Lesson 11

Date: 4/14/2010
Basics of Linux Security
Linux for Engineering and IT Applications


Open Ports List

To see what ports are open, run command 
netstat -nal
and check on TCP and UDP ports in the listing. To see what processes are bound to what ports, run as root 
netstat -nalp



root@engdebian:~# netstat -nalp | more



Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address       Foreign Address   State       PID/Program name   
tcp        0      0 0.0.0.0:515         0.0.0.0:*         LISTEN       1742/lpd Waiting    
tcp        0      0 127.0.0.1:25        0.0.0.0:*         LISTEN       1726/exim4          
tcp        0      0 192.168.1.101:1040  128.6.238.10:22   ESTABLISHED  2229/ssh            
tcp        0      0 192.168.1.101:1024  128.6.238.12:993  ESTABLISHED  2195/pine           
tcp6       0      0 :::22               :::*              LISTEN       1813/sshd           
udp        0      0 0.0.0.0:68          0.0.0.0:*                      2085/dhclient

Similarly, 
netstat -n --inet --listening --programs

Also, the processes responsible for the open ports can be identified with 
lsof -i
See example.
Syntax of lsof: 
lsof -i [TCP|UDP][@host][:port]
To list all open files for specific processes: 
lsof -p PID 
lsof -c COMMAND
lsof -u username
To list all open files 
lsof


Take me to the Course Website