0
0
Cybersecurityknowledge~10 mins

Service and port management in Cybersecurity - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualPracticeChallengeProjectRecallTime
Concept Flow - Service and port management
Start: Identify Services
List Open Ports
Match Ports to Services
Decide Action
Allow
Update Firewall Rules
End
This flow shows how to identify running services, find their open ports, decide how to manage them, and apply security actions.
Execution Sample
Cybersecurity
Service: SSH
Port: 22
Action: Allow

Service: FTP
Port: 21
Action: Block
This example shows checking two services and deciding to allow SSH on port 22 but block FTP on port 21.
Analysis Table
StepServicePortCheck Open?DecisionAction Taken
1SSH22YesAllowFirewall rule added to allow port 22
2FTP21YesBlockFirewall rule added to block port 21
3HTTP80NoNo actionNo rule change
4SMTP25YesMonitorLogging enabled for port 25
5----Process complete
💡 All services checked; actions applied based on open ports and security policy.
State Tracker
VariableStartAfter Step 1After Step 2After Step 3After Step 4Final
Open Ports List[][22][22, 21][22, 21][22, 21, 25][22, 21, 25]
Firewall Rules{}{Allow 22}{Allow 22, Block 21}{Allow 22, Block 21}{Allow 22, Block 21}{Allow 22, Block 21}
Monitoring{}{}{}{}{Monitor 25}{Monitor 25}
Key Insights - 3 Insights
Why do we block some ports but allow others?
We block ports for services that are risky or not needed, like FTP on port 21 here (see step 2 in execution_table), to reduce attack surface. We allow trusted services like SSH on port 22 (step 1).
What happens if a port is not open?
If a port is not open, no action is needed (step 3). This means no service is listening there, so no firewall rule changes are required.
Why monitor some ports instead of blocking or allowing?
Monitoring (step 4) is used when we want to watch traffic for suspicious activity without blocking it, often for services that are sensitive or under review.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what action is taken for the FTP service at step 2?
AAllow port 21
BMonitor port 21
CBlock port 21
DNo action
💡 Hint
Check the 'Decision' and 'Action Taken' columns for step 2 in the execution_table.
At which step does the process decide no action is needed because the port is closed?
AStep 1
BStep 3
CStep 4
DStep 5
💡 Hint
Look for the step where 'Check Open?' is 'No' in the execution_table.
If the SSH port 22 was closed, how would the firewall rules change after step 1?
ANo change to firewall rules
BAdd rule to allow port 22
CAdd rule to block port 22
DEnable monitoring on port 22
💡 Hint
Refer to variable_tracker for Firewall Rules after step 1 and consider what happens if port is not open.
Concept Snapshot
Service and port management:
- Identify running services and their ports
- Check if ports are open
- Decide to allow, block, or monitor each port
- Apply firewall rules or monitoring accordingly
- Helps secure network by controlling access
Full Transcript
Service and port management involves identifying which services are running on a system and which ports they use. The process checks if these ports are open and then decides whether to allow traffic, block it, or monitor it for security reasons. For example, SSH on port 22 is often allowed for remote access, while FTP on port 21 may be blocked due to security risks. If a port is closed, no action is needed. Monitoring is used to watch traffic on sensitive ports without blocking it. This management helps protect the network by controlling which services can communicate through the firewall.