linux»·¾³Ï¶˿ڲéѯ

ÖÃÁËÍøÂç·þÎñÖ®ºó£¬¹Ø×¢Ò»ÏÂÄÄЩ¶Ë¿ÚÔÚ¼àÌýϵͳµÄÍøÂç½Ó¿ÚÕâÒ»µãºÜÖØÒª¡£Èκδò¿ªµÄ¶Ë¿Ú¶¼¿ÉÄÜÊÇÈëÇÖµÄÖ¤Ã÷¡£
ÒªÁоÙÕýÔÚ¼àÌýÍøÂçµÄ¶Ë¿Ú£¬ÓÐÁ½ÖÖ»ù±¾·½·¨¡£Ò»ÖÖ²»Ì«¿É¿¿µÄ·½·¨ÊÇͨ¹ý¼üÈë netstat -an »ò lsof -i
Ö®ÀàµÄÃüÁîÀ´²éѯÍøÂç¶ÑÕ»¡£ÕâÖÖ·½·¨Ö®ËùÒÔ²»Ì«¿É¿¿ÊÇÒòΪÕâЩ³ÌÐò²»Á¬½ÓÍøÂçÉϵĻúÆ÷£¬¶øÊDz鿴ϵͳÉÏÔÚÔËÐÐʲô¡£Òò´Ë£¬ËüÃÇƵ·±³ÉΪ¹¥»÷ÕßµÄÌ滻Ŀ±ê¡£
¹Ö¿ÍÔÚ´ò¿ªÁËδ¾­ÊÚȨµÄÍøÂç¶Ë¿Úºó£¬¾ÍÒÔÕâÖÖ·½·¨À´ÆóͼÑÚ¸ÇËûÃǵÄ×Ù¼£¡£
¸ü¿É¿¿µÄ·½·¨ÊÇʹÓà nmap Ö®ÀàµÄ¶Ë¿ÚɨÃèÆ÷À´¼ì²éÄÄЩ¶Ë¿ÚÕýÔÚ¼àÌýÍøÂç¡£
ÒÔÏ´ӿØÖÆ̨·¢³öµÄÃüÁî»áÅж¨ÄÄЩ¶Ë¿ÚÔÚ¼àÌýÀ´×ÔÍøÂçÉ쵀 TCP Á¬½Ó£º
nmap -sT -O localhost
¸ÃÃüÁîµÄÊä³öºÍÒÔÏÂÏàËÆ£º
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on localhost.localdomain (127.0.0.1): (The 1596 ports
scanned but not shown below are in state: closed) Port State Service
22/tcp open ssh 111/tcp open sunrpc 515/tcp open printer 834/tcp open
unknown 6000/tcp open X11 Remote OS guesses: Linux Kernel 2.4.0 or
Gentoo 1.2 Linux 2.4.19 rc1-rc7)
Nmap run completed -- 1 IP address (1 host up) scanned in 5 seconds
¸ÃÊä³öÏÔʾÁËÓÉÓÚ sunrpc ·þÎñµÄ´æÔÚ£¬ÏµÍ³ÕýÔÚÔËÐÐ portmap¡£È»¶ø£¬¶Ë¿Ú834ÉÏ»¹ÓÐÒ»¸öÉñÃØ·þÎñ¡£Òª²é¿´Ò»Ï¸ö˿ÚÊÇ·ñºÍÈκÎÒÑÖª·þÎñÏà¹Ø£¬¼üÈ룺
cat /etc/services | grep 834
¸ÃÃüÁîûÓзµ»ØÈκÎÊä³ö¡£Õâ±íÃ÷ËäÈ»¸Ã¶Ë¿ÚÊÇÔÚ±£Áô·¶Î§ÄÚ£¨¼´´Ó0µ½1023ÄÚ£©£¬²¢ÇÒÐèÒª¸ùȨÏÞ²ÅÄÜ´ò¿ª£¬Ëü²¢Ã»ÓйØÁªÈκÎÒÑÖª·þÎñ¡£
ÏÂÒ»²½£¬¼ì²éʹÓà netstat »ò lsof µÄ¶Ë¿ÚµÄÐÅÏ¢¡£ÒªÊ¹Óà netstat ¼ì²é¶Ë¿Ú834£¬Ê¹ÓÃÒÔÏÂÃüÁ
netstat -anp | grep 834
¸ÃÃüÁî·µ»ØÒÔÏÂÊä³ö£º
tcp 0 0 0.0.0.0:834 0.0.0.0:* LISTEN 653/ypbind
Õâ¸ö¿ª·Å¶Ë¿ÚÔÚ netstat
ÖдæÔÚ£¬ÕâÒ»µã±È½ÏÁîÈË°²Î¿£¬ÒòΪÈç¹û¹Ö¿ÍÔÚ±»¹¥»÷µÄϵͳÉÏ°µÖдò¿ªÒ»¸ö¶Ë¿Ú£¬ËûÃǺܿÉÄܲ»»áÈÃÕâ¸ö¶Ë¿ÚʹÓøÃÃüÁî±»±©Â¶³öÀ´¡£»¹ÓУ¬[p]
Ñ¡Ïî½ÒʾÁË´ò¿ªÕâ¸ö¶Ë¿ÚµÄ½ø³Ì id£¨PID£©¡£ÔÚÕâ¸öÀý×ÓÖУ¬±»´ò¿ªµÄ¶Ë¿ÚÊôÓÚ ypbind£¨NIS£©£¬ÕâÊÇºÍ portmap ·þÎñÒ»Æð½øÐеÄ
RPC ·þÎñ¡£
lsof ÃüÁî½ÒʾÁËÏàËƵÄÐÅÏ¢£¬ÒòΪËüÒ²Äܹ»Á´½Ó¿ª·Å¶Ë¿ÚºÍ·þÎñ£º
lsof -i | grep 834
ÒÔÏÂÊÇÕâ¸öÃüÁîÖкÍÌÖÂÛÓйصÄÊä³ö²¿·Ö£º
ypbind 653 0 7u IPv4 1319 TCP *:834 (LISTEN)
ypbind 655 0 7u IPv4