ICMP 8 OPEN
Brett Carrington
brettcar at gmail.com
Sat Oct 23 15:55:56 UTC 2004
On Sat, 23 Oct 2004 08:19:43 -0700, Daniel Robitaille
<robitaille at gmail.com> wrote:
>> (sparkes wrote this but was trimmed)
> > running 'netstat - a' will (if my memory serves me correctly) give you
> > the full rundown on all open ports. Most of these will relate to your
> > incoming email, web connections, irc, ssh and the other things most of
> > us run 24/7, plus the local sockets used in your programs. You need to
> > look for tcp, utp and icmp. But if you have a fresh ubuntu machine the
> > list will be dramatically shorter than it would be on a comparable
> > machine due to the fact (as you found out) most services are turned off
> > by default.
> >
>
> nmap is a good command to scan your own machine to see which ports are
> open to the world. On a default freshly-installed Ubuntu machine
> there should be none.
nmap is useful if you run it from a machine on the outside world. If
you run it on localhost or on your local LAN it may see ports that are
actually bound only to localhost or to the local network. Rather, try
this:
netstat -lut
This prints only (l)istening (u)dp and (t)cp sockets as well as what
address that are bound to. You can add the 'n' option to just see IP
addresses instead of hostname. The part that matters is the local
address, so anything bound to localhost there is only accessable from
the localhost, etc. Note that ::1 is the representation for localhost
in IPv6.
Other useful info:
sudo lsof -i :PORT
This will list the process ID and command name of the process
listening on that PORT. So if you want to see what program is
listening on the port 25, try: sudo lsof -i :25
This works for both TCP and UDP ports.
More information about the ubuntu-users
mailing list