Chapter 5. Server Security


57


The presence of the open port in


netstat


is reassuring because a cracker opening a port surrepti 


tiously on a hacked system would likely not allow it to be revealed through this command. Also, the


[p]


option reveals the process id (PID) of the service which opened the port, in this case the open port


belongs to


ypbind


(NIS), which is an RPC service handled in conjunction with the


portmap


service.


The


lsof


command reveals similar information since it is also capable of linking open ports to ser 


vices:


lsof  i | grep 834


Below is the relevant portion of the output for this command:


ypbind


653


0


7u


IPv4


1319


TCP *:834 (LISTEN)


ypbind


655


0


7u


IPv4


1319


TCP *:834 (LISTEN)


ypbind


656


0


7u


IPv4


1319


TCP *:834 (LISTEN)


ypbind


657


0


7u


IPv4


1319


TCP *:834 (LISTEN)


As you can see, these tools tell can reveal a lot about the status of the services running on a machine.


These tools are flexible and can provide a wealth of information about network services and con 


figuration. Consulting the man pages for


lsof


,


netstat


,


nmap


, and


services


is therefore highly


recommended.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      web hosting comparison

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Jsp Hosting
Cheap Hosting



Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved