Listing and closing open TCP ports

Hi,
For security reasons I would like to have as few open TCP ports as possible on my iMac, leaving open only those that I feel are worthwhile having enabled. How can I go about to
a) identify which TCP ports are currently open on the system
b) identify the processes that have opened the ports and understand the origin and purpose of those process
c) disable the processes that have ports open, if I feel that there is no good reason for having them open
I'm running OS X 10.9.4.
Thanks!
Fredrik

You can run "netstat" in the Terminal or maybe Network Utility to see open ports. However, all you should really do is make sure you don't have any sharing services enabled. Otherwise that is all you can do. Macs are not meant to be used as servers or in secure environments. They are strictly consumer machines. Apple has engineered them to be highly secure, but not configurable by the user. It is highly unlikely that any modifications that an end-user can make would do anything other than reduce security.

Similar Messages

  • Open TCP Ports on 9216i

    We are auditing open TCP ports on our network equipment and discovered a number of open TCP ports on our 9216i. Is there any way to tell what the open ports are used for and shut them down if unnecessary? The show tcp command is not available. show tech did not reveal anything.

    There is the standard set of ports that are open for mgmt by ssh, telnet, and SNMP v2 or v3. Additionally, there is port 80 open so you can point web browser to it and get the FM code. The list is as follows.
    Common to all applications
    * SSH 22 (TCP)
    * TELNET 23 (TCP)
    * HTTP 80 (TCP)
    * SYSLOG 514 (UDP)
    Fabric Manager Server and Performance Manager
    * SNMP_TRAP 2162 (UDP)
    * SNMP picks a random free local port (UDP) - (can be changed in server.properties)
    * Java RMI 9099, 9199 to 9299 (TCP)
    Fabric Manager Client
    * Java RMI 9099, 9199 to 9299 (TCP)
    * SNMP picks a random free local port. (UDP) or 9189 (TCP) if SNMP proxy is enabled (can be changed in server.properties)
    Device Manager
    * SNMP_TRAP 1163 to 1170 (UDP) (picks one available in this range)
    * SNMP picks a random free local port (UDP) or 9189 (TCP) if SNMP Proxy is enabled (can be changed in server.properties)
    You can shut off telnet in lieu of ssh in the configuration. Also, it is possible to use access-lists on the mgmt ports to limit IP addresses/ports/etc. Also, don't forget that the IPS ports will be listening for FCIP and ISCSI if enabled.

  • I am having trouble viewing iStore. It appears as if its a Flash issue, as several minutes after logging in to iStore I get a non-flash page of iStore in my iTunes window. I have re-installed everything and tried opening all ports in router....any ideas?

    I am having trouble viewing iStore. It appears as if its a Flash issue, as several minutes after logging in to iStore I get a non-flash page of iStore in my iTunes window. I have re-installed everything and tried opening all ports in router, and used msconfig to bring up each service individually to see if there is an effect.Flash and iTunes have been re-installed  ...any ideas?

    I agree. I don't rely on iCloud as a backup, that is what I have my portable hard drive for. Its 500 GB so I can hold my entire iTunes library several times over on it. I have all my movies on my hard drive, but somehow "The Mist" got deleted off of my hard drive, so I figured "Well, the option to redownload an already purchased movie is available through iCloud, I'll just do that!"
    And permissions and download availability have nothing to do with it, the movie's still there, it still allows me to redownload it. The only problem is when I click download, I get that message.
    And nobody else uses my computer, but I do have multiple accounts authorized on it. Even still though, I am attepmpting to download it through the account I purchased it under. :/

  • MacBook Pro is operating more and more slowly in opening and closing, opening and closing programs and accessing and closing from mobile broadband.  Is there a solution to this problem?

    MacBook Pro is operating more and more slowly in opening and closing, opening and closing programs and accessing and closing from mobile broadband.  Is there a solution to this problem?

    Did you try rebooting?

  • How to open TCP Port on my RV220 Firewall router?

