I have a VPS using Ubuntu and yesterday I ran a command to scan which ports are opening, just found that port 53/tcp is open. Just our of curious, what does this port use for? why it is opened and can I close it?
Port 53 is used for dns server. If you need to run your own dns server in the server, you need to open the port 53 in firewall. DNS server example "BIND Open Source DNS Server". Otherwise keeps this port closed to avoid attacks via port 53.
In hosting, many of them using hosting provider DNS server to update the DNS records, your own dns server means by if you are running any DNS server like "BIND" (Open Source DNS Server) in the server, you should open the port 53 in the server.
We cannot assure that port 53 is closed by default. Many OS version comes with no firewall rules. You should check the IPTABLES rules by the command iptables -L . Its better if you can install CSF in the server, so that you can simply open or close the ports by editing the csf.conf.
Port 53 Is for DNS Service on your os . It is usually closed for most person who does not use DNS service on there machine. You can over close it by changing the rule in your firewall. I recommend review your need for DNS as this can become a great backup for DNS, if your provider fails or have a misstep.
Port 53 is used by DNS (Domain Name Service). A port can be open to inbound or outbound traffic. Since you did not specify in your original post, I am going to give scenarios for both:
It needs to be open for outbound traffic if you need any hostname resolution (for example you use a browser to go to google.com) using an external DNS service (that is, your DNS server is not the same machine). If you close this port, the server may not be able to resolve the IP address of google.com and therefore will not be able to access it.
It needs to be open for inbound traffic if your server is running a DNS server like BIND, so that your server will receive the queries from the computers using your DNS service.
Since you were able to check for open ports, I assume you know where to find your DNS settings, but if not, I can help if needed.
Port 53 is for DNS that is for domain name service. TCP and UDP both protocols use this ports.
When UDP uses the port 53 that time it is defined protocol to communicate depending on the application. Set of rules are defined which explains how data is communicated over the network.
TCP uses port 53 for "zone transfers" of full name record databases and UDP used for the individual lookup. In general, all DNS queries are sent from a high-numbered source port to destination port 53, and responses are sent from source port 53 to a high-numbered destination port.
The reality is that DNS queries may use transmission control protocol port 53 if UDP port fifty three isn't accepted. currently with the approaching readying of DNSSEC and also the ultimate addition of IPv6 we are going to ought to permit our firewalls for forward each transmission control protocol and UDP port fifty three packets.