06. 16.

本文参考:http://www.admon.org/faqs/why-network-port-is-open-but-no-process-attached/

一次偶然事件,我检查某台服务器系统时发现一个从来没见过的端口处于监听(LISTEN)状态,于是开始仔细检查系统。

[root@db097 ~]# netstat -lnpt | grep 7979
tcp 0 0 0.0.0.0:7979 0.0.0.0:* LISTEN –

进程里什么都没有,试了多种办法试着去找一下,都是一样的结果。

[root@db097 ~]# lsof -i:7979

google了半天,最后一段话提示了我:

I realized it’s an port opened by kernel, that’s why it won’t show up with program name. For the port like this, it may relate to NFS and OCFS stuff, or something like that, or it could be a kernel bug. If you need to find more details, check kernel logs for OOPS and bug.

 
阅读全文 »