Hi all.
I was messing around on my server sometime ago and I have nmap-ed myself and noticed port XXX opened. I knew I have something running on the server from the lan side and I couldn’t remember what it was!
So I googled a bit and came up with this command:
netstat -tlnp | grep XXX
It must be run as root. If You run it as user the process is root owned – You wont be given the access to the information about the process.
Lets say the open port is 22… I know its SSH but lets say I “forgot”.
As You can see user failed, but root got detailed information process and its id number.
Sometimes You need to skip some of the switches in the command like t for example coz process is not using TCP but UDP.
Thats all – simple as that…
Andy
