{"id":2397,"date":"2025-07-11T10:21:05","date_gmt":"2025-07-11T10:21:05","guid":{"rendered":"https:\/\/teknodc.net\/blog\/?p=2397"},"modified":"2025-07-11T10:21:05","modified_gmt":"2025-07-11T10:21:05","slug":"sunucu-guvenligi-icin-port-yonetimi-nasil-yapilir","status":"publish","type":"post","link":"https:\/\/teknodc.net\/blog\/sunucu-guvenligi-icin-port-yonetimi-nasil-yapilir\/","title":{"rendered":"Sunucu G\u00fcvenli\u011fi \u0130\u00e7in Port Y\u00f6netimi Nas\u0131l Yap\u0131l\u0131r?"},"content":{"rendered":"<h2>Sunucu G\u00fcvenli\u011fi \u0130\u00e7in Port Y\u00f6netimi Nas\u0131l Yap\u0131l\u0131r?<\/h2>\n<p>G\u00fcn\u00fcm\u00fcz dijital \u00e7a\u011f\u0131nda, i\u015fletmelerin ve bireylerin \u00e7evrimi\u00e7i varl\u0131klar\u0131n\u0131 korumas\u0131 her zamankinden daha kritik. \u0130nternet \u00fczerinden hizmet veren sunucular, siber sald\u0131rganlar i\u00e7in cazip hedefler haline gelmi\u015f durumda. Bu sald\u0131r\u0131lar\u0131n \u00f6nemli bir k\u0131sm\u0131, sunucular \u00fczerindeki zafiyetlerden, \u00f6zellikle de yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f veya gereksiz yere a\u00e7\u0131k b\u0131rak\u0131lm\u0131\u015f a\u011f portlar\u0131ndan kaynaklan\u0131yor. \u0130\u015fte bu noktada, port y\u00f6netimi kavram\u0131 devreye girerek sunucu g\u00fcvenli\u011fi i\u00e7in hayati bir \u00f6neme sahip oluyor. Peki, sunucular\u0131m\u0131z\u0131n g\u00fcvenli\u011fini sa\u011flamak ve olas\u0131 tehditleri minimize etmek i\u00e7in port y\u00f6netimi nas\u0131l yap\u0131l\u0131r ve a\u00e7\u0131k port taramas\u0131 neden bu kadar \u00f6nemlidir? Bu yaz\u0131m\u0131zda, etkili bir port y\u00f6netiminin ad\u0131mlar\u0131n\u0131, \u00f6nemini ve bu s\u00fcre\u00e7te dikkat etmeniz gerekenleri detayl\u0131ca ele alaca\u011f\u0131z.<\/p>\n<h3>Port Y\u00f6netimi Nedir ve Neden Sunucu G\u00fcvenli\u011fi \u0130\u00e7in Kritiktir?<\/h3>\n<p>Port y\u00f6netimi, bir sunucunun veya a\u011f cihaz\u0131n\u0131n \u00fczerindeki ileti\u015fim noktalar\u0131n\u0131 (portlar\u0131) izleme, yap\u0131land\u0131rma ve kontrol etme s\u00fcrecidir. \u0130nternet \u00fczerindeki her <a href=\"\/virtualprivateserver\">sunucu<\/a>, farkl\u0131 hizmetleri (web sunucusu i\u00e7in 80\/443, SSH i\u00e7in 22, FTP i\u00e7in 21 vb.) sunmak i\u00e7in belirli portlar\u0131 kullan\u0131r. Bu portlar, d\u0131\u015f d\u00fcnyadan gelen ba\u011flant\u0131 isteklerini kabul eder. Ancak, gereksiz yere a\u00e7\u0131k b\u0131rak\u0131lan veya k\u00f6t\u00fc yap\u0131land\u0131r\u0131lm\u0131\u015f portlar, siber sald\u0131rganlar i\u00e7in potansiyel giri\u015f kap\u0131lar\u0131na d\u00f6n\u00fc\u015febilir.<\/p>\n<p>Etkili bir port y\u00f6netimi olmadan, bir sald\u0131rgan kolayca zay\u0131f veya savunmas\u0131z bir portu bulabilir ve bu port \u00fczerinden sisteme s\u0131zabilir. Bu nedenle, sadece ihtiya\u00e7 duyulan portlar\u0131 a\u00e7mak ve di\u011ferlerini kapal\u0131 tutmak, <a href=\"\/dedicated\">sunucu<\/a> g\u00fcvenli\u011fi i\u00e7in birincil savunma hatt\u0131n\u0131 olu\u015fturur. Bu, &#8220;en az ayr\u0131cal\u0131k&#8221; ilkesinin a\u011f g\u00fcvenli\u011findeki kar\u015f\u0131l\u0131\u011f\u0131d\u0131r.<\/p>\n<h3>A\u00e7\u0131k Port Taramas\u0131: Zafiyetleri Belirleme Ad\u0131m\u0131<\/h3>\n<p>A\u00e7\u0131k port taramas\u0131, bir sunucunun veya a\u011f cihaz\u0131n\u0131n d\u0131\u015f d\u00fcnyaya a\u00e7\u0131k olan portlar\u0131n\u0131 tespit etmek i\u00e7in yap\u0131lan bir g\u00fcvenlik denetimidir. Bu taramalar, siber sald\u0131rganlar\u0131n kulland\u0131\u011f\u0131 y\u00f6ntemlere benzer \u015fekilde \u00e7al\u0131\u015f\u0131r; ancak ama\u00e7, potansiyel g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 sald\u0131rganlardan \u00f6nce belirleyip kapatmakt\u0131r. D\u00fczenli olarak a\u00e7\u0131k port taramas\u0131 yapmak, <a href=\"\/gpuvpsserver\">sunucu<\/a> g\u00fcvenli\u011fi stratejisinin olmazsa olmaz bir par\u00e7as\u0131d\u0131r.<\/p>\n<p>Piyasada Nmap gibi bir\u00e7ok \u00fccretsiz ve ticari a\u00e7\u0131k port taramas\u0131 arac\u0131 bulunmaktad\u0131r. Bu ara\u00e7lar, belirli bir IP adresindeki t\u00fcm portlar\u0131 tarayarak, hangi portlar\u0131n a\u00e7\u0131k, kapal\u0131 veya filtrelenmi\u015f oldu\u011funu g\u00f6sterir. Taramalar\u0131n sonu\u00e7lar\u0131, a\u015fa\u011f\u0131daki gibi kritik bilgiler sa\u011flar:<\/p>\n<ul>\n<li><b>Gereksiz A\u00e7\u0131k Portlar:<\/b> Kullan\u0131lmayan veya bilinmeyen bir servise ait olan ancak hala d\u0131\u015f d\u00fcnyaya a\u00e7\u0131k olan portlar. Bunlar hemen kapat\u0131lmal\u0131d\u0131r.<\/li>\n<li><b>Standart Olmayan Port Kullan\u0131m\u0131:<\/b> Bilinen servislerin standart d\u0131\u015f\u0131 portlarda \u00e7al\u0131\u015f\u0131p \u00e7al\u0131\u015fmad\u0131\u011f\u0131. Bu bazen g\u00fcvenlik i\u00e7in yap\u0131lsa da, yanl\u0131\u015f yap\u0131land\u0131r\u0131ld\u0131\u011f\u0131nda g\u00f6zden ka\u00e7abilir.<\/li>\n<li><b>Hizmet S\u00fcr\u00fcmleri:<\/b> Baz\u0131 taray\u0131c\u0131lar, a\u00e7\u0131k portta \u00e7al\u0131\u015fan hizmetin s\u00fcr\u00fcm\u00fcn\u00fc de tespit edebilir. Eski veya bilinen zafiyetleri olan s\u00fcr\u00fcmlerin g\u00fcncellenmesi gerekir.<\/li>\n<\/ul>\n<p>A\u00e7\u0131k port taramas\u0131n\u0131 d\u00fczenli olarak yapmak, proaktif bir yakla\u015f\u0131mla g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 tespit etmenizi ve kapatman\u0131z\u0131 sa\u011flar.<\/p>\n<h3>Etkili Port Y\u00f6netimi Nas\u0131l Yap\u0131l\u0131r?<\/h3>\n<p>Etkili bir port y\u00f6netimi i\u00e7in izlenmesi gereken ad\u0131mlar \u015funlard\u0131r:<\/p>\n<p><b>1-)\u0130htiya\u00e7 Analizi ve Envanter \u00c7\u0131karma:<\/b><\/p>\n<p>Sunucular\u0131n\u0131zda \u00e7al\u0131\u015fan t\u00fcm hizmetleri ve bu hizmetlerin hangi portlar\u0131 kulland\u0131\u011f\u0131n\u0131 detayl\u0131ca belgeleyin. Her portun neden a\u00e7\u0131k olmas\u0131 gerekti\u011fini (veya kapal\u0131 kalmas\u0131 gerekti\u011fini) anlay\u0131n. Bu, sunucu g\u00fcvenli\u011fi i\u00e7in ilk ve en temel ad\u0131md\u0131r.<\/p>\n<p><b>2-)Varsay\u0131lan Portlar\u0131n Kapat\u0131lmas\u0131 veya De\u011fi\u015ftirilmesi:<\/b><\/p>\n<p>Kullan\u0131lmayan t\u00fcm varsay\u0131lan portlar\u0131 (\u00f6rne\u011fin eski veya gereksiz hizmetler i\u00e7in) kapat\u0131n. M\u00fcmk\u00fcnse, SSH (22), RDP (3389) gibi hassas hizmetlerin standart portlar\u0131n\u0131 de\u011fi\u015ftirerek basit taramalarla tespit edilmelerini zorla\u015ft\u0131r\u0131n.<\/p>\n<p><b>3-)G\u00fcvenlik Duvar\u0131 (Firewall) Kurallar\u0131:<\/b><\/p>\n<p>G\u00fcvenlik duvar\u0131n\u0131z\u0131, sadece belirli IP adreslerinden veya a\u011flardan gelen trafi\u011fe belirli portlar \u00fczerinden eri\u015fime izin verecek \u015fekilde yap\u0131land\u0131r\u0131n. Genel &#8220;her \u015feye izin ver&#8221; kurallar\u0131ndan ka\u00e7\u0131n\u0131n. \u00d6rne\u011fin, SSH eri\u015fimini sadece belirli bir y\u00f6netim IP adresine k\u0131s\u0131tlay\u0131n. Bu, port y\u00f6netiminin kilit noktas\u0131d\u0131r.<\/p>\n<p><b>4-)En Az Ayr\u0131cal\u0131k \u0130lkesi:<\/b><\/p>\n<p>Her zaman &#8220;en az ayr\u0131cal\u0131k&#8221; ilkesini uygulay\u0131n. Bir hizmetin veya kullan\u0131c\u0131n\u0131n yaln\u0131zca \u00e7al\u0131\u015fmas\u0131 i\u00e7in kesinlikle gerekli olan portlara ve kaynaklara eri\u015fimi olmal\u0131d\u0131r.<\/p>\n<p><b>5-)D\u00fczenli A\u00e7\u0131k Port Taramas\u0131 ve Zafiyet Denetimi:<\/b><\/p>\n<p>Periyodik olarak sunucular\u0131n\u0131zda a\u00e7\u0131k port taramas\u0131 yap\u0131n. Bu taramalar\u0131n sonu\u00e7lar\u0131n\u0131 \u00f6nceki envanterinizle kar\u015f\u0131la\u015ft\u0131r\u0131n ve herhangi bir anormalli\u011fi veya yeni a\u00e7\u0131lm\u0131\u015f gereksiz portu hemen kapat\u0131n. Ayr\u0131ca, d\u00fczenli zafiyet taramalar\u0131yla bilinen g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 da kontrol edin.<\/p>\n<p><b>6-)Yamalar ve G\u00fcncellemeler:<\/b><\/p>\n<p>\u0130\u015fletim sistemi ve t\u00fcm yaz\u0131l\u0131mlar\u0131n g\u00fcncel oldu\u011fundan emin olun. Bir\u00e7ok g\u00fcvenlik a\u00e7\u0131\u011f\u0131, eski veya yamalanmam\u0131\u015f yaz\u0131l\u0131m s\u00fcr\u00fcmlerinden kaynaklan\u0131r.