    Hello,
    I have a windows 8 server for a LAN. This has a Cisco RV220W Firewall which is connected to the T1 router. In order to host a 3rd party video conferencing software I need to have the TCP 1935 port open. 
    I tried the following -
    1. Logged into my RV220W and added a rule using Manage Firewall Rules (Firewall-Access Control-Custome Services). Here I added a rule for TCP start port 1935 and Finish port 1935.
    2. Then I added an inbound rule on my Windows 8 server to open TCP 1935.
    However when I tested it using porttest.net, it said TCP 1935 is still closed. Can someone please let me know how can I open TCP 1935 port?
    Thanks,
    Abhi

    Hello
    your steps seems to be fine at first look, but somewhere in that chain there is probably something broken.
    what kind of service is on that server port?
    are you able to open connection from outside with telnet to Router WAN IP and port? example test from outside/internet:
    telnet X.X.X.X YYYY
    where X.X.X.X is WAN IP of Router and YYYY is port number.
    You can confirm that port forwarding is working on both devices:
    you can try to connect with computer between Router and Firewall and try that port on firewall.
    if previous test works, then for testing purposes move server to subnet between Router and Firewall and perform connectivity test from internet.

  • Unknown open TCP ports on router

    Anyone know how to close these open ports on my Cisco 7606 router?
    Anyone know what these TCP ports are used for?
    49   - Not sure what this one is other than what IANA reports about TCP port 49
    4510
    4509
    2222
    I'm sure I could add an ACL to block communications to my router based on this ports but would rather figure out how to close 'em so this already overloaded router doesn't have additional processing.
    Cisco-7606# sh tcp br all
    TCB       Local Address           Foreign Address           (state)
    12EFC1C0  172.16.8.3.14401        10.8.2.14.49              TIMEWAIT
    1CC4F57C  172.16.8.3.26963        10.8.2.14.49              TIMEWAIT
    1A419F90  0.0.0.0.4510            *.*                       LISTEN
    1C581740  0.0.0.0.4509            *.*                       LISTEN
    1A417BBC  0.0.0.0.2222            *.*                       LISTEN
    12FB03A8  10.8.10.2.2222          10.8.1.42.4690            CLOSEWAIT
    12FB099C  10.8.10.2.2222          10.8.1.42.2233            CLOSEWAIT
    12FA7DF0  10.10.0.3.2222          10.8.1.15.4878            CLOSEWAIT
    1CD47780  10.10.0.3.2222          10.8.1.15.3917            CLOSEWAIT
    1CDDBCE0  10.8.10.2.2222          10.8.1.42.3964            CLOSEWAIT
    Cisco-7606# sh ver | i image
    System image file is "disk0:c7600rsp72043-advipservicesk9-mz.122-33.SRD3.bin"
    Tks
    Frank

    Frank
    I can offer some suggestion about one of your port numbers. TCP port 49 is used for TACACS. If you are using TACACS for authentication, or authorization, or accounting then we know why port 49 is open and blocking TCP49 will prevent TACACS from working with your router.
    I have no insights or suggestions about the other port numbers that you mention.
    HTH
    Rick

  • Opening and closing Multiple TCP connection​s issues

    Hi all I am having an issue with the TCP VI’s and wondering if anyone has experienced this issue.
    My application is required to scan 50-100 IP addresses (statically assigned) and discover if an Ethernet device is connect at that IP address. Currently I am able to achieve this by opening a TCP connection and testing the error cluster to determine if a timeout has occurred (no timeout error  means Ethernet device available at the IP address). I then ensure that the TCP connections are closed.
    The issue I am have is that I require a 1 second delay between the  TCP open and the TCP close which significantly slows down the process. Without the 1 second delay the vi successfully connects to the device once then fails to make any TCP connect regardless of the time delay until the PC is reset.  
    If anyone has any advice I would be very grateful
    David Barr
    P.S. I have attached a simplified section of code showing this issue
    Attachments:
    TCP Open close issue.vi ‏15 KB

    smercurio_fc wrote:
    If I understand you correctly you want the time delay to be 1 second if there's a successful connection....
    While I don't have a specific answer for this problem. I want to clarify for him. I believe the issue is, what if all connections ARE there? That means you keep returning a wait of 1 second 50-100 times so It takes 50-100 seconds just to initialize. I think the user is looking for a way to check for valid connections, but do so in such a way that eliminates the need for a wait which is greatly slowing things down.
    CLA, LabVIEW Versions 2010-2013

  • OPEN TCP-Ports

    I've detected 4 open network-protzs on my Oracle 8.05 EE
    without configured MTS oder listener.
    Why ??
    Older releases (7.3.4 on other platforms) don't have this
    "problem".
    Any hints are wellcome
    So long
    Christian
    null

