Linux(CentOS 7) 安全加固之非业务端口服务关闭 postfix port 25

关闭TCP 25 端口对应的服务

[0 root@Qvps /root] #cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
[0 root@Qvps /root] #uname -r
3.10.0-1160.el7.x86_64

1. 确认对应端口的进程

#ss -ntl
State      Recv-Q Send-Q                              Local Address:Port                                             Peer Address:Port
LISTEN     0      100                                     127.0.0.1:25                                                          *:*
LISTEN     0      128                                             *:22                                                          *:*
LISTEN     0      100                                         [::1]:25                                                       [::]:*
LISTEN     0      128                                          [::]:22                                                       [::]:*
#netstat -antlp | grep  25
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      695/master
tcp6       0      0 ::1:25                  :::*                    LISTEN      695/master
[0 root@Qvps /data] #ps aux | grep 695
root       695  0.0  0.1  89708  2076 ?        Ss   08:34   0:00 /usr/libexec/postfix/master -w
root     13526  0.0  0.0 112816   944 pts/0    S+   09:26   0:00 grep --color=auto 695

# rpm -qf ‘/usr/libexec/postfix/master‘
postfix-2.10.1-9.el7.x86_64

2. 查找与关闭对应服务

# chkconfig --list

Note: This output shows SysV services only and does not include native
      systemd services. SysV configuration data might be overridden by native
      systemd configuration.

      If you want to list systemd services use ‘systemctl list-unit-files‘.
      To see services enabled on particular target use
      ‘systemctl list-dependencies [target]‘.

netconsole     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
network        	0:off	1:off	2:off	3:off	4:off	5:off	6:off

#systemctl list-unit-files | grep post
postfix.service                               enabled

#systemctl disable --now postfix.service
Removed symlink /etc/systemd/system/multi-user.target.wants/postfix.service.

3. 确认结果,端口已关闭

[0 root@Qvps /data] #systemctl list-unit-files | grep postfix
postfix.service                               disabled
[0 root@Qvps /data] #ps aux | grep postf
root     13743  0.0  0.0 112812   944 pts/0    S+   09:29   0:00 grep --color=auto postf
[0 root@Qvps /data] #ss -ntl
State      Recv-Q Send-Q                              Local Address:Port                                             Peer Address:Port
LISTEN     0      128                                             *:22                                                          *:*
LISTEN     0      128                                          [::]:22                                                       [::]:*

Linux(CentOS 7) 安全加固之非业务端口服务关闭 postfix port 25

上一篇:shell学习1


下一篇:Linux常用命令