HPE Community
Operating System - HP-UX
1822101 Members
3456 Online
109640 Solutions
New Discussion юеВ

Process and port monitoring

 
ramesh_6
Frequent Advisor

тАО09-09-2003 12:57 PM

тАО09-09-2003 12:57 PM

Process and port monitoring

Hi All,

I am in the process of monitoring system activities. I would like to know whether there are any tools available to see which process activates a port for listening to incoming requests

thanks in advance

Ramesh
0 Kudos
Reply
4 REPLIES 4
Mark Grant
Honored Contributor

тАО09-09-2003 01:00 PM

тАО09-09-2003 01:00 PM

Re: Process and port monitoring

I can't remember if this is right on hpux, but netstat -a lists all ports if they are being "listened" on, at least with GNU netstat it also includes the process name
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
steven Burgess_2
Honored Contributor

тАО09-09-2003 01:32 PM

тАО09-09-2003 01:32 PM

Re: Process and port monitoring

Hi

Have a look at your /etc/services file this will tell you which processes listen on which port

netstat -an will give you in and outbound connection details per ip address

for a more detailed view you I would download a tool called lsof

You can the 64 bit version from here:

http://www.wiretapped.net/security/host-security/lsof/binaries/hpux/B.11.11/

32 bit version from here:
http://hpux.connect.org.uk/hppd/hpux/Sysadmin/lsof-4.64/

Example

# lsof -i tcp:49152

Will dispaly all processes currently attached to that port

HTH

Steve
take your time and think things through
0 Kudos
Reply
Con O'Kelly
Honored Contributor

тАО09-09-2003 03:55 PM

тАО09-09-2003 03:55 PM

Re: Process and port monitoring

Hi Ramesh

I'd agree with Steven & get a copy of lsof on your system.
It is far superior to netstat in tracing what processes/applications have got open ports. Often if a service is not listed in /etc/services, then it is difficult with netstat to know what process is using that port.

Useful command:
# lsof -i | grep LISTEN

This will show all ports that are listening & what processes are using them.

Cheers
Con
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО09-09-2003 05:47 PM

тАО09-09-2003 05:47 PM

Re: Process and port monitoring

Hi Ramesh,

LSOF is the answer for your question as per the content of the message. It can help you in finding the processes associated with the ports. /etc/services is only a look up file which may or may not be used by all the processes that listen/connect at/to tcp/udp ports.

But the heading of your question "port monitoring", you will need to either have your corresponding process log the incoming connections or use sniffers. "nettl" is readily available on HP-UX. Look at nettl and netfmt commands for more information. From 11.0 onwards, there is a GUI version of nettl called "nettladm" available that can ease your job. tcpdump,snort,ethereal are few more famous toosl that you can get from HP's porting site.

These sniffers will consume a lot of disk space if you don't use filters.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.