    There is the standard set of ports that are open for mgmt by ssh, telnet, and SNMP v2 or v3. Additionally, there is port 80 open so you can point web browser to it and get the FM code. The list is as follows.
    Common to all applications
    * SSH 22 (TCP)
    * TELNET 23 (TCP)
    * HTTP 80 (TCP)
    * SYSLOG 514 (UDP)
    Fabric Manager Server and Performance Manager
    * SNMP_TRAP 2162 (UDP)
    * SNMP picks a random free local port (UDP) - (can be changed in server.properties)
    * Java RMI 9099, 9199 to 9299 (TCP)
    Fabric Manager Client
    * Java RMI 9099, 9199 to 9299 (TCP)
    * SNMP picks a random free local port. (UDP) or 9189 (TCP) if SNMP proxy is enabled (can be changed in server.properties)
    Device Manager
    * SNMP_TRAP 1163 to 1170 (UDP) (picks one available in this range)
    * SNMP picks a random free local port (UDP) or 9189 (TCP) if SNMP Proxy is enabled (can be changed in server.properties)
    You can shut off telnet in lieu of ssh in the configuration. Also, it is possible to use access-lists on the mgmt ports to limit IP addresses/ports/etc. Also, don't forget that the IPS ports will be listening for FCIP and ISCSI if enabled.

  • Open TCP Port: 3839 amx-rms

    Port scan on localhost shows the above subject. What is it? Do I need this? If not, how do I get rid of it?

    Ended up finding out the issue had to with WPA2 session timeouts.
    For whatever reason we had the timeouts configured for 30 minutes, which means every 30 minutes the phones are forced to re-auth with the AP. This process was taking long enough that the  KeepAlive handshake between the phones and the call managers would fail, resulting in an abnormal unregister.
    I've since bumped the value up to 12 hours and magically, the phones don't drop.
    Now I get to battle some QoS and/or WiFi interference issues. yay!

  • I just completed a keynote presentation, but it will not "play"...I just get a blank slide (probably the final slide) when I hit the play button, even though I can see all the slides are in the list and will open as I click on them. HELP!

    I just completed a keynote presentation but it will not "Play".  I can see the slides are in place, but all that comes to the screen when I hit the play arrow is the last, blank, slide. HELP!

    At the risk of stating the obvious, is your first slide highlighted before you hit play?  You mentioned the last blank slide shows up which could mean you have that last slide highlighted.  If the last slide is highlighted and you hit play then that is the slide that will show up and if it's your last slide that is all you will see. 
    Make sense?

  • My mouse/trackpad are completely out of control. The cursor/arrow is flying all over the screen and closing/opening windows. What is the solution to this? Downloading windows for Mac?

    So far I'm dissapointed with Mac O/S .....so many areas lack common sense, require unnessary extra clicks and is not as customizable as Windows. It's like Apple thinks you are a child and not entitled to choose for yourself so that they can control your info for you.
    The mouse/trackpad problem is a major issue that Apple should be proactive in offering a solution for. If anyone has a solution to this I'd be greateful to hear it.
    Thanks, 

    Is this the first time you're using a Mac?
    If so the learning curve is somewhat steep - but, if you put in the time and use this knowledge base whenever you run into issues you'll be up to speed soon enough.
    With regards to the trackpad/mouse, you can adjust the sensitivity by:
    1. Click the Apple Logo on the top left hard corner of your screen
    2. Click System Preferences
    3. Click Trackpad
    Adjust the tracking speed to your specifications.
    Also familiarise yourself with the gestures (activate the ones you can remember)
    To go back to the menue by clicking Show All
    4. Click Mouse
    Adjust your mouse settings to your specification.
    And why use mac?
    It just works...
    (most of the time ;p)

  • UDP and TCP ports

    Hi:
    I have a question. As we know, scanning TCP ports is a lot eaiser than UDP ports because active UDP ports don't respond and there are other reasons as well.
    try{
    Socket soc= new Scoket(address, portnumber);
    catch(Throwable e){ System.out.println(e)}
    look at the code above, it can only tell you active TCP ports for the Throwable e tells you nothing about UDP ports. An active UDP port doesn' respond to the connection call "soc". Therefore it will throw an exception(connection refused) after trying to connect an active UDP port. This exception is just like those of closed TCP ports.
    What i am saying is that active UDP ports will be treated the same as closed TCP ports. They are hidden in closed TCP ports. How do i sift them out? Any solutions?

    I am basically trying to determine how many UDP and TCP ports on a machine are open. Open TCP ports are easy to see. But UDP ports are tricky. Can you please tell me more in detail using a datagram socket?

