Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ
It is currently Thu Jul 02, 2020 10:37 am


Username:
Subject:
Message body:
Enter your message here, it may contain no more than 60000 characters. 

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:
Font size:
 
Font colour
Options:
BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Disable BBCode
Disable smilies
Do not automatically parse URLs
Confirmation code
Confirmation code:
In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.
     

Topic review - How to check if ssh/http daemon listens on TCP port in Linux using lsof & netstat
Author Message
Post subject: How to check if ssh/http daemon listens on TCP port in Linux using lsof & netstat  |  Post Posted: Mon Oct 17, 2011 9:17 am
To show listening sockets in Unix, the "netstat" utility can be used with different arguments, depending on the specific OS.

Man netstat:
Quote:
--numeric , -n
Show numerical addresses instead of trying to determine symbolic host, port or user names.
-e, --extend
Display additional information. Use this option twice for maximum detail.
[--tcp|-t]
-p, --program
Show the PID and name of the program to which each socket belongs.
[--udp|-u]
-l, --listening
Show only listening sockets. (These are omitted by default.)
[--all|-a]


Of course, "netstat -tulp" is enough to see if sshd/httpd are listening on their TCP ports, but I prefer the below example.

Checking SSH and Apache TCP ports in Linux using netstat:
Code:
# netstat -netpula | grep -E ":22|:80"
Proto Recv-Q Send-Q Local Address               Foreign Address             State       User       Inode      PID/Program name
tcp        0      0 :::80                       :::*                        LISTEN      0          78720642   5514/httpd         
tcp        0      0 :::22                       :::*                        LISTEN      0          1688637    23490/sshd         


Displayed are the ID of the user that runs sshd & httpd, PID of the process and state (LISTEN).

Checking SSH and Apache TCP ports in Linux using lsof utility:
Code:
# lsof -Pni :22 -i :80
COMMAND   PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
httpd   17543  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
httpd   17815  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
httpd   18040  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
httpd   18046  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
httpd   18278  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
httpd   56459  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
sshd    61609 root    3u  IPv6 0xc35d3570      0t0  TCP *:22 (LISTEN)
sshd    61609 root    4u  IPv4 0xc35d3ae0      0t0  TCP *:22 (LISTEN)
httpd   75304 root    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
httpd   78080  www    3u  IPv6 0xc35d3cb0      0t0  TCP *:80 (LISTEN)
Jump to:  
cronNews News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO