Skip to content
Advertisement

Network port open, but no process attached?

When I check my server, I found some strange ports:

[root@server ~]# netstat -tulnp |grep "-"
Proto Recv-Q Send-Q Local Address    Foreign Address    State       PID/Program name   
tcp        0      0 0.0.0.0:2049     0.0.0.0:*          LISTEN      -                   
tcp        0      0 0.0.0.0:33181    0.0.0.0:*          LISTEN      -                   
udp        0      0 0.0.0.0:2049     0.0.0.0:*                      -                   
udp        0      0 0.0.0.0:33252    0.0.0.0:*                      -  

No program can be found in the output of netstat -tulnp(with root privilege).

How could I find the usage of these ports? How could I judge it’s safe or not?

OS: CentOS 5.6 x86_64

Kernel: 2.6.18-238.el5 #1 SMP Thu Jan 13 15:51:15 EST 2011 x86_64 x86_64 x86_64 GNU/Linux

update:

# rpcinfo -p
program vers proto   port
100000    2   tcp    111  portmapper
100000    2   udp    111  portmapper
100011    1   udp    824  rquotad
100011    2   udp    824  rquotad
100011    1   tcp    827  rquotad
100011    2   tcp    827  rquotad
100003    2   udp   2049  nfs
100003    3   udp   2049  nfs
100003    4   udp   2049  nfs
100021    1   udp  33252  nlockmgr
100021    3   udp  33252  nlockmgr
100021    4   udp  33252  nlockmgr
100003    2   tcp   2049  nfs
100003    3   tcp   2049  nfs
100003    4   tcp   2049  nfs
100021    1   tcp  33181  nlockmgr
100021    3   tcp  33181  nlockmgr
100021    4   tcp  33181  nlockmgr
100005    1   udp    839  mountd
100005    1   tcp    842  mountd
100005    2   udp    839  mountd
100005    2   tcp    842  mountd
100005    3   udp    839  mountd
100005    3   tcp    842  mountd

Advertisement

Answer

These are likely to be RPC ports reserved by the portmapper. 2049 is a well known port used by NFS. Your other ports are probably other RPC services. To query the portmapper for a full list of services and their ports use rpcinfo -p.

User contributions licensed under: CC BY-SA
4 People found this is helpful
Advertisement