Administration CentOS Fedora FreeBSD Linux Tips and Tricks

Identify the process that is using some specific port

Sometimes, you may encounter a situation where you see some ports being used by some service, but you cannot exactly determine which application/service is using it. This article talks about how to identifying such services.


FreeBSD

In the case of FreeBSD, you can use “lsof” command to determine the service that is reserving port as below.

lsof -i :199
COMMAND PID USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
snmpd   993 root    9u  IPv4 0xfffff800037d3c00      0t0  TCP *:smux (LISTEN)

Here I am trying to find out which service is using port 119.

Also you can use “sockstat” to identify the service that is using the port. Here -4 says to list only IPV4 addresses.

sockstat -4 -p 199
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
root     snmpd      993   9  tcp4   *:199                 *:*

Linux

In the case of Linux, you can use “netstat” command with options as shown in the following example. Here I am trying to find out which service is using port 3306.

netstat -nlp|grep 3306
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                 LISTEN      4248/mysqld

You can use “lsof” command as well :

lsof -i :3306|grep LISTEN
mysqld  4248 mysql   15u  IPv4    11420      0t0  TCP *:mysql (LISTEN)

Related Articles

  • Get CPU Information

    You can use the dmesg utility to display the contents of the system message buffer when FreeBSD comes up. For accuracy I recommend querying /var/run/dmesg.boot file. Usually a snapshot of...
  • Scanning for rootkits and possible exploits – RKHunter

    Rootkits are malicious softwares that are installed by intruders to gain access to your server once the security of the server has been breached.  Intruders can leave some malicious softwares...
  • Patching The Ghost Vulnerability

    The Ghost vulnerability, also known as CVE-2015-0235, is an exploit in a library named glibc. This library is referenced by many applications which run on your server. The exploit is...
  • Users Logged Into Server

    This article explains on how to identify those who you do not know that are on your server. This can definitely eliminate the curiosity that people can have when taking...