What Is a Port Scanner?
A port scanner sends connection requests to TCP ports on a host and records which ones respond. Open ports indicate active services. Check your server: Port Scanner
Which Ports Should Be Open?
| Port | Service | Public? |
|---|---|---|
| 80 | HTTP | Yes (web servers) |
| 443 | HTTPS | Yes (web servers) |
| 22 | SSH | Whitelist IPs only |
| 3306 | MySQL | Never public |
| 5432 | PostgreSQL | Never public |
| 6379 | Redis | Never public |
| 27017 | MongoDB | Never public |
| 3389 | RDP | Never public |
Most Dangerous Open Ports
Port 3306 - MySQL
An open MySQL port is one of the most common data breach causes. Attackers constantly scan for exposed databases. MySQL should only be accessible from localhost or your app server private IP.
Port 27017 - MongoDB
Thousands of MongoDB databases have been wiped and ransomed because the default config binds to all interfaces. Always bind to 127.0.0.1 unless you specifically need remote access.
Port 6379 - Redis
Redis has no authentication by default. An open Redis port lets anyone read all cached data including sessions. Bind to localhost and set AUTH passwords.
How to Close Dangerous Ports
UFW (Ubuntu)
ufw deny 3306 | ufw deny 27017 | ufw deny 6379
AWS Security Groups
Edit your security group to remove any rules allowing 0.0.0.0/0 on database ports. Restrict SSH to your IP only.
Related Tools
- SSL Checker - Check SSL alongside port security
- WHOIS Lookup - Identify domain and hosting details
- IP Blacklist Checker - Check if your server IP is blacklisted
