Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: ambiguity about nmap results
From: bensonk () acm wwu edu
Date: Sat, 31 May 2008 12:08:12 -0700

You can get *some* of that functionality with extra flags to netstat.
When I want a quick and dirty "What processes are listening on what
ports" overview on the server I run, I use 'netstat -tpl'.  If you're
root, it'll give you the executable name as well as PID for each 
listening process.  I'll definitely start using lsof for that, though.
To date all I've used lsof for is figuring what process to kill so I can
unmount a partition.  :-)

Benson

On Fri, May 30, 2008 at 05:13:31PM -0700, doug () hcsw org wrote:
FWIW:

-bash-3.2$ uname -a
OpenBSD blackhole 4.3 GENERIC#698 i386
-bash-3.2$ pwd
/usr/ports/net/nmap
-bash-3.2$ grep ^V= Makefile
V=              4.53

Also, several people suggested "netstat -a" for looking for open
ports on your local machine. netstat is OK but even better IMO is
"lsof -i" (may need root or kmem privs). It will give you much more
info such as which process owns the socket, what the file descriptor
is in that process, etc. And when you're developing, "lsof -p PID"
is invaluable. It will tell you all sockets, files, mmaps, dynamic
libraries loaded etc. Once you go lsof you never go back. :)

Doug




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Attachment: _bin
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault