0

After running the ss -ltun command on Ubuntu 18.04 I get this:

Netid        State          Recv-Q         Send-Q                  Local Address:Port                   Peer Address:Port         
udp          UNCONN         0              0                             0.0.0.0:55656                       0.0.0.0:*            
udp          UNCONN         0              0                             0.0.0.0:631                         0.0.0.0:*            
udp          UNCONN         0              0                             0.0.0.0:857                         0.0.0.0:*            
udp          UNCONN         0              0                             0.0.0.0:5353                        0.0.0.0:*            
udp          UNCONN         0              0                       127.0.0.53%lo:53                          0.0.0.0:*            
udp          UNCONN         0              0                             0.0.0.0:68                          0.0.0.0:*            
udp          UNCONN         0              0                             0.0.0.0:111                         0.0.0.0:*            
udp          UNCONN         0              0                                [::]:857                            [::]:*            
udp          UNCONN         0              0                                [::]:33678                          [::]:*            
udp          UNCONN         0              0                                [::]:5353                           [::]:*            
udp          UNCONN         0              0                                [::]:111                            [::]:*            
tcp          LISTEN         0              128                           0.0.0.0:111                         0.0.0.0:*            
tcp          LISTEN         0              128                     127.0.0.53%lo:53                          0.0.0.0:*            
tcp          LISTEN         0              5                           127.0.0.1:631                         0.0.0.0:*            
tcp          LISTEN         0              128                         127.0.0.1:9050                        0.0.0.0:*            
tcp          LISTEN         0              128                              [::]:111                            [::]:*            
tcp          LISTEN         0              5                               [::1]:631                            [::]:*

As an example I do not know what is port 111 used for and why is it open, so I run this:

$ grep 111 /etc/services
sunrpc      111/tcp     portmapper  # RPC 4.0 portmapper
sunrpc      111/udp     portmapper
dicom       11112/tcp
kx      2111/tcp            # X over Kerberos

Now I know it's for sunrpc, but I still don't know which program is responsible for it and how can I close it (and should I close it?). Running systemctl list-sockets shows some units but it does not say which port(s) they are managing.

Improve this question

1 Answer 1

Reset to default
2

Add the -p option to ss, it will list the processes using the ports:

ss -ultnp

To see all processes, you’ll need to run it as root:

sudo ss -ultnp
Improve this answer
2
  • Thanks. How can I decide if I should close a port? I see that avahi-daemon and rpcbind services are opening a few ports but I don't know what are they used for and if I should close them. Commented Mar 22, 2020 at 12:23
  • 1
    You should read the corresponding documentation (if it exists and is understandable) and try to determine whether you need the features they provide; Avahi is used for network service discovery, RPC is mostly used for NFS. If you’re the only user of the system, you can always disable a service and see if you miss anything a as a result... Commented Mar 22, 2020 at 13:21

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.