finding the source of a port number

finding the source of a port number

Post by yls17 » Thu, 27 Oct 2005 19:18:50



Hi.

I did a netstat -an. And i noticed a port number, say 6000.

How can i identify which are the services to stop in the different rc**
levels?

Rgds

 
 
 

finding the source of a port number

Post by leonworkman_2.. » Thu, 27 Oct 2005 22:54:11


There are several things you can look at.
Possibly the best would be to download and install the lsof utility
onto your system.  I believe that you can still get this from
www.sunfreeware.com.  Once installed, you can do the following:
lsof|grep TCP|grep 6000
The output will tell you which PID is running the service that has that
port open.  From that you can do a ps -ef|grep <PID> and find out what
the actual process is.  From there, you'll have to figure out which
startup script initiates the process that opens this port.
Alternately, you might be able to dig through your /etc/services and
/etc/inetd.conf files for the port number, and if the entry actually
matches the service name that has the port open on your system, you can
figure out which script runs the process for that service.

Thank-you,
Leon Workman

 
 
 

finding the source of a port number

Post by Fran Hora » Thu, 27 Oct 2005 23:08:27


lsof: ftp://vic.cc.purdue.edu/pub/tools/unix/lsof/

google on "port service lsof" for examples.

This will get you part of the way to identifying the rc script. Maybe you
can get a pattern from lsof that you could then use do a search over
/etc/rc* and get a hit in a particular rc script.

Fran


Quote:> Hi.

> I did a netstat -an. And i noticed a port number, say 6000.

> How can i identify which are the services to stop in the different rc**
> levels?

> Rgds

 
 
 

finding the source of a port number

Post by Mr. Johan Andersso » Thu, 27 Oct 2005 23:54:58



Quote:> There are several things you can look at.
> Possibly the best would be to download and install the lsof utility
> onto your system.  I believe that you can still get this from
> www.sunfreeware.com.  Once installed, you can do the following:
> lsof|grep TCP|grep 6000
> The output will tell you which PID is running the service that has that
> port open.  From that you can do a ps -ef|grep <PID> and find out what
> the actual process is.  From there, you'll have to figure out which
> startup script initiates the process that opens this port.
> Alternately, you might be able to dig through your /etc/services and
> /etc/inetd.conf files for the port number, and if the entry actually
> matches the service name that has the port open on your system, you can
> figure out which script runs the process for that service.

> Thank-you,
> Leon Workman

Its not a true solution, but to just find what process is having what port
open you could always do a *...

for i in `ps -e|cut -c1-7`; do echo $i:; pfiles $i|grep port; done

thats just a fasthack, but it shows you what ports are used by what
processes.

/Johan A

 
 
 

finding the source of a port number

Post by Alan Coopersmit » Fri, 28 Oct 2005 02:21:32



|I did a netstat -an. And i noticed a port number, say 6000.

6000 is normally your X server.

--
________________________________________________________________________

 http://www.csua.berkeley.edu/~alanc/   *   http://blogs.sun.com/alanc/
  Working for, but definitely not speaking for, Sun Microsystems, Inc.

 
 
 

finding the source of a port number

Post by yls17 » Fri, 28 Oct 2005 14:52:30


Yup.

I managed to find out that 6000 is my x server through the below link

http://www.securitydocs.com/library/2933

 
 
 

1. UDP source port number when using RAW socket??

Hello Everyone

I have created an application that runs as a client on a ADSL modem
and communicates with a server on a Windows/MAC using as RAW socket
with:
        sk = socket(PF_INET, SOCK_PACKET, htons(ETH_P_ALL));

With this socket I can send RAW data to the server that listens on
62828 . When I send I create my own ethernet, IP and UDP and send it
out on my eth0 interface. This all works fine and my server receives
the data correctly and responds. However now I have a question what
number to assign to my source port number on UDP when creating my
packet on the client??

From what I understand when using a UDP socket and having the network
stack creating the message the UDP source port number is taken from an
internal list. This ensures that no applications will select the same
port numbers when sending out data. But since I create my own packets
and send them out using RAW socket I can just give and number as UDP
source port number and I feel that this is not correct. If I am
unlucky I will create a conflict having 2 applications(my client) and
another one both sending out on the same port.

So my question is:
1) How do I get "hold" of a valid UDP port number that I can assign to
my RAW packet?
2) Is there some sort of API I can call and if so what?
3) What are the implications/problems if one for some reason have two
applications sending out data on the same port number?

Any input and advice is greatly appreciated.

Regards
Rikard

2. Konquerer "history" not chronological......

3. Accessing the floppy drive in RH6.0

4. Finding client port number

5. How many child processes can parent has?

6. Finding a socket's local port number

7. Multiple Pentiums

8. Flexfax -- "Can not find port number for 'fax' service" -- ???

9. finding my port number

10. How do i find out which port numbers a specific application is using on my computer ?

11. Finding Port numbers

12. why could not I found my port number?