Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 06-01-2007, 09:03 AM   #1
LQ Newbie
Registered: Apr 2007
Posts: 20

Rep: Reputation: 0
netstat to check buffer overflow

Hey folks,
I am a newbie in linux and I m facin a prob of buffer overflow on my specific port suppose 6060 , So I talked to one of my friend he suggest me command netstat --inet -a |grep 6060command to check the overflow ,I get the output pasted below
udp 0 0 *:6060 *:*

But somehow I am not able to detect how can i recognize the overflow.

Then I hv tried one more command netstat -anep| grep 6060
output is udp 1740 0* 0 23093916 21961/java

Again I m not able to understand the output.......

If anyone can suugest what is goin on ...then it wud be a gr8 help

Thanx in advance
Old 06-03-2007, 10:19 AM   #2
Registered: Jan 2006
Location: Romania
Distribution: Suse 12.0, Slackware 12.1, Debian, Ubuntu, Gentoo
Posts: 301

Rep: Reputation: 30
well, the netstat command can only help you in identifying the process, the port it listens on and from who does it accept packages.

I can only help you with understanding the output.
udp - the protocol it accepts (it can recieve only udp packages)
1740 - "The count of bytes not copied by the user program connected to this socket." (quote from the man page) - this might suggest a buffer overflow, or the fact that it is still reading and processing the package. Check if the number changes.
0 - it accepts packages with any destination if they reach the port 6060 on this computer* - it accepts packages from any computer
0 - it runs as root
23093916 - the program's inode
21961/java - this is the pid and the application of the program listening on this port.

So, are you running any java program? Check the processes you are running, and find out what the problematic program is. This might help

If you find it, see if you really need it. If not, you can disable it. Otherwise, upgrade it, if you are sure there is a security issue. It might be solved in the next release.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Buffer overflow and ip spoofing Ephracis Linux - Security 10 12-07-2004 05:39 PM
What is a buffer overflow Joey.Dale Linux - Security 4 07-12-2004 05:12 PM
Buffer Overflow pymehta Linux - Security 7 02-24-2004 01:19 PM
buffer overflow cxel91a Programming 3 08-14-2003 05:23 PM
Q. What is a buffer overflow? auslew Linux - Security 2 11-08-2002 05:36 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:13 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration