The article is a bit confused...
|
| Author | Content |
|---|---|
| dotmatrix Apr 13, 2016 10:51 AM EDT |
But... one of my pet peeves is the continual appearance of 'nmap' for locating open ports. nmap is not a system tool. nmap is a tool for scanning other machines in a network. nmap is generally not installed by default in many GNU/Linux distros. The correct system tool for looking at ports on a given machine is: netstat Documentation: http://linux.die.net/man/8/netstat To see all open [listening] ports and sockets on a GNU/Linux machine: netstat -l To see all tcp connections: netstat -t **** However, if you are trying to find out if a remote machine, to which you do not have administrator access, has open ports... nmap is a decent solution... even though, depending on the bullishness of the admin, its use may result in your IP address getting automatically blocked by the remote machine's firewall |
| penguinist Apr 13, 2016 12:17 PM EDT |
I agree with all those points. It is rather overkill to scan your own machine when netstat is so handy. One other use I've made of nmap was to save time while administering 25 machines in a university classroom where the IP addresses were assigned dynamically. It was easy to nmap the subnet and look for the "signature" of my 25 machines while sorting the wheat (my pristine Linux machines) from the chaff (another couple hundred virus-laden Windows boxes). |
| gus3 Apr 17, 2016 5:21 PM EDT |
nmap from a remote machine is what you use when you suspect the machine under test has been compromised. ps, netstat, lsof, ls, and top are the first executables to be replaced; they hide the nefarious activity from resource listings. |
| BernardSwiss Apr 17, 2016 8:52 PM EDT |
I usually use ' lsof -i ' which tells me which users and which programs are making those internet connections, as well. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!