1821216 Members
3145 Online
109632 Solutions
New Discussion юеВ

Re: Network Ports

 
SOLVED
Go to solution
G V R Shankar
Valued Contributor

Network Ports

Hello All,

netstat -na |grep 4444
tcp 0 0 *.4444 *.* LISTEN

I have checked in /etc/services, but there is nothing defined for 4444. I don't understand how 4444 is being able to LISTEN. In which file is it defined?

Regards,
Ravi
9 REPLIES 9
Torsten.
Acclaimed Contributor

Re: Network Ports

Only inetd services are listed in this file /etc/services.
Use lsof to get more info about this port.

Maybe this applies too:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1139145

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
G V R Shankar
Valued Contributor

Re: Network Ports

Hi,

The port 4444 is open. Network team has added ACL to allow the traffic. I didn't do anything on the Unix box, I don't understabd how it is in listen state.
Ludovic Derlyn
Esteemed Contributor

Re: Network Ports

hi

Have you kerberos installed ? if i look in ports assignment, port 4444 may be krb524

see :

http://www.iana.org/assignments/port-numbers

when i search krb524 on google,i found :

This directory contains the code for krb524 , a service that converts Kerberos V5 credentials into Kerberos V4 credentials suitable

regards
L-DERLYN
Matti_Kurkela
Honored Contributor

Re: Network Ports

No /etc/services definitions are required to make a port able to LISTEN.

Some programs (for example, inetd) prefer to use port names instead of numbers: that just means they will execute a getservbyname() system call to convert the port name to port number. This is just a convention: nothing forces the programs to do this.

You can even use port numbers in /etc/inetd.conf instead of port names if you wish: it just makes the configuration odd-looking and harder to understand, but the system will work just fine.

In some HP-UX versions, the only way to stop syslogd from listening for network traffic without completely shutting it down was to comment out the /etc/services entry associated with it. This is a crude way to work around the problem that syslogd did not have a real "don't listen on the network port" configuration option.

With HP-UX 11.11, a "-N" option was added to syslogd to eliminate the need for this work-around.

You'll note that if syslogd's network access is disabled by commenting out the /etc/services line, syslogd emits an error message when starting up, but it will stil work locally. The designer of HP-UX syslogd did not originally realize there might be a need to disable the network listening feature, but syslogd was programmed in such a way that this workaround just happens to be possible.

Any program is free to use the ports in the range 1024-65535 without referring to /etc/services. If a program is owned by root, it can use ports 0-1023 too.

To open a port for listening, just four system calls are needed: socket() for creating the necessary structure, bind() to associate it with a port (and optionally a specific IP address), listen() to make the port available for incoming connections, and finally accept() to handle any incoming connections. None of these system calls will refer to /etc/services in any way.

The standard way to disable network services in HP-UX is:
- if the service is started through inetd, comment out the configuration line in /etc/inetd.conf and send a "kill -HUP" to the inetd process.
- if the service is an independent process (like syslogd, sendmail, sshd or the NFS daemons), stop the service and then use the settings available in /etc/rc.config.d/ to modify its behavior or to prevent it from starting at all.
- if it's a third-party network service, find the correct way by reading the documentation of that service.

MK
MK
G V R Shankar
Valued Contributor

Re: Network Ports

Hi,

Is there any way to identify program / application and thier associated port numbers.

Ravi.
Torsten.
Acclaimed Contributor

Re: Network Ports

Read my first post!

Second line, second word - it is all there!

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Torsten.
Acclaimed Contributor
Solution

Re: Network Ports

BTW, it is here
http://hpux.asknet.de/hppd/hpux/Sysadmin/lsof-4.78/

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Ludovic Derlyn
Esteemed Contributor

Re: Network Ports

hi,

As specified by Torsten, use lsof

for example

lsof -i tcp:23
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
inetd 885 root 6u inet 0x42cfb640 0t0 TCP *:telnet (LISTEN)
telnetd 21716 root 0u inet 0x48fffdc0 0t0 TCP serveur:telnet->10.2.56.

you can see services managed by inetd and name of service : telnet

Regards
L-DERLYN
G V R Shankar
Valued Contributor

Re: Network Ports

Thanks for all the wonderfull replies.

Cheers,

Ravi.