  • Open tcp 21 port in asr 1001

    Hi everyone!
    Some times ago i noted, that our asr 1001 has open tcp port 21, however i couldn't find service in one, which links with ftp. When i execute telnet ip_asr 21, i receive rst,ack from asr. It's ok, but i want to disable this port. Did anybody meet with it? And how i can look  open and listen ports on ios xe?
    Thanks in advance.

    I would add it via ipfw in a terminal window. Then it will be there
    when you restart.

  • Open and closed cursor

    I have some doubts/questions .
    What is the difference between open and closed cursor?
    Are library cache locks same as parse locks?
    What is the difference between latch and mutex?
    I would be grateful if experts could answer these questions.
    Regards

    Almost correct. The terminology is however nor correct.
    Simplistically:
    The SQL engine receives a SQL. It attempts a soft parse first. This means looking for an existing cursor in the Shared Pool with the same SQL. This existing cursor can be in use by other sessions. It does not matter - if that cursor is in used (opend by other sessions), or not. It may not be in use at all and simply sitting there in the cache. If such a cursor is found, it is used for that session's SQL - and that session gets a cursor handle (reference/pointer) to that existing cursor.
    If the SQL engine does not find an existing cursor to use, it needs to create a brand new cursor in the Shared Pool. This is a hard parse. Again, the session receives a cursor handle for that new cursor created.
    And that is it.
    You now need to decide how to use that cursor handle. The cursor itself is a program. You have a handle to execute that cursor program. Via its bind interface you can input data to this cursor program. Then execute it and receive (fetch) output of that cursor program.
    So the ideal is to re-use the cursor handle again and again.
    Basic example: the following is not optimal as the same cursor is opened and closed, opened and closed, for each read from the file. A lot of soft parsing results.
    while not-eof( filehandle )   // read data from a file
      read file data into var1, var2
      open cursor for 'insert into testtab values( :1, :2)'   // create a cursor
      bind cursor :1 = var, :2 = var2  // bind values to cursor (for insert)
      exec cursor // do SQL insert
      close cursor 
    end whileThis is a lot better. A single cursor is used and executed again and again:
    open cursor for 'insert into testtab values( :1, :2)'   // create a cursor
    while not-eof( filehandle )   // read data from a file
      read file data into var1, var2
      bind cursor :1 = var, :2 = var2  // bind values to cursor (for insert)
      exec cursor // do SQL insert
    end while
    close cursor  In this case a single soft/hard parse - and the client uses that cursor handle to execute that cursor (insert data) program again and again.

  • Open UDP Ports on AirPort Extreme

    I need to open a few UDP Ports on my new AirPort Extreme so that the software that is running on my network can access the internet over those ports and the software can be accessed from the internet as well. I can find in the AirPort Extreme manual how to open TCP ports but not UDP. I have the list of ports I need to open, but can't find where to configure them in the router firmware.
    I would like help on where to configure these ports. Thank you.

    If you are using the Airport Utility on the Airport Extreme N Base Station, the port mapping screen should look like what you see on page 56 of the manual "Designing Airport Networks" found at:
    http://manuals.info.apple.com/en/DesigningAirPort_Networks_Using_AirPortUtility.pdf
    ...and it clearly shows how/where to specify UDP and TCP ports.

Maybe you are looking for

  • How to convert a workbook into PDF and broadcast as Email attachment

    Hello Gurus, i have installed the ADS (Adobe Document services). I would like to broadcast workbooks as a pdf file to some user. When i open the workbook and go to Broadcast --> Setup a broadcast setting for this workbook. The distribution type is Br

  • HT1918 why do i have to create a new itunes account because I moved to Canada from the U.S.?

    why do i have to create a new itunes account because I moved to Canada from the U.S.?( My current account won't let me change my address to canada so my billing address for account is incorrect, making it impossible for me to buy anything). Will it a

  • External monitor and bootcamp

    hi guys, my external monitor works perfect with leopard but with windowsxp don´t and it goes on blue screen error. Seems to be tipical windows drivers problem. Any idea? Thanks!

  • Contact Center query

    Dear Gents, I have a question regarding contact center, let's start with the existing scenario: There is a simple contact center script with multiple menu options for the caller to choose one of them let's say, 1 ènew subscription, 2 è complains, -.e

  • JTA - many tlogs being produced but with 0 bytes

    Hi there, We have an old application running on WebLogic 6.1. At the moment we experiencing hundreds of 'myserver_xxxx.tlog' files (with a zero size) being created every day which is causing disk directory problems. The Weblogic documentation (well 8