So I’ve now been here by calendar 34 working days. I’m getting a little more responsibility as time goes on. Now that they know I have the chops.
For example – I was asked to identify what ports applications are using on the servers.
Now if you’ve been around networking you know about a utility called netstat.
You just do a :
sudo netstat -A inet -n -p
Ok, lets take it apart piece by piece.
sudo is a way of allowing people to run things at elevated privilege but without having to know the root password for the system. Pretty convenient and you can also tightly control WHO can sudo too but managing group membership.
The part ‘netstat’ is the application discussed above.
The ‘-A inet’ says look for Internet TCP/IP protocol only.
The ‘-n’ shows addresses as numerical and not hostnames.
The ‘-p’ is to show the process id and program name.
It’s really simple. And what you end up with is something like this:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:39064 127.0.0.1:5672 ESTABLISHED 2901/python
tcp 0 0 127.0.0.1:47017 127.0.0.1:11211 TIME_WAIT –
tcp 0 0 127.0.0.1:41314 127.0.0.1:5672 ESTABLISHED 2897/python
tcp 0 0 127.0.0.1:41311 127.0.0.1:5672 ESTABLISHED 2829/python
tcp 0 0 127.0.0.1:47015 127.0.0.1:11211 TIME_WAIT –
tcp 0 0 127.0.0.1:41309 127.0.0.1:5672 ESTABLISHED 2861/python
tcp 0 0 127.0.0.1:41310 127.0.0.1:5672 ESTABLISHED 2816/python
tcp 0 0 127.0.1.1:10000 127.0.1.1:59830 TIME_WAIT –
tcp 0 0 127.0.0.1:54514 127.0.0.1:5672 ESTABLISHED 2906/python
tcp 0 0 127.0.0.1:41313 127.0.0.1:5672 ESTABLISHED 2365/python
tcp 0 0 192.168.201.1:21 192.168.201.10:38196 TIME_WAIT –
tcp 0 0 127.0.1.1:33940 127.0.1.1:6444 ESTABLISHED 2906/python
tcp 0 0 127.0.1.1:33954 127.0.1.1:6444 ESTABLISHED 2220/python
tcp 0 0 127.0.0.1:41312 127.0.0.1:5672 ESTABLISHED 2878/python
tcp 0 52 10.1.20.70:22 10.1.20.110:57441 ESTABLISHED 23781/sshd: anthony
tcp 0 0 127.0.0.1:4369 127.0.0.1:58920 ESTABLISHED 2167/epmd
tcp 0 0 127.0.0.1:47016 127.0.0.1:11211 TIME_WAIT –
So what the above shows is Python. All those ports – it’s how Python handles intra-process communication. And you never know what port is what. So that would be a Dynamic assignment of ports.
But then we see my SSH connection at port 22. That’s a fixed port or as fixed as you can get without major reconfiguration.
So there you go – a use for netstat. It lives on WIndows boxes too except it is considerably crippled on Windows platforms. For example, -A doesn’t exist. A netstat -p TCP -n does the similar thing.