Chinaunix首页 | 论坛 | 博客

温厚谦和

首页 |  博文目录 |  关于我

me09

  • 博客访问: 1489682
  • 博文数量: 408
  • 博客积分: 10036
  • 博客等级: 上将
  • 技术积分: 4440
  • 用 户 组: 普通用户
  • 注册时间: 2006-04-06 13:57
文章分类

全部博文(408)

文章存档

2011年(1)

2010年(2)

2009年(1)

2008年(3)

2007年(7)

2006年(394)

我的朋友
最近访客
推荐博文
相关博文
netstat/lsof/nmap端口检测

分类: LINUX

2006-07-24 19:12:03

netstat/lsof/nmap端口检测


·校验哪些端口正在监听
# nmap -sT -O localhost

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2005-05-09 22:07 CST
Interesting ports on cnscn (127.0.0.1):
(The 1648 ports scanned but not shown below are in state: closed)
PORT           STATE   SERVICE
21/tcp         open       ftp
22/tcp         open       ssh
80/tcp         open       http
111/tcp       open       rpcbind
443/tcp       open       https
631/tcp       open       ipp
951/tcp       open       unknown
970/tcp       open       unknown
2049/tcp     open       nfs
3306/tcp     open        mysql
32771/tcp   open       sometimes-rpc5
32772/tcp   open       sometimes-rpc7
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7)
Uptime 0.081 days (since Mon May  9 20:11:26 2005)

Nmap run completed -- 1 IP address (1 host up) scanned in 3.014 seconds

-----------------------------------------------------------------------------------
[注]
#netstat
-t          显示tcp协议相关的进程
-u          显示udp协议相关的进程
-p          列出命令名称与进程号
-r          显示路由表
-n         列出服务的名称 | 端口号

·列出所有服务守护进程
# netstat -ap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address          State       PID/Program name   
tcp        0      0          *:32768                      *:*                         LISTEN      2208/rpc.statd      
tcp        0      0           *:32769                     *:*                         LISTEN      -                  
tcp        0      0           *:nfs                          *:*                         LISTEN      -                  
tcp        0      0     cnscn:32771                     *:*                         LISTEN      3300/ocssd.bin      
tcp        0      0     cnscn:32772                     *:*                         LISTEN      3300/ocssd.bin      
tcp        0      0           *:mysql                      *:*                          LISTEN      2556/mysqld         
tcp        0      0           *:970                        *:*                          LISTEN      2489/rpc.mountd     
tcp        0      0           *:sunrpc                    *:*                          LISTEN      2188/portmap        
tcp        0      0           *:ftp                         *:*                          LISTEN      2516/vsftpd         
tcp        0      0           *:951                        *:*                          LISTEN      2467/rpc.rquotad   
tcp        0      0     cnscn:ipp                         *:*                          LISTEN      2351/cupsd         
tcp        0      0           *:http                       *:*                          LISTEN      2660/httpd         
tcp        0      0           *:ssh                        *:*                          LISTEN      2438/sshd           
tcp        0      0           *:https                     *:*                          LISTEN      2660/httpd         
tcp        0   2448 ::ffff:211.167.237.199:ssh  ::ffff:221.216.165.189:1972 ESTABLISHED 3424/sshd: cnscn_ad
udp        0      0           *:32768                 *:*                                 2208/rpc.statd      
udp        0      0            *:nfs                    *:*                                 -                  
udp        0      0            *:32770               *:*                                 -                  
udp        0      0      cnscn:32771               *:*                                  3300/ocssd.bin      
udp        0      0      cnscn:32772               *:*                                  3300/ocssd.bin      
udp        0      0      cnscn:32773               *:*                                  3300/ocssd.bin      
udp        0      0            *:688                   *:*                                 2208/rpc.statd      
udp        0      0            *:948                   *:*                                 2467/rpc.rquotad   
udp        0      0            *:967                   *:*                                 2489/rpc.mountd     
udp        0      0            *:sunrpc                *:*                                 2188/portmap        
udp        0      0            *:ipp                     *:*                                 2351/cupsd         
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     7602   3300/ocssd.bin      /var/tmp/.oracle/sOracle_CSS_LclLstnr_localhost_0
unix  8      [ ]           DGRAM                           4943   2165/syslogd        /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     5985   2649/gpm            /dev/gpmctl
unix  2      [ ]         DGRAM                             6374   2796/hald           @/var/run/hal/hotplug_socket
unix  2      [ ACC ]     STREAM     LISTENING     5250   2320/acpid          /var/run/acpid.socket
unix  2      [ ]         DGRAM                             2617   1007/udevd          @udevd
unix  2      [ ACC ]     STREAM     LISTENING     6164   2735/xfs            /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     8344   3426/0              /tmp/ssh-cgXAFE3426/agent.3426
unix  2      [ ACC ]     STREAM     LISTENING     5928   2556/mysqld         /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     6117   2689/htt_server     /var/run/iiim/.iiimp-unix/9010
unix  2      [ ACC ]     STREAM     LISTENING     6235   2771/dbus-daemon-1  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     8334   3424/sshd: cnscn_ad
unix  3      [ ]         STREAM     CONNECTED     8333   3426/0              
unix  3      [ ]         STREAM     CONNECTED     6373   2771/dbus-daemon-1  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6372   2796/hald           
unix  3      [ ]         STREAM     CONNECTED     6341   2771/dbus-daemon-1  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6340   2785/cups-config-da
unix  3      [ ]         STREAM     CONNECTED     6242   2771/dbus-daemon-1  
unix  3      [ ]         STREAM     CONNECTED     6241   2771/dbus-daemon-1  
unix  2      [ ]         DGRAM                             6205   2735/xfs            
unix  2      [ ]         DGRAM                             6077   2699/crond         
unix  2      [ ]         DGRAM                             5984   2649/gpm            
unix  2      [ ]         DGRAM                              5584   2453/xinetd         
unix  3      [ ]         STREAM     CONNECTED     5122   2241/rpc.idmapd     
unix  3      [ ]         STREAM     CONNECTED     5121   2241/rpc.idmapd     
unix  2      [ ]         DGRAM                             5009   2208/rpc.statd      
unix  2      [ ]         DGRAM                             4955   2169/klogd         

