查看和了解linux服务器所开放和使用的端口是维护工作中比较重要的工作。(以redhat server 5 为例)
1、nmap命令
# nmap -sT -O localhost
Starting Nmap 4.11 (
http://www.insecure.org/nmap/ ) at 2010-01-22 08:50 CST
Interesting ports on syapp1 (127.0.0.1):
Not shown: 1667 closed ports
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
513/tcp open login
514/tcp open shell
631/tcp open ipp
2049/tcp open nfs
3306/tcp open mysql
5001/tcp open commplex-link
5003/tcp open filemaker
8009/tcp open ajp13
8080/tcp open http-proxy
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=4.11%P=x86_64-redhat-linux-gnu%D=1/22%Tm=4B58F65C%O=21%C=1)
TSeq(Class=RI%gcd=1%SI=41495C%IPID=Z%TS=1000HZ)
TSeq(Class=RI%gcd=1%SI=414957%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
Interesting ports on syapp1 (127.0.0.1):
Not shown: 1667 closed ports
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
513/tcp open login
514/tcp open shell
631/tcp open ipp
2049/tcp open nfs
3306/tcp open mysql
5001/tcp open commplex-link
5003/tcp open filemaker
8009/tcp open ajp13
8080/tcp open http-proxy
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=4.11%P=x86_64-redhat-linux-gnu%D=1/22%Tm=4B58F65C%O=21%C=1)
TSeq(Class=RI%gcd=1%SI=41495C%IPID=Z%TS=1000HZ)
TSeq(Class=RI%gcd=1%SI=414957%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
Uptime 0.610 days (since Thu Jan 21 18:12:54 2010)
Nmap finished: 1 IP address (1 host up) scanned in 9.955 seconds
2、lsof命令
/usr/sbin/lsof -i :端口
# /usr/sbin/lsof -i :3422
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sshd 3828 root 3u IPv6 10063 TCP *:ssh (LISTEN)