nmap is a great tool that will show you what is listening on each port of a given machine.


nmap tries to give you some information about each port that it finds. It does not assume that any service is listening on any port number and it will tell you what is listening on the port if it is told to do so and it is able to do so.


However, I felt that the information that was given to me via nmap still left a lot of research to do on each port so I threw a script together to tell you what process is listening on each port and to give you some more information about the process so you can tell at a glance what is happening on the system that you are responsible for.


Enjoy the script. 


#!/usr/bin/sh
#
#This utility is used to list all of the open
#ports on a Solaris UNIX based machine.
#It relies heavily on tools that are used
#to read through the /proc directory so
#it needs to be run as root or as
#a root equivalent.
#
for i in `ls /proc`
do
openport=`pfiles $i 2> /dev/null |grep "port:"`
if [ ! -z "$openport" ]; then
echo "Process ID #: $i"
echo ""
echo "Ports used: \n $openport"
echo ""
commandline=`/usr/ucb/ps awwx $i | awk '{print $5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25}'`
echo "$commandline"
echo ""
commandline2=`pargs -l $i`
echo "Command Line #2: $commandline2" 
echo ""
eco=`pargs -e $i`
echo "Environment Variables: $eco"
echo ""
deps=`pldd $i`
echo "Libraries used: $deps"
echo ""
filedescriptors=`pfiles $i | grep rlimit | awk '{print $3,$4,$5}'`
echo "Maximum number of file descriptors = $filedescriptors"
echo ""
eu=`ps -o user -p $i`
ru=`ps -o ruser -p $i`
eg=`ps -o group -p $i`
rg=`ps -o rgroup -p $i`
effectiveuser=`echo $eu | awk '{print $2}'`
realuser=`echo $ru | awk '{print $2}'`
effectivegroup=`echo $eg | awk '{print $2}'`
realgroup=`echo $rg | awk '{print $2}'`
echo "Effective	 Real	 Effective	 Real"
echo "User		 User	 Group		 Group"
echo ""
echo "$effectiveuser \t\t $realuser \t $effectivegroup \t\t $realgroup"
echo ""
current=`pwdx $i | awk '{print $2}'`
echo "Current Working Directory: $current"
echo ""
elves=`pldd $i | awk '{print $2}'`
elfsign verify -e $elves
echo ""
echo "-----------------------------------------------------"
fi
done

Sample output: 

-----------------------------------------------------
Process ID #: 417

Ports used: 
 	sockname: AF_INET 0.0.0.0  port: 68
	sockname: AF_INET6 ::  port: 546
	sockname: AF_INET 127.0.0.1  port: 4999
	sockname: AF_INET 42.0.55.102  port: 68

COMMAND                    
/sbin/dhcpagent                    

Command Line #2: /sbin/dhcpagent 

Environment Variables: 417:	/sbin/dhcpagent
envp[0]: PATH=/usr/sbin:/usr/bin
envp[1]: SMF_FMRI=svc:/network/physical:nwam
envp[2]: SMF_METHOD=start
envp[3]: SMF_RESTARTER=svc:/system/svc/restarter:default
envp[4]: SMF_ZONENAME=global
envp[5]: TZ=US/Pacific

Libraries used: 417:	/sbin/dhcpagent
/usr/lib/libc/libc_hwcap1.so.1
/lib/libnvpair.so.1
/lib/libnsl.so.1
/lib/libdhcputil.so.1
/lib/libinetutil.so.1
/lib/libxnet.so.1
/lib/libsocket.so.1
/lib/libdhcpagent.so.1
/lib/libdlpi.so.1
/lib/libdladm.so.1
/lib/libcurses.so.1

Maximum number of file descriptors = unlimited file descriptors

Effective	 Real	 Effective	 Real
User		 User	 Group		 Group

root 		 root 	 root 		 root

Current Working Directory: /

elfsign: verification of /sbin/dhcpagent passed.

-----------------------------------------------------




This Web Site Copyright © 1997 - 2010
by Alan Pae - All Rights Reserved