Using netstat to Check Your Server

If you want to know what services are available on your server, and what exactly these services are doing, the netstat command is an excellent choice. netstat has many options; to see the most useful information offered by it, use the -patune options. These options have the following meanings:

• -p makes sure you see information about programs connected to ports.

• -a will show you everything there is to show.

• -u shows information for UDP ports.

• -n makes sure that IP addresses are not translated into DNS names.

• -e makes sure some extended information is displayed as well.

If you think netstat -patune offers just too much information, use netstat -patun instead. The amount of information offered in that case is slightly shorter, which makes it easier to get the information you really need. In Figure 13-15 you can see what the first screen of output generated by netstat -patune looks like.

Active Internet connections {servers and established)

Proto Recv-Q Send-Q Local Address

Edit Vie»v Teiminal Tabs Help

Foreign Address 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 127.0.0.1:427

State

Active Internet connections {servers and established)

Proto Recv-Q Send-Q Local Address

Edit Vie»v Teiminal Tabs Help

User tcp

tcp T 0 tcp

Inode PID/Prograra name

0 0.0.0.0:5989 8639 2768/owe imomd

0 0.0.0.0:389 7057 2886/slapd

0 192.168.1.125:427 6592 2697/slpd

0 127.0.0.1:427 6591 2697/slpd

0 0.0.0.0:111 6523 2655/portmap

0 127.0.0.1:2544 6843 2785/zmd

0 0.0.0.0:631 8812 2803/cupsd

0 127.0.0.1:25 7705 3148/master

0 127.0.0.1:37652 7075 2886/slapd

Foreign Address 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* 127.0.0.1:427

7056

7453

2886/slapd

3044/sshd 1:25

State

LISTEN

LISTEN

LISTEN

LISTEN

LISTEN

LISTEN

LISTEN

LISTEN

CLOSE_WAI

LISTEN

LISTEN

LISTEN

lines 1-14/21 63%

Figure 13-15. When used with the option -patune, netstat gives you everything you need to know about active network services.

The netstat command gives a lot of information when used with the -patune options. In Figure 13-15, the information described in Table 13-2 appears.

Table 13-2. Information Offered by netstat -patune

Item

Explanation

Proto Recv-Q

Send-Q

Local Address

Foreign Address

State User

Inode

PID/Program name

The protocol that is used. This can be TCP or UDP.

The number of packets waiting in the receive queue for this port at the moment netstat was used.

The number of packets waiting to be sent for this port at the moment netstat was used.

The local socket address. This address includes the local IP address, followed by the port number that is used.

The address of the foreign host that currently has an open connection to this host, if any.

The current state of the protocol connected to the mentioned port.

The numeric user ID of the user with whose permissions the process is started.

The inode(s) of files that currently are opened by the process.

The PID and name of the program that has currently claimed the mentioned port.

As you can see, netstat gives a complete overview of what is happening on your server. It is especially useful if you get error messages such as port already in use. In combination with the grep utility, it is easy to find out what program is currently holding a port open, and if so required, you can easily terminate that program. For example, to find out what program is using port 123, use netstat -patune | grep 123.

Was this article helpful?

0 0

Post a comment