<\/p>\n<p><b>7-)G\u00fcnl\u00fck Kay\u0131tlar\u0131n\u0131n \u0130zlenmesi (Log Monitoring):<\/b><\/p>\n<p>G\u00fcvenlik duvar\u0131 ve <a href=\"\/gpuvpsserver\">sunucu<\/a> g\u00fcnl\u00fcklerini d\u00fczenli olarak izleyin. \u015e\u00fcpheli ba\u011flant\u0131 giri\u015fimleri veya port taramalar\u0131 hakk\u0131nda erken uyar\u0131lar alabilirsiniz.<\/p>\n<p>Etkin port y\u00f6netimi, <a href=\"https:\/\/www.google.com\/search?q=sunucu+site%3Ateknodc.net&amp;oq=sunucu+site%3A&amp;gs_lcrp=EgZjaHJvbWUqCAgAEEUYJxg7MggIABBFGCcYOzIGCAEQRRg5MggIAhAAGBYYHjIICAMQABgWGB4yCAgEEAAYFhgeMggIBRAAGBYYHjIICAYQABgWGB4yCAgHEAAYFhgeMggICBAAGBYYHjIICAkQABgWGB7SAQkxMzc1NGowajeoAgCwAgA&amp;sourceid=chrome&amp;ie=UTF-8\">sunucu<\/a> g\u00fcvenli\u011fini sa\u011flamak i\u00e7in temel bir ad\u0131md\u0131r. D\u00fczenli a\u00e7\u0131k port taramas\u0131 ve proaktif g\u00fcvenlik \u00f6nlemleriyle, sunucular\u0131n\u0131z\u0131n olas\u0131 sald\u0131r\u0131lara kar\u015f\u0131 direncini \u00f6nemli \u00f6l\u00e7\u00fcde art\u0131rabilirsiniz. Unutmay\u0131n, g\u00fcvenlik dinamik bir s\u00fcre\u00e7tir ve s\u00fcrekli dikkat ve g\u00fcncellemeler gerektirir.<\/p>\n<h3>S\u0131k\u00e7a Sorulan Sorular (SSS)<\/h3>\n<ul>\n<li>\n<h4><b>Port y\u00f6netimi neden sunucu g\u00fcvenli\u011fi i\u00e7in bu kadar \u00f6nemlidir?<\/b><\/h4>\n<\/li>\n<\/ul>\n<p>Port y\u00f6netimi, sunuculara gelen ve giden trafi\u011fi kontrol ederek yetkisiz eri\u015fimi engellemenin temelidir. Gereksiz a\u00e7\u0131k portlar, siber sald\u0131rganlar i\u00e7in kolay birer giri\u015f noktas\u0131 olu\u015fturur, bu nedenle sadece gerekli portlar\u0131 a\u00e7\u0131k tutmak sunucu g\u00fcvenli\u011fi i\u00e7in hayati \u00f6neme sahiptir.<\/p>\n<ul>\n<li>\n<h4><b>A\u00e7\u0131k port taramas\u0131 nedir ve ne s\u0131kl\u0131kla yap\u0131lmal\u0131d\u0131r?<\/b><\/h4>\n<\/li>\n<\/ul>\n<p>A\u00e7\u0131k port taramas\u0131, bir sunucudaki d\u0131\u015f d\u00fcnyaya a\u00e7\u0131k portlar\u0131 tespit etme i\u015flemidir. Bu taramalar, potansiyel g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 belirlemek i\u00e7in yap\u0131l\u0131r. Sunucular\u0131n\u0131z\u0131n maruz kald\u0131\u011f\u0131 tehdit seviyesine ve de\u011fi\u015fiklik s\u0131kl\u0131\u011f\u0131na ba\u011fl\u0131 olarak, haftal\u0131k veya ayl\u0131k gibi d\u00fczenli aral\u0131klarla yap\u0131lmal\u0131d\u0131r.<\/p>\n<ul>\n<li>\n<h4><b>Bir portun a\u00e7\u0131k olup olmad\u0131\u011f\u0131n\u0131 nas\u0131l anlar\u0131m?<\/b><\/h4>\n<\/li>\n<\/ul>\n<p>Bir portun a\u00e7\u0131k olup olmad\u0131\u011f\u0131n\u0131 anlamak i\u00e7in Nmap gibi a\u00e7\u0131k port taramas\u0131 ara\u00e7lar\u0131n\u0131 kullanabilirsiniz. Bu ara\u00e7lar, belirli bir IP adresindeki portlar\u0131n durumunu (a\u00e7\u0131k, kapal\u0131, filtrelenmi\u015f) g\u00f6sterir.<\/p>\n<ul>\n<li>\n<h4><b>Standart olmayan portlar\u0131 kullanmak g\u00fcvenli\u011fi art\u0131r\u0131r m\u0131?<\/b><\/h4>\n<\/li>\n<\/ul>\n<p>Standart olmayan portlar\u0131 kullanmak (\u00f6rne\u011fin SSH i\u00e7in 22 yerine ba\u015fka bir port kullanmak), &#8220;g\u00fcvenlik duvar\u0131n\u0131 gizleyerek&#8221; ilk a\u015famada otomatik taramalar\u0131 atlatmaya yard\u0131mc\u0131 olabilir. Ancak, bu tek ba\u015f\u0131na tam bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc de\u011fildir ve deneyimli sald\u0131rganlar taraf\u0131ndan yine de tespit edilebilir. As\u0131l g\u00fcvenlik, g\u00fc\u00e7l\u00fc kimlik do\u011frulama ve di\u011fer g\u00fcvenlik \u00f6nlemleriyle sa\u011flan\u0131r.<\/p>\n<ul>\n<li>\n<h4><b>Yanl\u0131\u015f port y\u00f6netimi ne gibi risklere yol a\u00e7ar?<\/b><\/h4>\n<\/li>\n<\/ul>\n<p>Yanl\u0131\u015f port y\u00f6netimi, sunucular\u0131n yetkisiz eri\u015fime, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bula\u015fmas\u0131na, hizmet reddi (DoS\/DDoS) sald\u0131r\u0131lar\u0131na ve veri ihlallerine kar\u015f\u0131 savunmas\u0131z kalmas\u0131na neden olabilir. Gereksiz a\u00e7\u0131k portlar, sald\u0131r\u0131 y\u00fczeyinizi geni\u015fleterek sunucular\u0131n\u0131z\u0131 daha b\u00fcy\u00fck risk alt\u0131na sokar.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sunucu G\u00fcvenli\u011fi \u0130\u00e7in Port Y\u00f6netimi Nas\u0131l Yap\u0131l\u0131r? G\u00fcn\u00fcm\u00fcz dijital \u00e7a\u011f\u0131nda, i\u015fletmelerin ve bireylerin \u00e7evrimi\u00e7i varl\u0131klar\u0131n\u0131 korumas\u0131&hellip;<\/p>\n","protected":false},"author":1,"featured_media":2398,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[27],"tags":[],"class_list":["post-2397","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guvenlik"],"_links":{"self":[{"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/posts\/2397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/comments?post=2397"}],"version-history":[{"count":1,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/posts\/2397\/revisions"}],"predecessor-version":[{"id":2399,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/posts\/2397\/revisions\/2399"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/media\/2398"}],"wp:attachment":[{"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/media?parent=2397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/categories?post=2397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknodc.net\/blog\/wp-json\/wp\/v2\/tags?post=2397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}