HPE Community
Operating System - HP-UX
1821216 Members
3145 Online
109632 Solutions
New Discussion юеВ

Re: Network Ports

 
SOLVED
Go to solution
G V R Shankar
Valued Contributor

тАО07-19-2007 06:50 PM

тАО07-19-2007 06:50 PM

Network Ports

Hello All,

netstat -na |grep 4444
tcp 0 0 *.4444 *.* LISTEN

I have checked in /etc/services, but there is nothing defined for 4444. I don't understand how 4444 is being able to LISTEN. In which file is it defined?

Regards,
Ravi
0 Kudos
9 REPLIES 9
Torsten.
Acclaimed Contributor

тАО07-19-2007 07:02 PM

тАО07-19-2007 07:02 PM

Re: Network Ports

Only inetd services are listed in this file /etc/services.
Use lsof to get more info about this port.

Maybe this applies too:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1139145

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
G V R Shankar
Valued Contributor

тАО07-19-2007 07:26 PM

тАО07-19-2007 07:26 PM

Re: Network Ports

Hi,

The port 4444 is open. Network team has added ACL to allow the traffic. I didn't do anything on the Unix box, I don't understabd how it is in listen state.
0 Kudos
Ludovic Derlyn
Esteemed Contributor

тАО07-19-2007 07:34 PM

тАО07-19-2007 07:34 PM

Re: Network Ports

hi

Have you kerberos installed ? if i look in ports assignment, port 4444 may be krb524

see :

http://www.iana.org/assignments/port-numbers

when i search krb524 on google,i found :

This directory contains the code for krb524 , a service that converts Kerberos V5 credentials into Kerberos V4 credentials suitable

regards
L-DERLYN
0 Kudos
Matti_Kurkela
Honored Contributor

тАО07-19-2007 07:39 PM

тАО07-19-2007 07:39 PM

Re: Network Ports

No /etc/services definitions are required to make a port able to LISTEN.

Some programs (for example, inetd) prefer to use port names instead of numbers: that just means they will execute a getservbyname() system call to convert the port name to port number. This is just a convention: nothing forces the programs to do this.

You can even use port numbers in /etc/inetd.conf instead of port names if you wish: it just makes the configuration odd-looking and harder to understand, but the system will work just fine.

In some HP-UX versions, the only way to stop syslogd from listening for network traffic without completely shutting it down was to comment out the /etc/services entry associated with it. This is a crude way to work around the problem that syslogd did not have a real "don't listen on the network port" configuration option.

With HP-UX 11.11, a "-N" option was added to syslogd to eliminate the need for this work-around.

You'll note that if syslogd's network access is disabled by commenting out the /etc/services line, syslogd emits an error message when starting up, but it will stil work locally. The designer of HP-UX syslogd did not originally realize there might be a need to disable the network listening feature, but syslogd was programmed in such a way that this workaround just happens to be possible.

Any program is free to use the ports in the range 1024-65535 without referring to /etc/services. If a program is owned by root, it can use ports 0-1023 too.

To open a port for listening, just four system calls are needed: socket() for creating the necessary structure, bind() to associate it with a port (and optionally a specific IP address), listen() to make the port available for incoming connections, and finally accept() to handle any incoming connections. None of these system calls will refer to /etc/services in any way.

The standard way to disable network services in HP-UX is:
- if the service is started through inetd, comment out the configuration line in /etc/inetd.conf and send a "kill -HUP" to the inetd process.
- if the service is an independent process (like syslogd, sendmail, sshd or the NFS daemons), stop the service and then use the settings available in /etc/rc.config.d/ to modify its behavior or to prevent it from starting at all.
- if it's a third-party network service, find the correct way by reading the documentation of that service.

MK
MK
0 Kudos
G V R Shankar
Valued Contributor

тАО07-19-2007 09:11 PM

тАО07-19-2007 09:11 PM

Re: Network Ports

Hi,

Is there any way to identify program / application and thier associated port numbers.

Ravi.
0 Kudos
Torsten.
Acclaimed Contributor

тАО07-19-2007 09:31 PM

тАО07-19-2007 09:31 PM

Re: Network Ports

Read my first post!

Second line, second word - it is all there!

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Torsten.
Acclaimed Contributor

тАО07-19-2007 09:35 PM

тАО07-19-2007 09:35 PM

Solution

Re: Network Ports

BTW, it is here
http://hpux.asknet.de/hppd/hpux/Sysadmin/lsof-4.78/

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Ludovic Derlyn
Esteemed Contributor

тАО07-19-2007 09:36 PM

тАО07-19-2007 09:36 PM

Re: Network Ports

hi,

As specified by Torsten, use lsof

for example

lsof -i tcp:23
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
inetd 885 root 6u inet 0x42cfb640 0t0 TCP *:telnet (LISTEN)
telnetd 21716 root 0u inet 0x48fffdc0 0t0 TCP serveur:telnet->10.2.56.

you can see services managed by inetd and name of service : telnet

Regards
L-DERLYN
0 Kudos
G V R Shankar
Valued Contributor

тАО07-19-2007 09:44 PM

тАО07-19-2007 09:44 PM

Re: Network Ports

Thanks for all the wonderfull replies.

Cheers,

Ravi.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.