I have a centos 6.5 machine running a java server socket on port 9000. I tried to look into netstat command and etc nothing works then I tried this command and it shows

I would like to block the service to that my original service can run as usual how to block cslistener and what is this service? Is this a threat?

I suggest picking a different port.

From searches it shows several things use port 9000 - Eclipse for one, firewalls, php debugging,....

You can find the process id of what has it open using "fuser 9000/tcp" and trace it specifically for your system.

Dear Jpollard,
It has been running well all the time. I am not running eclipse for use. Firewall and php debugging using 9000 for what purpose ? I thought any thing more then 1024 is possible to be used rite?

And it happens to be being used.

Any process can open a port above 1024.

A firewall may use it for changing the firewall configuration... and PHP debugging means just that.

ANY one can open a port above 1024. But once opened it usually cannot be used by another service (yes there are ways to open one shared - but that assumes those processes will coordinate with each other as to how the port gets used...).

Normal operation is that once a port is opened, it is open for exclusive use by that process.

Hence, to find out what process has it open, use fuser. Once you have process id number you can the find out what the process is - and find out why and what service is associated with that process. At that point, you should be able to decide whether you want the service active or not.

Dear Jpollard,
When you said firewall here means the iptables itself or external firewall will use?

No. Just that some company has used port 9000 for a firewall, and used it enough that it is reported as a "use of port 9000".

From http://www.adminsub.net/tcp-udp-port-finder/cslistener

The point is, if you don't know what is using the port, find out. If you want to use it for something else, stop the process currently using it.