Should ports be visible to nmap?

No, you cannot hide a open port in any sensible way. The port accepting connections is what nmap tests, and is also the definition of an open port.

It may or may not be a security risk, and it may or may not be desirable. This depends on your needs and applications. If you don't run a webserver, there's no reason to leave it open. If you don't intend for postgresql to be reachable externally, there's no reason to allow it, and so forth.

You should allow only the traffic you need, and block other traffic. Which traffic this is you have to define yourself.

Tags:

Ports

Nmap

Network Scanners

Related

Why is breach-detection site "Have I Been Pwned" considered safe? Proprietary RF Protocol Security Is the data between a keyboard and a web browser secure from local computer applications? As an end user, what risk is there in browsing a public website that uses TLSv1? How to connect a Raspberry Pi IDS to the home router to detect intrusions network wide? Is it worth storing email addresses as hashes? Let's Encrypt is based in the US and subject to US laws How does full disk encryption cater for overprovisoned disk space in flash devices and can this result in data leakage? Does the destruction of sensitive information limit the choice of hard drives to non-flash based devices? Why is Gbt3fC79ZmMEFUFJ a weak password? How do I monitor what a penetration tester is doing? How can SSH server know private key is incorrect if passphrase havent been provided yet?

Recent Posts