[ale] Identfy source of open ports

Beddingfield, Allen allen at ua.edu
Fri Jan 3 01:11:12 EST 2014


Try "lsof -l -P|grep LISTEN"  on the system with those ports open.

Allen B.
--
Allen Beddingfield
Systems Engineer
The University of Alabama

________________________________________
From: ale-bounces at ale.org [ale-bounces at ale.org] on behalf of Alex Carver [agcarver+ale at acarver.net]
Sent: Thursday, January 02, 2014 11:49 PM
To: Atlanta Linux Enthusiasts
Subject: [ale] Identfy source of open ports

It's a new year so on a whim I started nmaps of various machines and
devices on my home network to see what was open and if anything I didn't
know about popped up.

One of my Debian boxes popped up with two ports out of the blue.  Port
42865 and 54906.  I don't know of any services running that use those
ports.  Running netstat -ap doesn't show much either, it has a blank
entry for the PID/Program name:

Proto Recv-Q Send-Q Local Address    Foreign Address   State
PID/Program name

tcp        0      0 *:42865            *:*         LISTEN      -
tcp        0      0 *:54906            *:*         LISTEN      -

Anything else I can use to try and ferret out what it is that is
listening on these ports?  Neither port is accessible from the outside
world due to a firewall.  A scan of two other Debian shows mostly ok
(expected services) though one shows port 779 open in listen mode but
again with no PID, and the other machine shows 31599 (also not accessible).

Searching online for those particular ports doesn't provide any useful
information (779 claims one use is for NetInfo on OS X but that machine
is not a Mac).
_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo



More information about the Ale mailing list