Re: AW: Program PORT ?
On Friday 30 April 2004 12:13, Jaime Soriano Pastor wrote:
> Jens Simmoleit escribió:
> >>>>What is the command to check which PORT is currently use in my
> >>>> Linux Server...?
> > I guess he might be looking for netstat
[..]
> Or for nmap, that says what server is in each port:
> $ nmap localhost
> Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-04-30
> 13:10 CEST
> Interesting ports on localhost (127.0.0.1):
> (The 1640 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 9/tcp open discard
No, it doesn't. It simply lists what service is registered on that port,
or which is "well known". I could configure Courier IMAP to listen on
port 80 and if I did a simple TCP connect() scan in nmap it would tell me
port 80, HTTP, is open. This is not incorrect as port 80 is registered
for HTTP but it doesn't mean that is what is running.
See here -> http://www.iana.org/assignments/port-numbers
In more recent versions of nmap you might use the "-sV" option to enable
version scanning, this will produce a more accurate description of what
is running based on fingerprints.
The original posters question can be answered using netstat or lsof. As
netstat has already been covered, here is how I'd use lsof:
# lsof | grep -i ipv4.*listen
This will list any processes listening on a port, for TCP that's those
that have done a passive open on it. I prefer lsof to netstat as it
gives process names and PIDs, the user running it and various other
information, for example:
squid 717 proxy 12u IPv4 2486 TCP *:3128 (LISTEN)
David
Reply to: