LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-11-2002, 04:12 PM   #1
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Rep: Reputation: 30
Open Ports?


I did a `netstat -l` and was confused about the entries other than the ones with LISTEN to the right of them. Does anyone know what they mean?

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:587 *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:auth *:* LISTEN
tcp 0 0 *:1024 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
udp 0 0 mybox:netbios-dgm *:*
udp 0 0 mybox:netbios-ns *:*
udp 0 0 *:netbios-dgm *:*
udp 0 0 *:netbios-ns *:*
udp 0 0 *:1164 *:*
udp 0 0 *:1163 *:*
udp 0 0 *:1160 *:*
udp 0 0 *:1159 *:*
udp 0 0 *:1158 *:*
udp 0 0 *:1157 *:*
udp 0 0 *:1156 *:*
udp 0 0 *:1155 *:*
udp 0 0 *:1154 *:*
udp 0 0 *:1151 *:*
udp 0 0 *:1150 *:*
udp 0 0 *:1149 *:*
udp 0 0 *:1148 *:*
udp 0 0 *:1147 *:*
udp 0 0 *:1146 *:*
udp 0 0 *:1145 *:*
udp 0 0 *:1144 *:*
udp 0 0 *:1143 *:*
udp 0 0 *:1142 *:*
udp 0 0 *:1141 *:*
udp 0 0 *:1140 *:*
udp 0 0 *:1139 *:*
udp 0 0 *:1138 *:*
udp 0 0 *:1137 *:*
udp 0 0 *:1136 *:*
udp 0 0 *:1134 *:*
udp 0 0 *:1133 *:*
udp 0 0 *:1132 *:*
udp 0 0 *:1131 *:*
udp 0 0 *:1130 *:*
udp 0 0 *:1129 *:*
udp 0 0 *:1128 *:*
udp 0 0 *:1127 *:*
udp 0 0 *:1126 *:*
udp 0 0 *:1125 *:*
udp 0 0 *:1124 *:*
udp 0 0 *:1025 *:*
udp 0 0 *:977 *:*
udp 0 0 *:1024 *:*
udp 0 0 *:sunrpc *:*
raw 0 0 *:icmp *:* 7
raw 0 0 *:tcp *:* 7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 0 [ ACC ] STREAM LISTENING 661 /dev/gpmctl
unix 0 [ ACC ] STREAM LISTENING 789 /tmp/.font-unix/fs7100






Thanks in advance.
 
Old 02-11-2002, 06:29 PM   #2
finegan
LQ Guru
 
Registered: Aug 2001
Location: Dublin, Ireland
Distribution: Slackware
Posts: 5,700

Rep: Reputation: 72
That's all the ports listed in any way in /etc/services, so therefore the kernel knows about them. There is probably nothing listening to them, so they're not really open. To best find out what ports you have open, install nmap and port scan yourself. Its especially funny to watch portsentry or tripwire go berserk if you have any of that installed.

Cheers,

Finegan
 
Old 02-12-2002, 01:05 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
UDP is a stateless protocol, so you wouldn't see a listening state on it (man netstat, /state).
A way to expand your /etc/services to better map more service names is to exchange it with nmap's services file.
A way to locally see what apps use which socket is lsof (if they're not closing fast), see my reply here on how to.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 02:03 AM
open ports on linksys, i have ssh open but thats it PlatinumRik Linux - Security 1 07-07-2005 10:38 AM
Open ports! WWMPCDD Linux - Networking 6 10-28-2004 09:29 PM
How to open ports? kaboom Linux - Networking 1 01-05-2004 05:23 PM
open ports nakkaya Linux - General 2 02-05-2003 03:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration