Linux to see if the port is open

Before we discuss this issue, let's look at the computer concepts of physical ports, logical ports, port numbers, and so on.

Port-related concepts:

In Network technology, ports (port) consist of two types: logical port and physical port. A physical port is a physical port, such as an ADSL Modem, a hub, a switch, an interface on a router that is used to connect to other network devices, such as a RJ-45 port, SC port, and so on. A logical port is a logical port used to differentiate services, such as a service port in the TCP/IP protocol, with a port number ranging from 0 to 65535, such as 80 ports for browsing Web services, 21 ports for FTP services, and so on. Because of the large number of physical ports and logical ports, each port is numbered in order to differentiate the ports, which is the port number

Ports can be divided into 3 major categories by port number:

1: Recognized port (well known port)

Recognized port numbers from 0 to 1023, which are tightly bound with some common services, such as the FTP service using port 21, you can see this mapping relationship in/etc/services.

2: Register port (registered Ports):

From 1024 to 49151. They are loosely tied to some services. This means that there are many services bound to these ports, which are also used for many other purposes.

3: Dynamic or private port (and/or private Ports)

The dynamic port, the private port number, is the number of ports that can be used for any software to communicate with any other software, using the Internet Transmission Control Protocol (numbers), or the user Transfer Protocol. Dynamic ports typically from 49152 to 65535

There is a limit on the use of ports in Linux, if I want to reserve some ports for my program, then I need to control this port range. /proc/sys/net/ipv4/ip_local_port_range defines the port range of the local tcp/udp, you can define Net.ipv4.ip_local_port_range in/etc/sysctl.conf 1024 65000

cat /proc/sys/net/ipv4/ip_local_port_range32768   61000~]#  Echo 1024x768 65535 >/proc/sys/net/ipv4/ip_local_port_range

about ports and services, I used to use public toilets for example, every toilet in the public toilets is like every port of the system, the solution is the so-called service, you provide these services, then you must open the port (toilet), when someone is on the toilet, it is on these ports to establish a link. If the toilet is occupied, it means that the port number is occupied by the service, if one day there is no public toilet service, the public toilet is dismantled, naturally there is no port number. In fact, more image examples, like the bank lobby, the port number is those counters, and those who handle the business is like a link to the server of various clients. They send business contacts to the counter via port redirection technology. to give an easy-to-understand example, the port number, like the high-iron line of each site, for example, Changsha, Yueyang, and so on represent a port number, passengers through the train tickets to their respective sites, like each application sent to the server port IP packet.

Port-to-service relationships

What's the use of ports? We know that a host with an IP address can provide a number of services, such as Web services, FTP services, SMTP services, and so on, which can be fully implemented with 1 IP addresses. So, how does the host differentiate between different Web services? Obviously you can't just rely on IP addresses, because the relationship between IP addresses and network services is a one-to-many relationship. In fact, the "IP address + port number" to distinguish between different services.

The port number corresponds to the corresponding service in the/etc/services file, where most of the ports can be found.

How to check whether the port is open, in fact, do not tidy up, still do not know there are so many ways!

1:nmap Tool detects open ports

Nmap is a tool for network scanning and host detection. The installation of Nmap is very simple, as shown in the RPM installation shown below.

[Email protected] server]# RPM-IVH nmap-4.11-1.1. x86_64.rpm Warning:nmap-4.11-1.1. X86_64.rpm:Header V3 DSA Signature:nokey, key ID37017186Preparing ... ########################################### [ -%]   1: Nmap ########################################### [ -%][[email protected]-server server]# RPM-IVH nmap-frontend-4.11-1.1. x86_64.rpm Warning:nmap-frontend-4.11-1.1. X86_64.rpm:Header V3 DSA Signature:nokey, key ID37017186Preparing ... ########################################### [ -%]   1: Nmap-frontend ########################################### [ -%][[email protected]-server server]#

About the use of nmap, can be long-capitalized close-up, here do not expand. As shown below, Nmap 127.0.0.1 view native open ports, which scan all ports. Of course, you can also scan other server ports.

