• Increase font size
  • Default font size
  • Decrease font size
netstat

Display list of all open ports on linux

Sunday, 15 November 2009 linux

Display list of all open ports on linux 

[root@hc168 ~]# netstat -tulpn

output

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      27158/mysqld        
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      2463/vsftpd         
tcp        0      0 :::12655                    :::*                        LISTEN      2418/sshd           
tcp        0      0 :::80                       :::*                        LISTEN      3384/httpd          
tcp        0      0 :::8181                     :::*                        LISTEN      3384/httpd
 

How to kill a TCP connection using netstat

Wednesday, 28 October 2009 linux

 Syntax:

tcpkill -i eth0 { expression }
Examples:
(a) Kill all outgoing ftp (port 21) connection:

tcpkill -i eth0 port 21
(b) Kill all all packets arriving at or departing from host 192.168.1.2 (host12.nixcraft.com)

tcpkill host 192.168.1.2
OR

tcpkill host host12.nixcraft.com

(c) To kill all IP packets between 192.168.1.2 and any host except 192.168.1.111, type the following:

tcpkill ip host 192.168.1.2 and not 192.168.1.111

After that, you can setup the ddos mitigation script and that should greatly improve the server's performance.

tcpkill command

Use tcpkill command to kill specified in-progress TCP connections. It is useful for libnids-based applications which require a full TCP 3-whs for TCB creation.

Syntax:

tcpkill -i eth0 { expression }

Examples:

(a) Kill all outgoing ftp (port 21) connection:

tcpkill -i eth0 port 21

(b) Kill all all packets arriving at or departing from host 192.168.1.2 (host12.nixcraft.com)

tcpkill host 192.168.1.2

OR

tcpkill host host12.nixcraft.com


(c) To kill all IP packets between 192.168.1.2 and any host except 192.168.1.111, type the following:

tcpkill ip host 192.168.1.2 and not 192.168.1.111

 

 

 

How to Display current active Internet connections

Monday, 26 October 2009 linux

 Display current active Internet connections

 

[root@localhost ~]# netstat -nat

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address               Foreign Address             State      

tcp        0      0 0.0.0.0:199                 0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:10000               0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:8181                0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      

tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:9050                0.0.0.0:*                   LISTEN      

tcp        0      0 0.0.0.0:443                 0.0.0.0:*                   LISTEN      

tcp        0      0 172.16.0.203:22             113.16.189.100:50914        ESTABLISHED 

tcp        0      0 172.16.0.203:22             113.16.189.100:49534        ESTABLISHED 

tcp        0   1256 172.16.0.203:22             113.16.189.177:51987        ESTABLISHED 

tcp        0     52 172.16.0.203:22             113.16.183.72:2289          ESTABLISHED 

 

 

Login Form



Display News