-----------------------------------------------------------------------------

# netstat  -anp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0         0.0.0.0:32768               0.0.0.0:*                   LISTEN      2208/rpc.statd      
tcp        0      0      127.0.0.1:32771               0.0.0.0:*                   LISTEN      3300/ocssd.bin      
tcp        0      0      127.0.0.1:32772               0.0.0.0:*                   LISTEN      3300/ocssd.bin      
tcp        0      0          0.0.0.0:3306                0.0.0.0:*                   LISTEN      2556/mysqld         
tcp        0      0          0.0.0.0:970                  0.0.0.0:*                   LISTEN      2489/rpc.mountd     
tcp        0      0          0.0.0.0:111                  0.0.0.0:*                   LISTEN      2188/portmap        
tcp        0      0          0.0.0.0:21                   0.0.0.0:*                   LISTEN      2516/vsftpd         
tcp        0      0          0.0.0.0:951                 0.0.0.0:*                   LISTEN      2467/rpc.rquotad   
tcp        0      0       127.0.0.1:631                 0.0.0.0:*                   LISTEN      2351/cupsd         
tcp        0      0                  :::80                            :::*                  LISTEN      2660/httpd         
tcp        0      0                  :::22                            :::*                  LISTEN      2438/sshd           
tcp        0      0                  :::443                          :::*                  LISTEN      2660/httpd         
tcp        0   2448  ::ffff:211.167.237.199:22   ::ffff:221.216.165.189:1972 ESTABLISHED 3424/sshd: cnscn_ad

udp        0      0        0.0.0.0:32768           0.0.0.0:*                           2208/rpc.statd      
udp        0      0     127.0.0.1:32771          0.0.0.0:*                           3300/ocssd.bin      
udp        0      0     127.0.0.1:32772          0.0.0.0:*                           3300/ocssd.bin      
udp        0      0     127.0.0.1:32773          0.0.0.0:*                           3300/ocssd.bin      
udp        0      0         0.0.0.0:688             0.0.0.0:*                           2208/rpc.statd      
udp        0      0         0.0.0.0:948             0.0.0.0:*                           2467/rpc.rquotad   
udp        0      0         0.0.0.0:967             0.0.0.0:*                           2489/rpc.mountd     
udp        0      0         0.0.0.0:111             0.0.0.0:*                           2188/portmap        
udp        0      0         0.0.0.0:631             0.0.0.0:*                           2351/cupsd         

Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     7602   3300/ocssd.bin      /var/tmp/.oracle/sOracle_CSS_LclLstnr_localhost_0
unix  8      [ ]            DGRAM                          4943   2165/syslogd        /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     5985   2649/gpm            /dev/gpmctl
unix  2      [ ]            DGRAM                          6374   2796/hald           @/var/run/hal/hotplug_socket
unix  2      [ ACC ]     STREAM     LISTENING     5250   2320/acpid          /var/run/acpid.socket
unix  2      [ ]            DGRAM                          2617   1007/udevd          @udevd
unix  2      [ ACC ]     STREAM     LISTENING     6164   2735/xfs            /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     8344   3426/0              /tmp/ssh-cgXAFE3426/agent.3426
unix  2      [ ACC ]     STREAM     LISTENING     5928   2556/mysqld         /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     6117   2689/htt_server     /var/run/iiim/.iiimp-unix/9010
unix  2      [ ACC ]     STREAM     LISTENING     6235   2771/dbus-daemon-1  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     8334   3424/sshd: cnscn_ad
unix  3      [ ]         STREAM     CONNECTED     8333   3426/0              
unix  3      [ ]         STREAM     CONNECTED     6373   2771/dbus-daemon-1  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6372   2796/hald           
unix  3      [ ]         STREAM     CONNECTED     6341   2771/dbus-daemon-1  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6340   2785/cups-config-da
unix  3      [ ]         STREAM     CONNECTED     6242   2771/dbus-daemon-1  
unix  3      [ ]         STREAM     CONNECTED     6241   2771/dbus-daemon-1  
unix  2      [ ]         DGRAM                             6205   2735/xfs            
unix  2      [ ]         DGRAM                            6077   2699/crond         
unix  2      [ ]         DGRAM                            5984   2649/gpm            
unix  2      [ ]         DGRAM                            5584   2453/xinetd         
unix  3      [ ]         STREAM     CONNECTED     5122   2241/rpc.idmapd     
unix  3      [ ]         STREAM     CONNECTED     5121   2241/rpc.idmapd     
unix  2      [ ]         DGRAM                             5009   2208/rpc.statd      
unix  2      [ ]         DGRAM                             4955   2169/klogd  

--------------------------------------------------------------------
# netstat  -r
Kernel IP routing table
Destination         Gateway               Genmask         Flags   MSS Window   irtt       Iface
211.167.237.0        *                  255.255.255.0      U        0      0          0         eth1
192.168.0.0            *                 255.255.255.0      U        0      0           0        eth0
169.254.0.0            *                 255.255.0.0          U        0     0           0         eth0
default          211.167.237.129        0.0.0.0             UG       0    0           0         eth1

--------------------------------------------------------------------

# netstat  -i
Kernel Interface table
Iface        MTU   Met    RX-OK  RX-ERR RX-DRP RX-OVR    TX-OK    TX-ERR   TX-DRP    TX-OVR    Flg
eth0       1500     0      5280       0         0          0           16          0            0            0        BMRU
eth1       1500     0     12139      0         0          0          2709        0            0            0        BMRU
lo        16436      0     14083      0         0           0        14083        0            0            0       LRU

--------------------------------------------------------------------

# netstat  -g
IPv6/IPv4 Group Memberships
Interface       RefCnt Group
--------------- ------ ---------------------
lo                    1      ALL-SYSTEMS.MCAST.NET
eth0               1      ALL-SYSTEMS.MCAST.NET
eth1               1      ALL-SYSTEMS.MCAST.NET
lo                    1      ff02::1
eth0               1      ff02::1:ff16:b985
eth0               1      ff02::1
eth1               1      ff02::1:ff16:ba87
eth1               1      ff02::1

--------------------------------------------------------------------
访问计时功能
# netstat  -o
Active Internet connections (w/o servers)
Proto Recv-Q    Send-Q         Local Address                     Foreign Address                      State            Timer
tcp        0         304       ::ffff:211.167.237.199:ssh     ::ffff:221.216.165.189:1972    ESTABLISHED    on (0.31/0/0)

