This topic has been archived. It cannot be replied.
-
工作学习 / 专业技术讨论 / 饭得志同学在不在?问一个问题. 在AIX下如何知道某个端口被哪个进程使用. 比如说我的机器上5202端口在listening,如何知道是哪个进程在监听这个端口? 谢谢... (或则哪个UNIX大拿知道?)
-littlebears(此熊非彼熊);
2006-2-27
(#2809939@0)
-
some service or daemon. Simply, you can grep "5202 /etc/services ". It may be not accurate (if someone just changed this file on purpose). To be acurate, to do 'trace" on this port. You will get everything.
-grea(grea);
2006-2-27
(#2809976@0)
-
It is not service..
-littlebears(此熊非彼熊);
2006-2-27
(#2810079@0)
-
If it is not service, /etc/service cannot be used for sure.
-grea(grea);
2006-2-28
(#2811588@0)
-
trace? how to use it?
-littlebears(此熊非彼熊);
2006-2-27
(#2810083@0)
-
If it is not service, trace cannot be used either. For general port listening, you can use "kdb" instaed,subcommand sockinfo will give you all info. kdb is explored very deeply in IBM's course: AIX 5L kernel internal.
-grea(grea);
2006-2-28
{113}
(#2811607@0)
-
do you have losf installed on system? that is powerful tool .
-judy_an(绿腰);
2006-2-27
(#2809993@0)
-
lsof.
-frankwoo(柳五随风);
2006-2-27
(#2810041@0)
-
lsof. netstat 也可以。
-holdon(again);
2006-2-27
(#2810045@0)
-
netstat? how? I know in XP, netstat -O can do that, but in AIX.....No -O option...
-littlebears(此熊非彼熊);
2006-2-27
(#2810078@0)
-
don't know aix. on linux it's netstat -nap
-holdon(again);
2006-2-27
(#2810106@0)
-
netstat -rn or netstat -in, cannot remember exactly, use "man netstat" to find out.
-whatwhenwherewhy(一生何求);
2006-2-27
(#2810114@0)
-
That is Production Box. I can't install lsof..
-littlebears(此熊非彼熊);
2006-2-27
(#2810076@0)
-
or NMAP, if you cannot find anything else.
-canadiantire(轮胎-M.I.N.K.);
2006-2-27
(#2810085@0)
-
Can't install any software in production Box. :( ..................Any System internal command can do this?
-littlebears(此熊非彼熊);
2006-2-27
(#2810101@0)
-
不好意思,我一天都在忙...答案见内以得志之家的AIX主机为例子
比如已知3306端口在listening
root:/etc > netstat -Aan |grep 3306
70449208 tcp4 0 0 *.3306 *.* LISTEN
要察看是哪个进程在使用:
root:/etc > rmsock 70449208 tcpcb
The socket 0x70449000 is being held by proccess 18600 (mysqld).
马上发现进程mysqld,进程号18600在使用此端口
当然了,如果端口已经不再连接,或者说不再被程序占用,那么这个rmsock会马上remove掉此端口!
-thisunreal(饭得志);
2006-2-27
{428}
(#2810109@0)
-
我赛.真是牛人..佩服.佩服..严重感谢...(我就不用裸体雪地空翻360度之类的啦...)
-littlebears(此熊非彼熊);
2006-2-27
(#2810154@0)
-
知道为什么大家给老饭面子了吧:)
-frankwoo(柳五随风);
2006-2-27
(#2810213@0)
-
现在知道了..老大..
-littlebears(此熊非彼熊);
2006-2-27
(#2810238@0)
-
小弟近日正在忙着整理挨踢协会的初始名单, 欢迎各位有空来研讨切磋! #2806563@0
-thisunreal(饭得志);
2006-2-27
(#2810254@0)
-
你这个章程看起来太吓人了,咋一看以为是精英团...搞得俺们这些小半桶水都不敢参加....
-littlebears(此熊非彼熊);
2006-2-27
(#2810296@0)
-
send email to u. root@efglobe.com
-fxid(民工模范);
2006-3-2
(#2814927@0)
-
我得回到家才能收efglobe的邮件,谢谢民工兄!
-thisunreal(饭得志);
2006-3-2
(#2814963@0)
-
俺也要加盟啊
-walacato(ERIC);
2006-3-3
(#2816289@0)
-
以后这种杂事别麻烦饭老弟啦. 问我我也不知道. 呵呵
-scottee(笑熬浆糊);
2006-2-27
{16}
(#2810239@0)
-
IT的事情问问得志,炒股的事情问问浆糊....
-littlebears(此熊非彼熊);
2006-2-27
(#2810293@0)
-
那是. 呵呵. 当仁不让
-scottee(笑熬浆糊);
2006-2-27
(#2810381@0)
-
aix 有 /proc 目录吗?
-holdon(again);
2006-2-27
(#2810215@0)
-
有/proc
-thisunreal(饭得志);
2006-2-27
(#2810261@0)
-
问题再扩展一下。Solaris 9和Red Hat LINUX下面又有什么办法呢?Solaris没有rmsock这个命令。 谢谢 .
-littlebears(此熊非彼熊);
2006-3-2
(#2814715@0)
-
lsof是正解
-pipibug(皮皮巴格golf);
2006-3-2
(#2814730@0)
-
问题是,很多机器是生产用机。根本不允许安装第3方软件。在只能用系统内部命令的情况下如何完成这些任务?
-littlebears(此熊非彼熊);
2006-3-2
(#2814923@0)
-
Solaris和linux本身就是open source的,所以你的concern只是political game而已,你去读下lsof的source code然后回来照着做就行了,如果他们一定不让你装的话.
-pipibug(皮皮巴格golf);
2006-3-2
(#2814944@0)
-
在下代表土狼屯挨踢协会40余人邀请皮兄加盟,谢谢!
-thisunreal(饭得志);
2006-3-2
(#2814958@0)
-
谢谢,我给你PM,我服了你.
-pipibug(皮皮巴格golf);
2006-3-2
(#2815348@0)
-
牢记母校‘求是创新’精神: 您这个问题我不懂回答。
-thisunreal(饭得志);
2006-3-2
(#2814960@0)
-
饭兄是浙江大学毕业de?
-frankwoo(柳五随风);
2006-3-2
(#2815713@0)
-
linux 下方法很多。lsof, netstate -nap, 这都是系统自带的,不需要装。还可以自己查/proc/net/tcp 文件。这个其实很重要,如果机器被黑,其它的方法看到的都有可能是假的。
-holdon(again);
2006-3-3
(#2816301@0)
-
Kernel debugger is available on almost every Unix platform or its variant, you can use it foralmost everything related to the kernel, like this port listening inquiry. Actually, it can do much more and more. For Unix guy, it is good to practise it.
-grea(grea);
2006-3-4
{156}
(#2818497@0)