[[email protected] server]# Nmap127.0.0.1starting Nmap4.11(http://www.insecure.org/nmap/) at 2016-06-22 15:46 CSTInteresting ports on Localhost.localdomain (127.0.0.1): not shown:1674closed Portsport State SERVICE A/TCP OpenSSH -/TCP Open SMTP111/TCP Open Rpcbind631/TCP Open IPP1011/TCP Open Unknown3306/TCP Open MySQL Nmap finished:1IP Address (1Host up) scannedinch 0.089secondsyou have new mailinch/var/spool/mail/Root[[email protected]-server server]#

2:netstat Tool detects open ports

[Email protected] server]# NETSTAT-ANLP |grep:3306TCP0      0:::3306:::* LISTEN7358/mysqld [[email protected]-server server]# NETSTAT-ANLP |grep: ATCP0      0::: A:::* LISTEN4020/sshd TCP0      the:: FFFF:192.168.42.128: A:: FFFF:192.168.42.1:43561Established6198/2[[Email protected]-server server]#

As shown above, this tool does not feel as straightforward as nmap. Of course, there is no more powerful nmap.

3:lsof Tool detects open ports

[[email protected]Server server]# service mysql startstarting mysql ... [  OK  ][[email protected]-server server]# lsof-i:3306COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE namemysqld   7860 mysql   15u  IPv6  44714       TCP *: MySQL (LISTEN) [email Protected]-Server server]# service MySQL stopshutting down MySQL: [  OK  ][[email protected]-server server]# lsof-i:3306[[email protected]

[Email protected] server]# lsof-i tcp|FgrepLISTENCUPSD3153Root4uIPv49115TCP Localhost.localdomain:ipp (LISTEN) Portmap3761Rpc4uIPv410284TCP *: Sunrpc (LISTEN) rpc.statd3797Rpcuser7uIPv410489TCP *:1011(LISTEN) sshd4020Root3uIPv612791TCP *:SSH(LISTEN) SendMail4042Root4uIPv412876TCP LOCALHOST.LOCALDOMAIN:SMTP (LISTEN)

4: Use Telnet to detect if the port is open

The server port, even if it is listening, is blocked by the firewall iptables, and it is not possible to detect whether the port is open by this method.

The 5:netcat tool detects if the port is open.

[Email protected] ~]# NC-VV192.168.42.128 1521Connection to192.168.42.128 1521Port [TCP/NCUBE-LM] succeeded![[Email protected]-server ~]# Nc-z192.168.42.128 1521;Echo$?Connection to192.168.42.128 1521Port [TCP/NCUBE-LM] succeeded!0[[Email protected]-server ~]# NC-VV192.168.42.128 1433Nc:connect to192.168.42.128Port1433(TCP) Failed:no route to host

Close ports and open ports

Closing ports and open ports should be two different concepts, each with a corresponding service, so to close the port, just close the appropriate service. Like the following example, the MySQL service is turned on, Port 3306 is listening, and when the MySQL service is turned off, Port 3306 is turned off naturally.

[[email protected]Server server]# service mysql startstarting mysql ... [  OK  ][[email protected]-server server]# lsof-i:3306COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE namemysqld   7860 mysql   15u  IPv6  44714       TCP *: MySQL (LISTEN) [email Protected]-Server server]# service MySQL stopshutting down MySQL: [  OK  ][[email protected]-server server]# lsof-i:3306[[email protected]

Therefore, there are some unnecessary ports and services in the system, from the point of view of security or resource saving, we should shut down those unnecessary services. Close the corresponding port. In addition, even if the service is turned on, the firewall restricts the corresponding port so that the port cannot be accessed, but the port itself is not shut down, only the port is blocked.

Xiaoxiang Hidden Person

Source: http://www.cnblogs.com/kerrycode/

Linux to see if the port is open