38
votes
Accepted
How do I get only the PID, without any extra information, of a process running on port 3000?
Another possible solution:
lsof -t -i :<port> -s <PROTO>:LISTEN
For example:
# lsof -i :22 -s TCP:LISTEN
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1392 root 3u ...
- 4,410
29
votes
Accepted
What's the point of firewalling outgoing connections?
There can be many reasons why someone might want to have outgoing ports closed. Here are some that I have applied to various servers at various times
The machine is in a corporate environment where ...
- 128k
27
votes
Accepted
Linux 64-bit SSH port numbers?
Is it possible to configure Linux to use 64 bit ports?
You cannot change a parameter to use 64bit ports in TCP/UDP.
You could create similar protocols, but you would only be able to communicate with ...
- 14.2k
20
votes
What's the point of firewalling outgoing connections?
To expand on @roaima's answer:
Defense in depth.
Imagine that one server is compromised by malware. The malware installs a program that starts trying to send spam. By denying outgoing connections on ...
- 32.4k
20
votes
Accepted
Why is my LAN cable opening an UDP port on my computer?
From OP's comment:
@A.B Yes I use wg. When I disable wg the unconn socket is gone. Why wg does this?
It appears the system is configured to bring a WireGuard (tunnel) interface whenever the main ...
- 39.5k
16
votes
Linux 64-bit SSH port numbers?
Having a 64b port makes it almost impossible to randomly attack a service, targeting either DoS or a login. Like
ssh -p 141592653589793238 my.site.com
And how would the client know about ...
13
votes
Accepted
How to list all ports and service with nftables?
Here's my nftables cheat sheet:
Load rules: nft -f /etc/sysconfig/nftables.conf (this will append them to the existing ones, so flushing first might be required)
Watch rules: nft list ruleset
Reset ...
- 32.9k
11
votes
Accepted
Given a service name, get its port number?
There are two standard library calls; getservbyname(3) and getservbyport(3). These allow programs to convert a name (e.g. telnet) to a port (23), or from a port back to a name.
The typical ...
- 49.3k
10
votes
How do I get only the PID, without any extra information, of a process running on port 3000?
Try this:
pid=$(fuser 3000/tcp 2>/dev/null)
(requires psmisc package)
Please note, that this is reliable only when run by the user root. Others user can only hope to find processes running with ...
- 39.5k
8
votes
How to check which localhost's ports are used on the terminal?
You can use use the ss command.
$ ss -natu
The n option means don't translate addresses to names. The a options means show all (listening and non-listening) connections. The t option means TCP ...
- 14.7k
8
votes
Accepted
Limit bandwidth on a specific port in CentOS 7?
Traffic can be limited using only Linux's Traffic Control.
Just to clarify, shadowsocks creates a tunnel with one side as a SOCKS5 proxy (sslocal, I'm assuming that's what is running on the OP's ...
- 39.5k
8
votes
What's the point of firewalling outgoing connections?
If your server is compromised by malware, it will usually want to communicate to its Command and Control to get the payload to deploy (ransomware, lateral movements, spam, bitcoin mining, ...).
If it ...
- 1,663
7
votes
Accepted
Testing connectivity and port availability using SSH instead of Telnet
I guess you can be certain that ssh is installed, but not nc. In light of that, the question could make sense.
Use the -p option. For example port open:
$ ssh -p 111 192.168.1.16
...
- 3,740
7
votes
Linux 64-bit SSH port numbers?
As others have mentioned, it is not possible as both TCP and UDP use 16 bits for port designation. So you'd have to have all the hosts on the internet change the TCP protocol to something else, which ...
- 3,286
7
votes
Accepted
scp when both hosts are remote and use different ports
Specify the ports in source and target URLs:
scp -3 scp://host1:port1//path/to/file scp://host2:port2//path/to/file
- 210
7
votes
what is BHFHS protocol port 248?
Port 248 is registered by John Kelly from Bell & Howell for bhfs. Normally, you should contact him before using the port he registered. However, the e-mail is no longer valid and it is impossible ...
- 5,063
5
votes
How do I get only the PID, without any extra information, of a process running on port 3000?
While lsof's -t is the simplest way to get the PID, lsof also has ways to select other fields using the -F option:
$ lsof -F'?'
lsof: ID field description
a access: r = read; w = write; ...
- 77.9k
5
votes
Accepted
Opening port not working
Your netstat output shows you the problem:
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 743/python
Specifically, 127.0.0.1:8000 shows that your web server is bound ...
- 79.2k
5
votes
Accepted
How to install MySQL on Ubuntu with a particular IP address on a particular port?
This configuration typically happens in my.cnf, which is usually is /etc/my.cnf or /etc/mysql/my.cnf.
[mysqld]
bind-address = 127.0.0.1
port = 3306
Edit the configuration file specifying ...
- 84
5
votes
Accepted
One port is listening with an * and the other is listening with 127.0.0.1 and only the first is accepting remote connections
A port listening on 127.0.0.1 indicates that it is only listening on the loopback network interface (lo), meaning it can only be accessed from localhost. This is usually the default for security ...
- 174
5
votes
Port 3000 is always being hogged by grafana-server
I have been struggling to figure this out for mac. This page kept showing up. So, to help other mac users please use the following command
brew services stop grafana
- 51
5
votes
Accepted
What's the impact of setting pasv_min_port=pasv_max_port in vsftpd?
TL; DR: The impact is that your FTP server will only support 1 transfer at a time. Definitely a no-no for FTP servers meant to serve concurrent clients. It might be ok for a private FTP server used by ...
- 5,573
5
votes
Accepted
netcat closing connection on localhost listening end after connection attempt
There are many different implementations of netcat.
I'll assume you are not using the traditional implementation but a more modern one, which can handle IPv6, because 1st issue looks related to IPv6. ...
- 39.5k
5
votes
Accepted
bash script, check port response with bash's built-in /dev/tcp, time delay | hangs | speed up
Run this with timeout.
I put a timer varible to check the running time.
It seems you can't speed up the scritp more than 0.01.
If this scirpt is executed with 0.001, you will only see the reslut of ...
- 231
4
votes
Port open/listen but no associated process
As hinted at, ss can provide the answer as well; the syntax is:
sudo ss --tcp --listening --processes 'sport = 1234'
Where 1234 is the port-of-the-day from your nmap scan. This limits the output to ...
- 68.8k
4
votes
Accepted
systemd opens socket, service fails to bind to this socket
What am I doing wrong?
You haven't written any actual test program code.
Nearly every single line of code in your test program so far is unnecessary. systemd has opened the socket, bound it, and ...
- 71.9k
4
votes
Accepted
Restrict inbound access on localhost:TCP port
There is an owner match extension in iptables, but it can only be used in OUTPUT and POSTROUTING chains. So you could add two rules in the very beginning of the iptables OUTPUT chain like this (root ...
- 114k
4
votes
Linux's Internet domain socket, transport protocols (TCP/UDP)'s socket and port
Sockets are an operating system API. This API lets applications on same or different systems communicate over the TCP and UDP (and other) protocols. UNIX domain sockets (not internet domain sockets as ...
- 2,909
4
votes
Accepted
Why does postgresql server have a `localhost:57504` to `localhost:57504` UDP "connection"?
A little bit of digging this is the stats collector. Apparently stats are posted on local loopback (aka localhost) UDP. See here: http://www.neilconway.org/talks/hacking/ottawa/ottawa_slides.pdf . ...
- 21k
Only top scored, non community-wiki answers of a minimum length are eligible