--------------------------------------------------------------------
# netstat  -F
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0    256 ::ffff:211.167.237.199:ssh  ::ffff:221.216.165.189:1972 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  8      [ ]         DGRAM                             4943   /dev/log
unix  2      [ ]         DGRAM                             6374   @/var/run/hal/hotplug_socket
unix  2      [ ]         DGRAM                             2617   @udevd
unix  3      [ ]         STREAM     CONNECTED     8334   
unix  3      [ ]         STREAM     CONNECTED     8333   
unix  3      [ ]         STREAM     CONNECTED     6373   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6372   
unix  3      [ ]         STREAM     CONNECTED     6341   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6340   
unix  3      [ ]         STREAM     CONNECTED     6242   
unix  3      [ ]         STREAM     CONNECTED     6241   
unix  2      [ ]         DGRAM                             6205   
unix  2      [ ]         DGRAM                             6077   
unix  2      [ ]         DGRAM                             5984   
unix  2      [ ]         DGRAM                             5584   
unix  3      [ ]         STREAM     CONNECTED     5122   
unix  3      [ ]         STREAM     CONNECTED     5121   
unix  2      [ ]         DGRAM                             5009   
unix  2      [ ]         DGRAM                             4955   

-----------------------------------------------------------------------------

# netstat  -C
Active Internet connections (w/o servers)
Proto Recv-Q   Send-Q           Local Address                       Foreign Address                   State      
tcp        0         304      ::ffff:211.167.237.199:ssh     ::ffff:221.216.165.189:1972     ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  8      [ ]         DGRAM                            4943   /dev/log
unix  2      [ ]         DGRAM                            6374   @/var/run/hal/hotplug_socket
unix  2      [ ]         DGRAM                            2617   @udevd
unix  3      [ ]         STREAM     CONNECTED     8334   
unix  3      [ ]         STREAM     CONNECTED     8333   
unix  3      [ ]         STREAM     CONNECTED     6373   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6372   
unix  3      [ ]         STREAM     CONNECTED     6341   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6340   
unix  3      [ ]         STREAM     CONNECTED     6242   
unix  3      [ ]         STREAM     CONNECTED     6241   
unix  2      [ ]         DGRAM                             6205   
unix  2      [ ]         DGRAM                             6077   
unix  2      [ ]         DGRAM                             5984   
unix  2      [ ]         DGRAM                             5584   
unix  3      [ ]         STREAM     CONNECTED     5122   
unix  3      [ ]         STREAM     CONNECTED     5121   
unix  2      [ ]         DGRAM                             5009   
unix  2      [ ]         DGRAM                             4955   

--------------------------------------------------------------------
# netstat  -N
Active Internet connections (w/o servers)
Proto Recv-Q    Send-Q                 Local Address                       Foreign Address                   State      
tcp        0           256         ::ffff:211.167.237.199:ssh        ::ffff:221.216.165.189:1972     ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  8      [ ]         DGRAM                             4943   /dev/log
unix  2      [ ]         DGRAM                             6374   @/var/run/hal/hotplug_socket
unix  2      [ ]         DGRAM                             2617   @udevd
unix  3      [ ]         STREAM     CONNECTED     8334   
unix  3      [ ]         STREAM     CONNECTED     8333   
unix  3      [ ]         STREAM     CONNECTED     6373   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6372   
unix  3      [ ]         STREAM     CONNECTED     6341   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6340   
unix  3      [ ]         STREAM     CONNECTED     6242   
unix  3      [ ]         STREAM     CONNECTED     6241   
unix  2      [ ]         DGRAM                             6205   
unix  2      [ ]         DGRAM                             6077   
unix  2      [ ]         DGRAM                             5984   
unix  2      [ ]         DGRAM                             5584   
unix  3      [ ]         STREAM     CONNECTED     5122   
unix  3      [ ]         STREAM     CONNECTED     5121   
unix  2      [ ]         DGRAM                             5009   
unix  2      [ ]         DGRAM                             4955

