Difference between revisions of "Netstat (1.04)"

From NAS-Central Buffalo - The Linkstation Wiki
Jump to: navigation, search
m
m
 
(4 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 +
{{Template:Articles|Terastation}}
 +
 
<tt>netstat</tt> tells you about the running services:
 
<tt>netstat</tt> tells you about the running services:
  

Latest revision as of 00:33, 11 November 2007


netstat tells you about the running services:

root@HD-HTGL113:~# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 *:printer               *:*                     LISTEN
tcp        0      0 *:afpovertcp            *:*                     LISTEN
tcp        0      0 *:8873                  *:*                     LISTEN
tcp        0      0 *:rsync                 *:*                     LISTEN
tcp        0      0 *:netbios-ssn           *:*                     LISTEN
tcp        0      0 *:www                   *:*                     LISTEN
tcp        0      0 *:ssh                   *:*                     LISTEN
tcp        0      0 *:22939                 *:*                     LISTEN
udp        0      0 localhost.localdom:1025 *:*
udp        0      0 HD-HTGL113:netbios-ns   *:*
udp        0      0 *:netbios-ns            *:*
udp        0      0 HD-HTGL113:netbios-dgm  *:*
udp        0      0 *:netbios-dgm           *:*
udp        0      0 *:22936                 *:*
udp        0      0 *:22939                 *:*
udp        0      0 *:bootpc                *:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     307    /var/run/lprng
unix  10     [ ]         DGRAM                    208    /dev/log
unix  2      [ ]         DGRAM                    1217   
unix  2      [ ]         DGRAM                    894    
unix  2      [ ]         DGRAM                    773    
unix  2      [ ]         DGRAM                    399    
unix  2      [ ]         DGRAM                    292    
unix  2      [ ]         DGRAM                    290    
unix  2      [ ]         DGRAM                    269    
unix  2      [ ]         DGRAM                    260    

These are quite common:

  • tcp/printer: printer, lpd
  • tcp/afpovertcp: AppleTalk
  • tcp/netbios-ssn: Samba, Windows file sharing
  • udp/netbios-ns: Samba, Windows file sharing
  • udp/netbios-dgm: Samba, Windows file sharing
  • tcp/www: Apache
  • udp/bootpc: DHCP client

More interesting:

  • tcp/rsync: rsync run by inetd
    • rsync server, exporting all shares
    • but will reject any connections from everyone, due to /etc/hosts.deny
    • used for the disk backup feature
  • tcp/8873: rsfwds run by inetd
    • will reject any connections, like rsync
    • Unknown. There is also a rsfwdc executable in /usr/sbin. The "c" probably stands for client and the "s" probably stands for server. Running "strings" on the executables shows calls to functions in libssl. And it looks like the client might call /usr/bin/rsync. The client also contains the string "Usage: rsfwdc REMOTE_HOST REMOTE_PORT [RSYNC_PARAMETERS...]". Maybe it's an encrypted version of rsync used by the TeraStation's backup feature?
  • tcp/22939: comes from lsprcvd
  • udp/22939: comes from lsprcvd
  • udp/22936: is bound by ls_servd