Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] ports
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Wed, 6 Sep 2000 16:22:18 -0500

I think Erik Tayler has a good point about it being SSH, but maybe
it's important to note something simple here.  The question of
"What executeable has this port listening" (at least on Linux) can
almost always be answered with netstat -an and lsof.  For example:

I run netcat, to listen on port 8093.

[yermom () sniffer yermom]$ /sbin/nc -l -p 8093

nmap from another host shows port 8093 is open... What's got it open?
...back to sniffer my laptop...gonna use root for lsof

[root () sniffer root]# lsof | grep 8093
nc      1710    yermom  3u      IPv4    2816            TCP *:8093 (LISTEN)

See?  the program "nc", which is PID 1710, has TCP Port 8093 Listening.

With the right tools, and some knowledge no one should have to ask what
program is listening on what port.

Hope this helps...

--Noah Dunker

-----Original Message-----
From: Dale, C [mailto:cdale () SILLY TECHMONKEYS NET]
Sent: Wednesday, September 06, 2000 3:02 PM
Subject: ports

I'm wondering if anyone knows of any URLs which list everything that would
be on certain ports.  I know of a large /etc/services file on the web at
this URL:
but it is not complete.  Specifically, I am trying to find out what runs
on ports 6010 and 6011 on linux boxes.

 "A civilized society is one which tolerates eccentricity to the point of
doubtful sanity."
          -- Robert Frost

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]