You can conceal that open port with some form of port knocking. Though this does reinforce your "easy" point.

Also, if it's an UDP port, then using a protocol that expects first client packet to be pre-authenticated and not emitting any response otherwise gets you pretty damn close to having this port closed.