Check the port number opened on the server in Linux.

Source: Internet
Author: User

Check the port number opened on the server in Linux.

Before discussing this issue, let's take a look at computer concepts such as physical ports, logical ports, and port numbers.

Concepts related to ports:

In network technology, a Port can be a logical Port or a physical Port. Physical port refers to the physical port, such as ADSL Modem, Hub, switch, router interface used to connect to other network devices, such as RJ-45 port, SC port and so on. A logical port is a port logically used to differentiate services, such as a service port in the TCP/IP protocol. The port number ranges from 0 to 65535, for example, port 80 used to browse Web Services, port 21 of the FTP service. Because the number of physical and logical ports is large, each port is numbered to distinguish the ports.

Ports can be divided into three categories by port number:

1: Well Known Port)

The accepted port numbers are from 0 to 1023. They are closely bound to some common services. For example, if the FTP service uses port 21, you can see this ing relationship in/etc/services.

2: register the port (Registered Ports ):

From 1024 to 49151. They are loosely bound to some services. That is to say, many services are bound to these ports, which are also used for many other purposes.

3: Dynamic or Private Ports)

Dynamic port (private port numbers) is the number of ports that can be used for communication between any software and any other software. It uses the transmission control protocol over the Internet or user transmission protocol. Dynamic ports are generally from 49152 to 65535

Linux has a limited port range. If I want to reserve some ports for my program, I need to control the port range. /Proc/sys/net/ipv4/ip_local_port_range defines the port range of local TCP/UDP. You can define net. ipv4.ip _ local_port_range = 1024 65000 in/etc/sysctl. conf

[root@localhost ~]# cat /proc/sys/net/ipv4/ip_local_port_range
32768   61000
[root@localhost ~]#  echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range

For ports and services, I used to use public toilets for example. Every toilet in public toilets is like every port in the system. Convenience is a so-called service. You have provided these services, the port (toilet) must be opened. When someone goes to the toilet, a link is established on these ports. If the restroom is occupied, it indicates that the port number is occupied by the service. If the public restroom service is unavailable one day, the restroom is removed, naturally, there is no port number. In fact, a more vivid example is like the bank lobby, where the port number is the counter, and those who take the number to handle the business are like the various clients linked to the server. They send business contacts to the counter through port redirection technology. Another easy-to-understand example is the port number, which is similar to each site on the high-speed rail line. For example, Changsha and Yueyang respectively represent a port number. Passengers can send train tickets to their respective sites, it is like the IP packet from each application to the server port.

Relationship between ports and services

What is the port used? We know that a host with an IP address can provide many services, such as Web services, FTP services, and SMTP services. These services can be implemented by one IP address. So how does a host distinguish between different network services? Obviously, you cannot rely only on IP addresses because the relationship between IP addresses and network services is one-to-many. In fact, different services are differentiated by "ip address + port number.

The correspondence between the port number and the corresponding service is stored in the/etc/services file. Most ports can be found in this file.

I don't know how to check whether the port is open!

1: nmap tool detects open ports

Nmap is a tool for network scanning and host detection. Nmap installation is very simple, as shown in the following rpm installation.

[root@DB-Server Server]# rpm -ivh nmap-4.11-1.1.x86_64.rpm 
warning: nmap-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:nmap                   ########################################### [100%]
[root@DB-Server Server]# rpm -ivh nmap-frontend-4.11-1.1.x86_64.rpm 
warning: nmap-frontend-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:nmap-frontend          ########################################### [100%]
[root@DB-Server Server]# 

Nmap can be used in uppercase or lowercase. As shown in the following figure, nmap 127.0.0.1 scans all ports by checking the ports opened on the local machine. You can also scan other server ports.

[root@DB-Server Server]# nmap 127.0.0.1
 
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2016-06-22 15:46 CST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1674 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
25/tcp   open  smtp
111/tcp  open  rpcbind
631/tcp  open  ipp
1011/tcp open  unknown
3306/tcp open  mysql
 
Nmap finished: 1 IP address (1 host up) scanned in 0.089 seconds
You have new mail in /var/spool/mail/root
[root@DB-Server Server]# 

2: netstat tool detects open ports

[root@DB-Server Server]# netstat -anlp | grep 3306
tcp        0      0 :::3306                     :::*                        LISTEN      7358/mysqld         
[root@DB-Server Server]# netstat -anlp | grep 22
tcp        0      0 :::22                       :::*                        LISTEN      4020/sshd           
tcp        0     52 ::ffff:192.168.42.128:22    ::ffff:192.168.42.1:43561   ESTABLISHED 6198/2              
[root@DB-Server Server]# 

As shown above, this tool does not feel as concise and clear as nmap. Of course, nmap is not powerful.

3: lsof tool detects open ports

 
[root@DB-Server Server]# service mysql start
Starting MySQL......[  OK  ]
[root@DB-Server Server]# lsof -i:3306
COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE NAME
mysqld  7860 mysql   15u  IPv6  44714       TCP *:mysql (LISTEN)
[root@DB-Server Server]# service mysql stop
Shutting down MySQL..[  OK  ]
[root@DB-Server Server]# lsof -i:3306
[root@DB-Server Server]# 

 

[root@DB-Server Server]# lsof -i TCP| fgrep LISTEN
cupsd     3153    root    4u  IPv4   9115       TCP localhost.localdomain:ipp (LISTEN)
portmap   3761     rpc    4u  IPv4  10284       TCP *:sunrpc (LISTEN)
rpc.statd 3797 rpcuser    7u  IPv4  10489       TCP *:1011 (LISTEN)
sshd      4020    root    3u  IPv6  12791       TCP *:ssh (LISTEN)
sendmail  4042    root    4u  IPv4  12876       TCP localhost.localdomain:smtp (LISTEN)

4: Use telnet to check whether the port is open

Even if the server port is in the listening status, the firewall iptables shields the port and cannot detect whether the port is open through this method.

5: The netcat tool checks whether the port is open.

[root@DB-Server ~]# nc -vv 192.168.42.128 1521
Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded!
[root@DB-Server ~]# nc -z 192.168.42.128 1521; echo $?
Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded!
0
[root@DB-Server ~]#  nc -vv 192.168.42.128 1433
nc: connect to 192.168.42.128 port 1433 (tcp) failed: No route to host

Close and open ports

There are two different concepts: closing a port and opening a port. Each port has a corresponding service. to close a port, you only need to close the corresponding service. In the following example, the MySQL service is enabled, and port 3306 is in the listening state. After the MySQL service is disabled, port 3306 is naturally disabled.

 
[root@DB-Server Server]# service mysql start
Starting MySQL......[  OK  ]
[root@DB-Server Server]# lsof -i:3306
COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE NAME
mysqld  7860 mysql   15u  IPv6  44714       TCP *:mysql (LISTEN)
[root@DB-Server Server]# service mysql stop
Shutting down MySQL..[  OK  ]
[root@DB-Server Server]# lsof -i:3306
[root@DB-Server Server]# 

Therefore, some unnecessary ports and services in the system should be disabled from the perspective of security or resource saving. Close the corresponding port. In addition, even if the service is enabled, the firewall limits the corresponding port so that the port cannot be accessed, but the port itself is not closed, but the port is blocked.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.