[Courses] [Security] nmap and lsof
Hamster
hamster at hamsternet.org
Fri Mar 15 13:04:22 EST 2002
Hi All,
While looking for something completely unrelated, I stumbled across this apprently very useful tool.
Its called lsof (was a separate package in Mandrake - rpmfind or a search of your install cds might turn it up for your distro)
What it does is list the files that are opened by a particular process.
Its relevence for our security course is that while using nmap to list the open ports on your sytem, you might find one that you have no idea what it is.
You can use lsof to tell you which programme has this port open.
to illustrate by eg.
Port State Service
3/tcp open foo
do
lsof -i :3
and it tells you the files that are using that port, so hopefully you can track down what programme is using it.
Sorry if this is old news to others on the list, but I got very excited when I discovered something :)
Hamster
More information about the Courses
mailing list