transfer Protocol
• LDAP – Lightweight Directory Access Protocol
• SSH – Secure Shell
• SMTP – Simple Mail Transfer Protocol
• IHS – IBM HTTP Server
• NNTP – Network News Transport Protocol
• SNMP – Simple Network Management Protocol

I hope this cheat sheet helps you as a reference guide at your work. If you are looking to upgrade your skills then check out thousands of online courses here.

Источник