Operation and MaintenanceLinux Operation and MaintenanceHow to set up your CentOS system to block port scans from outside attackersHow to set up your CentOS system to block port scans from outside attackers
How to set up a CentOS system to prevent port scanning by external attackers
Abstract:
With the continuous development of the Internet, network security issues are becoming more and more prominent. External attackers often use port scanning to find security holes in systems. To protect our systems, we need to take steps to block these scans. This article will introduce how to set up a CentOS system to prevent port scanning by external attackers and provide relevant code examples.
1. Install and configure the firewall
The CentOS system comes with the firewalld firewall. We can limit port scanning of the system by configuring the firewall.
1. Install firewalld:
sudo yum install firewalld
2. Start the firewalld service:
sudo systemctl start firewalld
3. Set firewalld to start automatically at boot :
sudo systemctl enable firewalld
4. Check the firewalld status:
sudo firewall-cmd --state
2. Add port rules
We can use the firewalld command to Add port rules to block port scans by external attackers.
1. View the ports opened by the system:
sudo firewall-cmd --list-ports
2. Add the ports that are allowed to be accessed:
sudo firewall-cmd --add -port=80/tcp --permanent
sudo firewall-cmd --add-port=443/tcp --permanent
3. Remove the default open port:
sudo firewall-cmd --remove-service=http --permanent
sudo firewall-cmd --remove-service=https --permanent
4. Reload firewalld configuration:
sudo firewall-cmd --reload
3. Disable ICMP responses
In addition to restricting port access, we can also disable ICMP responses, which can effectively prevent external attackers from performing regular ping scans.
1. Disable ICMP response:
sudo firewall-cmd --permanent --add-rich-rule='rule protocol value="icmp" drop'
2. Reload firewalld configuration:
sudo firewall-cmd --reload
4. Turn on SYN Cookie protection
SYN Cookie is a mechanism to prevent DoS and DDoS attacks. By turning on SYN Cookie protection, we can effectively Prevent external attackers from performing port scans on your system.
1. Turn on SYN Cookie protection:
sudo echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
sudo sysctl -p
2. Reload the sysctl configuration:
sudo sysctl --system
5. Restrict SSH access
SSH is one of the commonly used intrusion methods by external attackers. We can reduce the system by restricting SSH access. Risk of attack.
1. Edit the SSH configuration file:
sudo vi /etc/ssh/sshd_config
2. Uncomment the following line and modify it to the specified port and IP:
Port 22
PermitRootLogin yes
PasswordAuthentication yes
AllowUsers user_name@ip_address
3. Save the file and restart the SSH service:
sudo service sshd restart
6. Monitoring system logs
Finally, we should regularly monitor the system logs to detect and respond to possible attacks in a timely manner.
1. View the system log:
sudo tail -f /var/log/messages
Code example:
1. Add ports that allow access to ports 80 and 443 Rules:
sudo firewall-cmd --add-port=80/tcp --permanent
sudo firewall-cmd --add-port=443/tcp --permanent
2. Disable ICMP Example of response:
sudo firewall-cmd --permanent --add-rich-rule='rule protocol value="icmp" drop'
3. Example of turning on SYN Cookie protection:
sudo echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
sudo sysctl -p
Summary:
By installing and configuring the firewall, adding port rules, and disabling By taking measures such as ICMP response, enabling SYN Cookie protection and restricting SSH access, we can effectively prevent port scanning by external attackers and improve system security. At the same time, we should also monitor system logs regularly to detect and respond to potential attacks in a timely manner. Only by comprehensively applying various security measures can we better protect our systems from the threat of external attacks.
The above is the detailed content of How to set up your CentOS system to block port scans from outside attackers. For more information, please follow other related articles on the PHP Chinese website!
Linux Operations: Understanding the Core FunctionalityMay 03, 2025 am 12:09 AMLinux is a Unix-based multi-user, multi-tasking operating system that emphasizes simplicity, modularity and openness. Its core functions include: file system: organized in a tree structure, supports multiple file systems such as ext4, XFS, Btrfs, and use df-T to view file system types. Process management: View the process through the ps command, manage the process using PID, involving priority settings and signal processing. Network configuration: Flexible setting of IP addresses and managing network services, and use sudoipaddradd to configure IP. These features are applied in real-life operations through basic commands and advanced script automation, improving efficiency and reducing errors.
Linux: Entering and Exiting Maintenance ModeMay 02, 2025 am 12:01 AMThe methods to enter Linux maintenance mode include: 1. Edit the GRUB configuration file, add "single" or "1" parameters and update the GRUB configuration; 2. Edit the startup parameters in the GRUB menu, add "single" or "1". Exit maintenance mode only requires restarting the system. With these steps, you can quickly enter maintenance mode when needed and exit safely, ensuring system stability and security.
Understanding Linux: The Core Components DefinedMay 01, 2025 am 12:19 AMThe core components of Linux include kernel, shell, file system, process management and memory management. 1) Kernel management system resources, 2) shell provides user interaction interface, 3) file system supports multiple formats, 4) Process management is implemented through system calls such as fork, and 5) memory management uses virtual memory technology.
The Building Blocks of Linux: Key Components ExplainedApr 30, 2025 am 12:26 AMThe core components of the Linux system include the kernel, file system, and user space. 1. The kernel manages hardware resources and provides basic services. 2. The file system is responsible for data storage and organization. 3. Run user programs and services in the user space.
Using Maintenance Mode: Troubleshooting and Repairing LinuxApr 29, 2025 am 12:28 AMMaintenance mode is a special operating level entered in Linux systems through single-user mode or rescue mode, and is used for system maintenance and repair. 1. Enter maintenance mode and use the command "sudosystemctlisolaterscue.target". 2. In maintenance mode, you can check and repair the file system and use the command "fsck/dev/sda1". 3. Advanced usage includes resetting the root user password, mounting the file system in read and write mode and editing the password file.
Linux Maintenance Mode: Understanding the PurposeApr 28, 2025 am 12:01 AMMaintenance mode is used for system maintenance and repair, allowing administrators to work in a simplified environment. 1. System Repair: Repair corrupt file system and boot loader. 2. Password reset: reset the root user password. 3. Package management: Install, update or delete software packages. By modifying the GRUB configuration or entering maintenance mode with specific keys, you can safely exit after performing maintenance tasks.
Linux Operations: Networking and Network ConfigurationApr 27, 2025 am 12:09 AMLinux network configuration can be completed through the following steps: 1. Configure the network interface, use the ip command to temporarily set or edit the configuration file persistence settings. 2. Set up a static IP, suitable for devices that require a fixed IP. 3. Manage the firewall and use the iptables or firewalld tools to control network traffic.
Maintenance Mode in Linux: A System Administrator's GuideApr 26, 2025 am 12:20 AMMaintenance mode plays a key role in Linux system management, helping to repair, upgrade and configuration changes. 1. Enter maintenance mode. You can select it through the GRUB menu or use the command "sudosystemctlisolaterscue.target". 2. In maintenance mode, you can perform file system repair and system update operations. 3. Advanced usage includes tasks such as resetting the root password. 4. Common errors such as not being able to enter maintenance mode or mount the file system, can be fixed by checking the GRUB configuration and using the fsck command.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
WebStorm Mac version
Useful JavaScript development tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
