February 2nd, 2012
(written by lawrence krubner, however indented passages are often quotes). You can contact lawrence at: firstname.lastname@example.org
A friend writes to me:
‘netstat -an’ or ‘netstat -ln’ (depending on the platform’ will tell you every port and network connection a machine has open. That may be all that you need.
The program ‘lsof,’ which is a utility to list open files, will give you more information on specifically what software is connected to what network port. At one level everything in *nix is a file, so any process that holds open a network connection has an open file to do so. lsof is a program with many, many options, but a simple ‘lsof | grep whatever’ may be all you need. compare with the output of ‘netstat’ and ‘ps’ and you should be able the cherry pick any ports or programs on your system to see what process is doing what.
In a nutshell netstat can tell you what ports are open and or listening. lsof can help you root out what ports may be conneced to what programs, when it is not obvious. Finally the file /etc/services lists all the standard UDP/TCP ports and what programs run on them. But that file is just for reference, and is not affected by the state of your system.