Sometimes, you may encounter a situation where you see some ports being used by some service, but you cannot exactly determine which application/service is using it. This article talks about how to identifying such services.
FreeBSD
In the case of FreeBSD, you can use “lsof” command to determine the service that is reserving port as below.
lsof -i :199
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
snmpd 993 root 9u IPv4 0xfffff800037d3c00 0t0 TCP *:smux (LISTEN)
Here I am trying to find out which service is using port 119.
Also you can use “sockstat” to identify the service that is using the port. Here -4 says to list only IPV4 addresses.
sockstat -4 -p 199
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root snmpd 993 9 tcp4 *:199 *:*
Linux
In the case of Linux, you can use “netstat” command with options as shown in the following example. Here I am trying to find out which service is using port 3306.
netstat -nlp|grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 4248/mysqld
You can use “lsof” command as well :
lsof -i :3306|grep LISTEN
mysqld 4248 mysql 15u IPv4 11420 0t0 TCP *:mysql (LISTEN)
