When it comes to security, there are many practices to implement in order to prevent attackers from learning about your server’s architecture and gaining access.
One of the very first steps is closing any unused ports after you have installed a software program. Unused ports allow foreign hosts to listen to your server and this could reveal information about your system’s network architecture. Another issue of having these unused ports opened is that it could lead to a buffer overflow, which is a major vulnerability.
Of course, not all ports are a risk to security, such as port 80 and 443; you need these to connect to the web server. However, the ports that cause major risks are the unnecessary ones.
We highly suggest to our clients to install a port scanning tool such as Nmap, also known as “network mapper”—it’s free, so why not! Nmap is a highly powerful and useful tool that could prevent your server from being harmed, but you must use this tool with caution. While this port scanning tool is helpful, it is bad etiquette to scan other servers without permission. This may set off alerts to their system administrator.
Below is a guide on how to install Nmap and a few commands to help you port scan.
Installing NMAP on CentOS 7
1. Install NMAP using the command below and press “y” to accept.
#yum install nmap
Top NMAP commands
1. To check what version your Nmap is.
#nmap -v
2. To scan your server/host for all opened and closed ports.
#nmap 192.168.1.7
You can also scan multiple IPs by adding a comma and space in between.
#nmap 192.168.1.7, 192.168.1.8, 192.168.1.9
3. If you would like to detect your operating system with verbose.
#nmap -O -v 192.168.1.7
4. If you are scanning a large subnet/network, you can use the –exclude command.
#nmap 192.168.1.0/24 –exclude 192.168.1.78
5. To show all packets being sent and received.
#nmap –packet-trace 192.168.1.7
6. A great way to debug your server is using the command below. It will display all interfaces and network configurations.
#nmap –iflist
7. If you have a large network, saving the output as a text file would be easier to read and to refer to. Use any Nmap commands and type > /insert/path/here/scan01.txt
#nmap -O -v 192.168.1.7 > /insert/path/here/scan01.txt
8. To initiate a ping only scan.
#nmap -sP 192.168.1.7
If you have any questions about Nmap, leave a comment below!
[…] up on our server security topic from last week, another great way to secure your server is through authentication using SSH […]
[…] we talked about how to secure your server using Nmap and how to block connections using the firewall iptables. But how can we check if what we did […]