---------------------------------------------------------------------
# netstat  -e
Active Internet connections (w/o servers)
Proto Recv-Q   Send-Q               Local Address                      Foreign Address                       State          User             Inode     
tcp        0         320           ::ffff:211.167.237.199:ssh        ::ffff:221.216.165.189:1972    ESTABLISHED          root             8312      
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  8      [ ]         DGRAM                             4943   /dev/log
unix  2      [ ]         DGRAM                             6374   @/var/run/hal/hotplug_socket
unix  2      [ ]         DGRAM                             2617   @udevd
unix  3      [ ]         STREAM     CONNECTED     8334   
unix  3      [ ]         STREAM     CONNECTED     8333   
unix  3      [ ]         STREAM     CONNECTED     6373   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6372   
unix  3      [ ]         STREAM     CONNECTED     6341   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     6340   
unix  3      [ ]         STREAM     CONNECTED     6242   
unix  3      [ ]         STREAM     CONNECTED     6241   
unix  2      [ ]         DGRAM                             6205   
unix  2      [ ]         DGRAM                             6077   
unix  2      [ ]         DGRAM                             5984   
unix  2      [ ]         DGRAM                             5584   
unix  3      [ ]         STREAM     CONNECTED     5122   
unix  3      [ ]         STREAM     CONNECTED     5121   
unix  2      [ ]         DGRAM                             5009   
unix  2      [ ]         DGRAM                             4955   

--------------------------------------------------------------------
·列出现有监听进程
# netstat -l
Active Internet connections (only servers)
Proto Recv-Q   Send-Q     Local Address       Foreign Address             State      
tcp        0          0            *:32768                     *:*                         LISTEN      
tcp        0          0            *:32769                     *:*                         LISTEN      
tcp        0          0            *:nfs                          *:*                         LISTEN      
tcp        0          0      cnscn:32771                     *:*                         LISTEN      
tcp        0          0      cnscn:32772                     *:*                         LISTEN      
tcp        0          0            *:mysql                      *:*                         LISTEN      
tcp        0          0            *:970                        *:*                         LISTEN      
tcp        0           0            *:sunrpc                    *:*                         LISTEN      
tcp        0          0            *:ftp                          *:*                         LISTEN      
tcp        0          0            *:951                        *:*                         LISTEN      
tcp        0          0      cnscn:ipp                         *:*                         LISTEN      
tcp        0          0            *:http                       *:*                         LISTEN      
tcp        0          0            *:ssh                         *:*                         LISTEN      
tcp        0          0            *:https                      *:*                         LISTEN      
udp        0          0            *:32768                    *:*                                 
udp        0          0            *:nfs                         *:*                                 
udp        0          0            *:32770                    *:*                                 
udp        0          0      cnscn:32771                    *:*                                 
udp        0          0      cnscn:32772                    *:*                                 
udp        0          0      cnscn:32773                    *:*                                 
udp        0          0            *:688                       *:*                                 
udp        0          0            *:948                       *:*                                 
udp        0          0            *:967                       *:*                                 
udp        0          0            *:sunrpc                   *:*                                 
udp        0          0            *:ipp                        *:*                                 
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     7602   /var/tmp/.oracle/sOracle_CSS_LclLstnr_localhost_0
unix  2      [ ACC ]     STREAM     LISTENING     5985   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     5250   /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     6164   /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     8344   /tmp/ssh-cgXAFE3426/agent.3426
unix  2      [ ACC ]     STREAM     LISTENING     5928   /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     6117   /var/run/iiim/.iiimp-unix/9010
unix  2      [ ACC ]     STREAM     LISTENING     6235   /var/run/dbus/system_bus_socket

