Difference between revisions of "Ports"

From Hackepedia
Jump to navigationJump to search
Line 14: Line 14:
  
 
will show you exactly what is listening on this port. If you want to see ports on your machine are open to the general public, which is often how computers are broken into, you can try Yashy's [http://crypto.yashy.com/nmap.php self port scan]. You don't want to see any ports open, or listening, unless you've intentionally started that process for the public to connect to.
 
will show you exactly what is listening on this port. If you want to see ports on your machine are open to the general public, which is often how computers are broken into, you can try Yashy's [http://crypto.yashy.com/nmap.php self port scan]. You don't want to see any ports open, or listening, unless you've intentionally started that process for the public to connect to.
 +
 
Ideally if you see any ports open, you will close down the application that has that port open. Alternatively you can install and use a [[firewall]].
 
Ideally if you see any ports open, you will close down the application that has that port open. Alternatively you can install and use a [[firewall]].

Revision as of 12:04, 5 October 2005

Say you want to know what is running on port 80 of your machine. The first hint would be to look in the file /etc/services to get an idea of what typically runs on that port.

http             80/tcp    www www-http #World Wide Web HTTP
http             80/udp    www www-http #World Wide Web HTTP

looks like it's the port typically used for the www. Now we can try netstat to actually see what is listening, not just what should be there.

netstat -an | grep LISTEN

however I prefer the flexibility of lsof which I install on all of my machines.

lsof -i:80

will show you exactly what is listening on this port. If you want to see ports on your machine are open to the general public, which is often how computers are broken into, you can try Yashy's self port scan. You don't want to see any ports open, or listening, unless you've intentionally started that process for the public to connect to.

Ideally if you see any ports open, you will close down the application that has that port open. Alternatively you can install and use a firewall.