How to close open ports using a python script or a shell script in python ??

apanimesh061 · 11-19-2011, 01:12 PM

Code:

#!/usr/bin/env python
from socket import * 

if __name__ == '__main__':

    import sys

    if ( len(sys.argv) != 2 ):
        print "Usage: " + sys.argv[0] + " you must enter IP or FQDN as argument"
        sys.exit(1)
	
    targetIP = gethostbyname(sys.argv[1])

    for i in range(20, 65535):
       	s = socket(AF_INET, SOCK_STREAM)
	result = s.connect_ex((targetIP, i))
       	if(result == 0) :
            print '%d' % (i)
	    s.close()

This code tells which ports are open on a computer !

Now if the code tells that prt 631, 50983 and 55783 are open, what should I do so that the user is asked which of the ports he wishes to use and then automatically close the other ports ???

All I know is that I can use "sudo ufw allow/deny <port>" ..... but how in a python script ??

Please Help !

sundialsvcs · 11-19-2011, 04:44 PM

ummmmm.... You probably don't want to attempt to do such a thing, because you are trusting "whoever might contrive to be running this program" to have the authority to use sudo!

Much better to inform him or her what ports are open, and then let the onus be upon them to close those ports by whatever means they deem to be appropriate.

theNbomr · 11-19-2011, 06:15 PM

This is an example of the confounding use of misleading terminology. The term 'open' makes it sound like there is some unguarded passageway into some computer, through which any and all data may pass. Nothing could be further from the truth. In reality, it means that some program has created a socket bound to a specific port, and is listening for distant clients to connect to the socket. The program that is listening (and nothing else) will handle the incoming traffic, and deal with it according to its purpose. Ports numbered below 1024, or some number thereabouts, are dedicated to specific services, and require root privileges to bind a socket to them. It is unlikely that these are untrustworthy. Other ports are available to non-root users, and again many of these have standard, conventional purposes. To 'close' any port described as 'open', would in most cases require you to kill the application that is listening on the open port(s).
The whole notion of 'open' ports being a matter of concern is, IMHO, overblown and probably perpetuated by cyber-Chicken-Littles.
You can, as you seem to point out with 'ufw' (which I assume is some sort of firewall tool), block network traffic in/out/through a host on the basis of ports, interfaces, protocols, sources and destinations. If that is what you want to do with your Python script, you should look at the use of iptables. Your Python script could craft iptables rules, and then invoke the iptables tool to create/delete/modify the rule set. Be aware that many services that most of us depend on routinely may be broken by blocking their network connections.

--- rod.

apanimesh061 · 11-20-2011, 12:31 AM

@sundialsvcs
You are correct .... but what if I just want to do that ?

@theNbomr
Thanx ! That was good info ! I'll try to do it ....