---------------------------------------------------------------------

# netstat  -s
Ip:
    20033 total packets received
    0 forwarded
    0 incoming packets discarded
    19925 incoming packets delivered
    16887 requests sent out
Icmp:
    4 ICMP messages received
    1 input ICMP message failed.
    ICMP input histogram:
        destination unreachable: 1
        echo requests: 2
        echo replies: 1
    8 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
        destination unreachable: 6
        echo replies: 2
Tcp:
    1660 active connections openings
    77 passive connection openings
    0 failed connection attempts
    23 connection resets received
    1 connections established
    6042 segments received
    5977 segments send out
    32 segments retransmited
    1 bad segments received.
    1722 resets sent
Udp:
    10885 packets received
    6 packets to unknown port received.
    0 packet receive errors
    10885 packets sent
TcpExt:
    8 resets received for embryonic SYN_RECV sockets
    ArpFilter: 0
    56 TCP sockets finished time wait in fast timer
    93 delayed acks sent
    17 packets directly queued to recvmsg prequeue.
    419 packets header predicted
    TCPPureAcks: 1021
    TCPHPAcks: 298
    TCPRenoRecovery: 0
    TCPSackRecovery: 16
    TCPSACKReneging: 0
    TCPFACKReorder: 0
    TCPSACKReorder: 0
    TCPRenoReorder: 0
    TCPTSReorder: 0
    TCPFullUndo: 0
    TCPPartialUndo: 0
    TCPDSACKUndo: 0
    TCPLossUndo: 0
    TCPLoss: 1
    TCPLostRetransmit: 0
    TCPRenoFailures: 0
    TCPSackFailures: 7
    TCPLossFailures: 0
    TCPFastRetrans: 18
    TCPForwardRetrans: 0
    TCPSlowStartRetrans: 2
    TCPTimeouts: 5
    TCPRenoRecoveryFail: 0
    TCPSackRecoveryFail: 0
    TCPSchedulerFailed: 0
    TCPRcvCollapsed: 0
    TCPDSACKOldSent: 1
    TCPDSACKOfoSent: 0
    TCPDSACKRecv: 1
    TCPDSACKOfoRecv: 0
    TCPAbortOnSyn: 0
    TCPAbortOnData: 1655
    TCPAbortOnClose: 5
    TCPAbortOnMemory: 0
    TCPAbortOnTimeout: 0
    TCPAbortOnLinger: 0
    TCPAbortFailed: 0
    TCPMemoryPressures: 0

--------------------------------------------------------------------

·ports
# /home/tools/network/ports
1)TCP
Lcl port           Rmt port        Status        Rmt IP        Rmt host
------------------------------------------------------------------------------
32768= ?             0= zero      0A= LISTEN      0.0.0.0         local
32769= ?             0= zero      0A= LISTEN      0.0.0.0         local
2049= nfs           0= zero      0A= LISTEN      0.0.0.0         local
32771= ?             0= zero      0A= LISTEN      0.0.0.0         local
32772= ?             0= zero      0A= LISTEN      0.0.0.0         local
3306= mysql         0= zero      0A= LISTEN      0.0.0.0         local
  970= ?             0= zero      0A= LISTEN      0.0.0.0         local
  111= sunrpc        0= zero      0A= LISTEN      0.0.0.0         local
   21= ftp           0= zero      0A= LISTEN      0.0.0.0         local
  951= ?             0= zero      0A= LISTEN      0.0.0.0         local
  631= ipp           0= zero      0A= LISTEN      0.0.0.0         local

2)UDP
Lcl port           Rmt port        Status        Rmt IP        Rmt host
------------------------------------------------------------------------------
32768= ?             0= zero      07= CLOSE       0.0.0.0         local
2049= nfs           0= zero      07= CLOSE       0.0.0.0         local
32770= ?             0= zero      07= CLOSE       0.0.0.0         local
32771= ?             0= zero      07= CLOSE       0.0.0.0         local
32772= ?             0= zero      07= CLOSE       0.0.0.0         local
32773= ?             0= zero      07= CLOSE       0.0.0.0         local
  688= ?             0= zero      07= CLOSE       0.0.0.0         local
  948= ?             0= zero      07= CLOSE       0.0.0.0         local
  967= ?             0= zero      07= CLOSE       0.0.0.0         local
  111= sunrpc        0= zero      07= CLOSE       0.0.0.0         local
  631= ipp           0= zero      07= CLOSE       0.0.0.0         local


================================================================


·检查22端口的服务及访问连接
# lsof  -i:22
COMMAND  PID        USER   FD   TYPE DEVICE SIZE NODE NAME
sshd         2438        root    3u    IPv6             5543       TCP   *:ssh (LISTEN)
sshd         3424        root    3u    IPv6             8312       TCP    211.167.237.199:ssh->221.216.165.189:1972 (ESTABLISHED)

--------------------------------------------------------------------

·查询命令mysqld_sa的所有进程
# lsof  -c mysqld_sa
COMMAND    PID USER   FD    TYPE  DEVICE     SIZE     NODE    NAME
mysqld_sa   2529 root     txt    REG    3,5      616312   554965 /bin/bash
mysqld_sa   2529 root   mem    REG    3,5    1454835  424335 /lib/tls/libc-2.3.4.so
mysqld_sa   2529 root   255r    REG    3,5       10912   865383 /usr/bin/mysqld_safe

