Grepping from the service file is ok but might not tell you the exact nature of the program running at that port. Example ... I can run ssh at port 25 and telnet at port 21 if I want to.
Chort pointed out that you should confirm by running netstat to see what application is causing that port to open. Alternatively, you can use lsof (list open files). Cheers Thomas -----Original Message----- From: chort [mailto:[EMAIL PROTECTED] Sent: Saturday, July 05, 2003 2:23 AM To: hartmann Cc: DeGennaro, Gregory; Rod Green; [EMAIL PROTECTED] Subject: Re: Hack? On Fri, 4 Jul 2003, hartmann wrote: > hi there, > sorry for interrupting... > > how could we know what the port number means? > > $ grep 25 /etc/services $ grep 53 /etc/services and so on. That will tell you the registered service which normally runs on that port. To know which application is actually being used, you either have to be on the machine and do a netstat, or you could issue commands to the service and try to gather a profile from the responses. If you're on the machine, and have root privilages, you could do something like this # netstat -pnlA inet which will show you the IP a port is bound to, as well as the PID and name of program running it. -- -chort AKA Brian Keefer The thoughts I express are generally piped from /dev/random, needless to say they do not represent my fine employer: CipherTrust, Inc - www.ciphertrust.com --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------