mailing list archives
Re: [PEN-TEST] ports
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Wed, 6 Sep 2000 16:22:18 -0500
I think Erik Tayler has a good point about it being SSH, but maybe
it's important to note something simple here. The question of
"What executeable has this port listening" (at least on Linux) can
almost always be answered with netstat -an and lsof. For example:
I run netcat, to listen on port 8093.
[yermom () sniffer yermom]$ /sbin/nc -l -p 8093
nmap from another host shows port 8093 is open... What's got it open?
...back to sniffer my laptop...gonna use root for lsof
[root () sniffer root]# lsof | grep 8093
nc 1710 yermom 3u IPv4 2816 TCP *:8093 (LISTEN)
See? the program "nc", which is PID 1710, has TCP Port 8093 Listening.
With the right tools, and some knowledge no one should have to ask what
program is listening on what port.
Hope this helps...
From: Dale, C [mailto:cdale () SILLY TECHMONKEYS NET]
Sent: Wednesday, September 06, 2000 3:02 PM
To: PEN-TEST () SECURITYFOCUS COM
I'm wondering if anyone knows of any URLs which list everything that would
be on certain ports. I know of a large /etc/services file on the web at
but it is not complete. Specifically, I am trying to find out what runs
on ports 6010 and 6011 on linux boxes.
"A civilized society is one which tolerates eccentricity to the point of
-- Robert Frost
- Re: [PEN-TEST] ports, (continued)