Monday, June 24, 2013

How to find out which process is listening upon a port?

To discover the process name, ID (pid), and other details you need to run:
lsof -i :port
So to see which process is listening upon port 80 we can run:
[email protected]:~# lsof -i :80
This gives us the following output:
COMMAND   PID     USER   FD   TYPE   DEVICE SIZE NODE NAME
apache2 10437     root    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 10438 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 10439 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 10440 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 10441 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 10442 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 25966 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
apache2 25968 www-data    3u  IPv6 22890556       TCP *:www (LISTEN)
Here you can see the command running (apache2), the username it is running as www-data, and some other details.
Similarly we can see which process is bound to port 22:
[email protected]:~# lsof -i :22
COMMAND   PID USER   FD   TYPE   DEVICE SIZE NODE NAME
sshd     8936 root    3u  IPv6 12161280       TCP *:ssh (LISTEN)
To see all the ports open for listening upon the current host you can use another command netstat (contained in the net-tools package):
[email protected]:~# netstat -a |grep LISTEN |grep -v unix
tcp        0      0 *:2049                  *:*                     LISTEN     
tcp        0      0 *:743                   *:*                     LISTEN     
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN     
tcp        0      0 *:5900                  *:*                     LISTEN     
tcp        0      0 localhost.locald:sunrpc *:*                     LISTEN     
tcp        0      0 *:8888                  *:*                     LISTEN     
tcp        0      0 localhost.localdom:smtp *:*                     LISTEN     
tcp6       0      0 *:www                   *:*                     LISTEN     
tcp6       0      0 *:distcc                *:*                     LISTEN     
tcp6       0      0 *:ssh                   *:*                     LISTEN     
Here you can see that there are processes listening upon ports 2049, 743, 5900, and several others.
(The second grep we used above was to ignore Unix domain sockets).
If you're curious to see which programs and services are used in those sockets you can look them up as we've already shown:
[email protected]:~# lsof -i :8888
COMMAND   PID    USER   FD   TYPE   DEVICE SIZE NODE NAME
gnump3d 25834 gnump3d    3u  IPv4 61035200       TCP *:8888 (LISTEN)
This tells us that the process bound to port 8888 is the gnump3d MP3 streamer.
Port 2049 and 743 are both associated with NFS. The rest can be tracked down in a similar manner. (You'll notice that some ports actually have their service names printed next to them, such as the smtp entry for port 25).
lsof is a very powerful tool which can be used for lots of jobs. If you're unfamiliar with it I recommend reading the manpage via:
man lsof
If you do so you'll discover that the -i flag can take multiple different types of arguments, to allow you to check more than one port at a time, and use IPv6 addresses too.
It's often used to see which files are open upon mounted devices, so you can kill the processes and unmount them cleanly.

found at http://www.debian-administration.org/articles/184

Wednesday, June 19, 2013

How To Autocomplete Commands Preceded By 'sudo'

When writing a command in the terminal, you can autocomplete it by pressing the TAB key. Example: type "nau" in the terminal and press TAB -> "nautilus" should show up (if you have Nautilus installed, obviously).

However, the autocomplete doesn't work if you are trying to run a command with "sudo". For example, typing "sudo nau" and then pressing the TAB key will not autocomplete the command to "sudo nautilus".


Here is how to get autocomplete to work in the Terminal while using "sudo". Simply open the ".bashrc" hidden file from your home folder. If you use GNOME, paste this in a terminal to open it:

sudo gedit ~/.bashrc

Then paste this at the bottom of the file:
if [ "$PS1" ]; then
complete -cf sudo
fi

Then type this in a terminal to reload:
bash


Now try the example in the beginning of the file "sudo nau" and press TAB. It should now work.

found at http://www.webupd8.org/2010/03/how-to-autocomplete-commands-preceded.html

How do I change bash history completion to complete what's already on the line?

edit: 
 
# ~/.inputrc
"\e[A": history-search-backward
"\e[B": history-search-forward

or equivalently,
 
# ~/.bashrc
bind '"\e[A": history-search-backward'
bind '"\e[B": history-search-forward'
 
Normally, Up and Down are bound to the Readline functions previous-history and next-history respectively. I prefer to bind PgUp/PgDn to these functions, instead of displacing the normal operation of Up/Down.
 
# ~/.inputrc
"\e[5~": history-search-backward
"\e[6~": history-search-forward

After you modify ~/.inputrc, restart your shell or use Ctrl+X, Ctrl+R to tell it to re-read ~/.inputrc.

found at http://stackoverflow.com/questions/1030182/how-do-i-change-bash-history-completion-to-complete-whats-already-on-the-line

Cybermap

Internet Storm Center Infocon Status

Internet Storm Center Infocon Status
Internet Storm Center Infocon Status