Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 12
Hi, When I start my java application, it opens some random ports(listen TCP ports). I don't know where it is from. The process ID of the ports are my java ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2012
    Posts
    5

    Random TCP Ports listening


    Hi,

    When I start my java application, it opens some random ports(listen TCP ports). I don't know where it is from. The process ID of the ports are my java application. Can you please help me to analyze the root cause (or) type of those ports. Below are the command out for 'netstat -nltp' :

    tcp 0 0 :::10500 :::* LISTEN 32343/java
    tcp 0 0 :::4242 :::* LISTEN 32343/java
    tcp 0 0 :::57272 :::* LISTEN 32343/java
    tcp 0 0 :::8443 :::* LISTEN 32343/java
    tcp 0 0 ::ffff:127.0.0.1:59708 :::* LISTEN 32343/java
    tcp 0 0 :::50078 :::* LISTEN 32343/java

    The 10500,4242 &8443 ports are expected to listen. But I don't know why the 50078, 59708 & 57272 ports are listening ? Can you please help me to analyze this issue.

    Thanks,
    Ramesh

  2. #2
    Linux Newbie
    Join Date
    Nov 2009
    Posts
    218
    Moi Ramesh,

    It would appear that your java app is not specifying what ports it wants to use when it creates the sockets. See man socket.

    The ports that have been assigned have been chosen by the OS.

    This beggars a question. Usually, a program only "listens" on a socket if it wants to accept connections from other programs. If the "listener" is not choosing the port numbers up front, how is it telling the rest of world what ports can be used to contact it?

    Cheers - VP

  3. #3
    Just Joined!
    Join Date
    May 2012
    Posts
    5
    Code:
    It would appear that your java app is not specifying what ports it wants to use when it creates the sockets. See man socket.
    No. I explicitly specified the ports (10500,4242 &8443).

  4. #4
    Linux Newbie
    Join Date
    Apr 2012
    Posts
    112
    Quote Originally Posted by rameshj View Post
    Code:
    It would appear that your java app is not specifying what ports it wants to use when it creates the sockets. See man socket.
    No. I explicitly specified the ports (10500,4242 &8443).
    have you tried connecting to those ports?

    Does your client works on that port?

  5. #5
    Just Joined!
    Join Date
    May 2012
    Posts
    5
    Yes. Everything working perfect. My client/agent can connect to all the predefined ports(10500,4242,8443). No functionality issue. But additional ports are in LISTEN state.

  6. #6
    Linux Newbie
    Join Date
    Apr 2012
    Posts
    112
    I meant, can you connect to the other ports?

    Also, are 100% sure that your app is not opening them? e.g. you added those ports for debugging purposes and forgot to remove them. Some other part of the code is opening them?

  7. #7
    Just Joined!
    Join Date
    Oct 2007
    Posts
    13
    As I recall the TCP implementation is as follows: advertise on the public port, once a connection establishes forward that connection to another port on the server (thus leaving the serving advertised port available for the next caller) and that is probably what you are seeing, these additional ports containing your established TCP connections.

  8. #8
    Linux Newbie
    Join Date
    Nov 2009
    Posts
    218
    Ramesh,

    what manyroots says - you can try to see who is opening the extra ports with lsof

    Cheers - vp

  9. #9
    Just Joined!
    Join Date
    May 2012
    Posts
    5
    Thanks to all for your help.

    I could not find the root cause from lsof command. Below are the lsof command output.

    Code:
    /usr/sbin/lsof -c java | grep LISTEN
    java    32343  sas   14u  IPv6       114815023490                   TCP *:57272 (LISTEN)
    java    32343  sas   17u  IPv6       114815023692                   TCP *:10500 (LISTEN)
    java    32343  sas   19u  IPv6       114815023797                   TCP *:50078 (LISTEN)
    java    32343  sas  108u  IPv6       114815140966                   TCP *:pcsync-https (LISTEN)
    java    32343  sas  118u  IPv6       114815141261                   TCP *:4242 (LISTEN)
    java    32343  sas  120u  IPv6       114815141477                   TCP localhost.localdomain:59708 (LISTEN)
    Code:
    /usr/sbin/lsof -i :50078
    COMMAND   PID USER   FD   TYPE       DEVICE SIZE NODE NAME
    java    32343  sas   19u  IPv6 114815023797       TCP *:50078 (LISTEN)
    Code:
    /usr/sbin/lsof -i :57272
    COMMAND   PID USER   FD   TYPE       DEVICE SIZE NODE NAME
    java    32343  sas   14u  IPv6 114815023490       TCP *:57272 (LISTEN)
    Code:
    /usr/sbin/lsof -i :59708
    COMMAND   PID USER   FD   TYPE       DEVICE SIZE NODE NAME
    java    32343  sas  120u  IPv6 114815141477       TCP localhost.localdomain:59708 (LISTEN)

    Hi waynemot,

    Do mean whenever I bind a public port it will open another random port ? I tried to create a test server socket from java. But it LISTENs only one port which I expected. No additional ports are open.

    Thanks,
    Ramesh

  10. #10
    Linux Newbie
    Join Date
    Apr 2012
    Posts
    112
    You can only have a connection per socket, so normally what happens is that a connection is established on port x, say 80 for a web server and the actual transfer of data is done on another random port.

    For instance, this is apache listening in port 80.

    Code:
    tcp        0      0 :::80                       :::*                        LISTEN
    tcp        0      0 ::ffff:10.168.20.227:80     ::ffff:10.168.20.89:50480   ESTABLISHED
    As you can see, the connection is established on port 50480 but there is nothing listening on that port, once the connection is finished, i.e. browser is closed, connections go on TIME_WAIT and then get closed forever.

    In your case, you have something listening on those rogue ports.

    Did you try to connect to the rogue ports rather than the normal ports?

    If instead of listing listening ports, you list all ports you'll see the behavior mentioned above.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •