-
Open Ports + Process
I made a "script" which shows open ports and the parent process which has opened the port, posted here in case anyone else is interested..
Code:
#!/bin/sh
echo "Open Ports:" ; netstat -anp | grep LISTEN | grep tcp | awk '{print $4, "\t", $7}' | more
Instructions for use:
1) Make new file called "oports.sh"
2) Copy above code into the file
3) Save file
4) run "chmod 755 oports.sh"
5) do ./oports.sh to execute.
Output looks something like:
Code:
Open Ports:
0.0.0.0:993 271/inetd
0.0.0.0:143 271/inetd
0.0.0.0:3306 19725/mysqld
0.0.0.0:22 19254/sshd
0.0.0.0:12 271/inetd
0.0.0.0:80 972/httpd
0.0.0.0:25 263/exim3
0.0.0.0:631 232/cupsd
Jason
-
you could also get nmap ( www.insecure.org ) and just scan your own address ...
-
nmap will show you what ports are listening, but it wont give you an *ACCURATE* processname, nor will it give a process ID.
I wrote the little "script" becuase when i install Linux on a box, the first thing i like to do it turn off unwanted services. Sometimes i have a hard time working out what some of the more obsecure services are, so that is really hand for me.
Jason
-
What if you run a deamon through inetd or xinetd? Will that give the PID of the temp process or the PID to inetd/xinetd?
Good work btw :)
-
there is a file ion the site that gives you all the port names, no's, and a description although i don't think it give a process id so.. and besides your way is also handier cause you can just delete the file when your done.
-
if inetd has control of the port, then the PID given is that of inetd, but, at least you have an idea where to start looking if you want to turn it off..
Jason
-
netstat -anp doesn't list PID's nor program names for TCP sockets. Does anyone have an idea why this could be? Using Debian sarge/testing w/ kernel 2.4.23-pre7.
-
you will need to be root to get the ProcessID/name.
Does that do it?
-
Yes, it works fine. Thanks.
Bit stupid of me I didn't try.
-
Do you know how I can close some ports that I don't use and they are a bit dangerous?