--------------------------------------------------------------------

·查询一个进程在进行的命令
# lsof  -p 1007
COMMAND  PID USER   FD   TYPE     DEVICE    SIZE    NODE NAME
udevd   1007 root  cwd    DIR        3,5    4096       2 /
udevd   1007 root  mem    REG        3,5   56320  424434 /lib/libselinux.so.1
udevd   1007 root    5u  unix 0xdf4f8300            2617 socket

---------------------------------------------------------------------

·按名称查询
# lsof   names   /var/log/httpd/error_log
lsof: status error on names: No such file or directory
COMMAND  PID   USER   FD   TYPE DEVICE  SIZE    NODE NAME
httpd   2660   root    2w   REG    3,5 18061 2515805 /var/log/httpd/error_log
httpd   2660   root    7w   REG    3,5 18061 2515805 /var/log/httpd/error_log

---------------------------------------------------------------------

# netstat  -h
usage: netstat [-veenNcCF] [] -r         
       netstat {-V|--version|-h|--help}
       netstat [-vnNcaeol] [ ...]
       netstat { [-veenNac] -i[] | [-cnNe] -M | -s } [delay]

        -r, --route                display routing table
        -i, --interfaces=[] display interface table
        -g, --groups               display multicast group memberships
        -s, --statistics           display networking statistics (like SNMP)
        -M, --masquerade           display masqueraded connections

        -v, --verbose              be verbose
        -n, --numeric              don't resolve names
        --numeric-hosts            don't resolve host names
        --numeric-ports            don't resolve port names
        --numeric-users            don't resolve user names
        -N, --symbolic             resolve hardware names
        -e, --extend               display other/more information
        -p, --programs             display PID/Program name for sockets
        -c, --continuous           continuous listing

        -l, --listening            display listening server sockets
        -a, --all, --listening     display all sockets (default: connected)
        -o, --timers               display timers
        -F, --fib                  display Forwarding Information Base (default)
        -C, --cache                display routing cache instead of FIB

  : Name of interface to monitor/list.
  ={-t|--tcp} {-u|--udp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom
  =Use '-A ' or '--'; default: inet
  List of possible address families (which support routing):
    inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
    netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
    x25 (CCITT X.25)



# netstat  -atuv | more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 *:32768                     *:*                         LISTEN      
tcp        0      0 *:32769                     *:*                         LISTEN      
tcp        0      0 *:nfs                       *:*                         LISTEN      
tcp        0      0 cnscn:32771                 *:*                         LISTEN      
tcp        0      0 cnscn:32772                 *:*                         LISTEN      
tcp        0      0 *:mysql                     *:*                         LISTEN      
tcp        0      0 *:970                       *:*                         LISTEN      
tcp        0      0 *:sunrpc                    *:*                         LISTEN      
tcp        0      0 *:ftp                       *:*                         LISTEN      
tcp        0      0 *:951                       *:*                         LISTEN      
tcp        0      0 cnscn:ipp                   *:*                         LISTEN      
tcp        0      0 *:http                      *:*                         LISTEN      
tcp        0      0 *:ssh                       *:*                         LISTEN      
tcp        0      0 *:https                     *:*                         LISTEN      
tcp        0      0 ::ffff:211.167.237.199:http ::ffff:221.216.165.189:2013 TIME_WAIT   
udp        0      0 *:32768                 *:*                                 
udp        0      0 *:nfs                   *:*                                 
udp        0      0 *:32770                 *:*                                 
udp        0      0 cnscn:32771             *:*                                 
udp        0      0 cnscn:32772             *:*                                 
udp        0      0 cnscn:32773             *:*                                 
udp        0      0 *:688                   *:*                                 
udp        0      0 *:948                   *:*                                 
udp        0      0 *:967                   *:*                                 
udp        0      0 *:sunrpc                *:*                                 
udp        0      0 *:ipp                   *:*         

·查看系统所有服务
# cat /etc/services
阅读(1705) | 评论(0) | 转发(0) |
0

上一篇:引导装载程序口令及保护

下一篇:Iperf: 一个优秀的网络性能测量工具

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6