|
Home > Archive > Unix administration > September 2004 > Which program is running on a specific port (1830)?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Which program is running on a specific port (1830)?
|
|
|
| Hi,
There is a program / process which is listening to the port 1830 on my
UNIX system. There were none info about it returns from the
"rpcinfo". Also, there is no entry on the /etc/services.
Many thanks....
| |
| Michael Vilain 2004-09-08, 5:55 pm |
| In article <d7bb12ab.0409081354.15eefbad@posting.google.com>,
kaka.hui@gmail.com (Cathy) wrote:
> Hi,
>
> There is a program / process which is listening to the port 1830 on my
> UNIX system. There were none info about it returns from the
> "rpcinfo". Also, there is no entry on the /etc/services.
>
> Many thanks....
ports > 1024 (or is it 1023) are not 'known' ports and don't require
root to bind them. So, any user can write something and run it in
background to bind to this port. You can use lsof, a tool to list all
'open files' even network ports. Google for the URL.
--
DeeDee, don't press that button! DeeDee! NO! Dee...
| |
| Moe Trin 2004-09-08, 5:55 pm |
| In article <d7bb12ab.0409081354.15eefbad@posting.google.com>, Cathy wrote:
>Hi,
>
>There is a program / process which is listening to the port 1830 on my
>UNIX system. There were none info about it returns from the
>"rpcinfo". Also, there is no entry on the /etc/services.
Which UNIX? There are a few of them.
[compton ~]$ grep 1830 /usr/doc/rfcs/port-numbers
net8-cman 1830/tcp Oracle Net8 CMan Admin
net8-cman 1830/udp Oracle Net8 CMan Admin
[compton ~]$
Running Oracle?
Old guy
| |
| Bill Marcum 2004-09-09, 2:48 am |
| On 8 Sep 2004 14:54:35 -0700, Cathy
<kaka.hui@gmail.com> wrote:
> Hi,
>
> There is a program / process which is listening to the port 1830 on my
> UNIX system. There were none info about it returns from the
> "rpcinfo". Also, there is no entry on the /etc/services.
>
> Many thanks....
netstat -np
lsof
--
If quizzes are quizzical, what are tests? (Think about it)
| |
|
| It's on Solaris 8. Yes, Oracle 9.2.0.3 is running on that system.
Thanks!!
ibuprofin@painkiller.example.tld (Moe Trin) wrote in message news:<slrncjv5p9.9g1.ibuprofin@atlantis.phx.az.us>...
> In article <d7bb12ab.0409081354.15eefbad@posting.google.com>, Cathy wrote:
>
> Which UNIX? There are a few of them.
>
> [compton ~]$ grep 1830 /usr/doc/rfcs/port-numbers
> net8-cman 1830/tcp Oracle Net8 CMan Admin
> net8-cman 1830/udp Oracle Net8 CMan Admin
> [compton ~]$
>
> Running Oracle?
>
> Old guy
| |
| Patrick Beckhelm 2004-09-09, 8:47 pm |
| Bill Marcum <bmarcum@iglou.com.urgent> wrote in message news:<3gu412-itn.ln1@don.localnet>...
> On 8 Sep 2004 14:54:35 -0700, Cathy
> <kaka.hui@gmail.com> wrote:
>
> netstat -np
> lsof
the exact syntax for lsof:
lsof -i <protocol>:<port>
i.e.: lsof -i tcp:443 yields the following sort of results:
httpd 1446 apache 5u IPv6 0x300020da318 0t0 TCP *:https (LISTEN)
httpd 1449 apache 5u IPv6 0x300020da318 0t0 TCP *:https (LISTEN)
httpd 1450 apache 5u IPv6 0x300020da318 0t0 TCP *:https (LISTEN)
| |
| Stephane CHAZELAS 2004-09-09, 8:47 pm |
| 2004-09-8, 14:54(-07), Cathy:
[...]
> There is a program / process which is listening to the port 1830 on my
> UNIX system. There were none info about it returns from the
> "rpcinfo". Also, there is no entry on the /etc/services.
[On Solaris]
lsof is the best tool for that task. You may have to install it
though as it is not shipped by default with Solaris.
Otherwise, you could use pfiles:
pfiles $(ps -e -o pid=) | sed -n '/^[0-9]/{h;d;}
/port: 1830$/{x;p;x;p;}'
For example:
# lsof -i tcp:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 318 root 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 328 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 329 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 330 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 331 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 333 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 4459 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
httpd 4460 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
# pfiles $(ps -e -o pid=) | sed -ne '/^[0-9]/{h;d;}' -e '/port: 80$/{x;p;x;p;}'
318: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
333: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
329: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
328: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
330: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
331: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
4460: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
4459: /usr/apache/bin/httpd
sockname: AF_INET 0.0.0.0 port: 80
pfiles: cannot examine 5057: no such process
--
Stephane
| |
|
| If I don't even know what is the program / service name, can I still use lsof?
Thanks!
Stephane CHAZELAS <this.address@is.invalid> wrote in message news:<slrnck15nf.1qc.stephane.chazelas@spam.is.invalid>...
> 2004-09-8, 14:54(-07), Cathy:
> [...]
> [On Solaris]
>
> lsof is the best tool for that task. You may have to install it
> though as it is not shipped by default with Solaris.
>
> Otherwise, you could use pfiles:
>
> pfiles $(ps -e -o pid=) | sed -n '/^[0-9]/{h;d;}
> /port: 1830$/{x;p;x;p;}'
>
> For example:
> # lsof -i tcp:80
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
> httpd 318 root 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 328 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 329 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 330 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 331 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 333 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 4459 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> httpd 4460 nobody 16u IPv4 0x30000fd9a88 0t0 TCP *:80 (LISTEN)
> # pfiles $(ps -e -o pid=) | sed -ne '/^[0-9]/{h;d;}' -e '/port: 80$/{x;p;x;p;}'
> 318: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 333: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 329: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 328: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 330: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 331: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 4460: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> 4459: /usr/apache/bin/httpd
> sockname: AF_INET 0.0.0.0 port: 80
> pfiles: cannot examine 5057: no such process
| |
| Stephane CHAZELAS 2004-09-15, 10:36 am |
| 2004-09-13, 11:08(-07), Cathy:
[please don't top-post][vbcol=seagreen]
> If I don't even know what is the program / service name, can I still use lsof?
[...]
lsof -i tcp:25
shows the list of processes having a TCP socket on port 25
(either listening or connected (source or destination)).
lsof -i tcp:smtp
same but with service name instead of port name
lsof -c sendmail
list open files (including sockets) by program called "sendmail"
lsof -p 123
list open files (including sockets) by program of pid 123.
lsof -i tcp
lists every tcp socket
lsof
list all open files (including sockets) by every program on the
system. You can then (v)grep that output for informations you
need.
--
Stephane
|
|
|
|
|