diff --git a/test/cases/030_security/010_ports/check.sh b/test/cases/030_security/010_ports/check.sh
new file mode 100644
index 000000000..29c8ed9af
--- /dev/null
+++ b/test/cases/030_security/010_ports/check.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -e
+
+PORTS=$(netstat -lntup)
+LINES=$(echo "${PORTS}" | wc -l)
+if [ $((LINES > 2)) -ne 0 ]
+then
+	echo "Ports test case FAILED"
+	echo "${PORTS}"
+	exit 1
+fi
+echo "Ports test case PASSED"
diff --git a/test/cases/030_security/010_ports/test.sh b/test/cases/030_security/010_ports/test.sh
new file mode 100644
index 000000000..7255cab37
--- /dev/null
+++ b/test/cases/030_security/010_ports/test.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+# SUMMARY: Check that there are no open ports
+# LABELS:
+
+set -e
+
+# Source libraries. Uncomment if needed/defined
+#. "${RT_LIB}"
+. "${RT_PROJECT_ROOT}/_lib/lib.sh"
+
+NAME=lsof
+
+clean_up() {
+	# remove any files, containers, images etc
+	rm -rf ${NAME}* || true
+}
+
+trap clean_up EXIT
+
+moby build -output kernel+initrd -name "${NAME}" test.yml
+linuxkit run qemu -kernel "${NAME}"
+#RESULT=$(linuxkit run qemu -kernel "${NAME}")
+#echo "${RESULT}" | grep -q "PASSED"
+exit 0
diff --git a/test/cases/030_security/010_ports/test.yml b/test/cases/030_security/010_ports/test.yml
new file mode 100644
index 000000000..ee71257ca
--- /dev/null
+++ b/test/cases/030_security/010_ports/test.yml
@@ -0,0 +1,23 @@
+kernel:
+  image: "linuxkit/kernel:4.9.x"
+  cmdline: "console=ttyS0 page_poison=1"
+init:
+  - linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
+  - linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
+  - linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
+onboot:
+  - name: test
+    image: "alpine:3.6"
+    readonly: true
+    binds:
+      - /check.sh:/check.sh
+    command: ["sh", "./check.sh"]
+  - name: poweroff
+    image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
+    command: ["/bin/sh", "/poweroff.sh", "10"]
+files:
+  - path: check.sh
+    source: ./check.sh
+trust:
+  org:
+    - linuxkit