How to determine a Unix port is internal or external?

Posted on 2009-12-29
Last Modified: 2013-12-27
I am working on a Solaris 10 machine, and use "netstat" to get the list of all the opened ports. For those ports, I want to further determine which are external used and which are only internal used. So far I am using "nmap" from my PC to scan my Solairs box and get a list of ports reported. So could I assume that those returned from nmap are external ports and those not returned are internal ones?
Question by:gs_kanata
    LVL 48

    Accepted Solution

    When you do

    netstat -an | grep LISTEN

    if you look at the 4th column "Local Address", that will tell you what IP address the service is listening on.

    If it is (loopback address), that means it is only accessible from the server (internal)
    LVL 33

    Assisted Solution

    by:Dave Howe

    only listening ports can be connected to. Those will come in three varieties;

    universal (for which the local address is either :: or,

    fixed (routable) IP (for which the "local" address is an IP of a real interface),

    or loopback (for which the local address is of the form 127.0.0.x)

    if they are universal or fixed, then they are at least potentially connectible from outside the server (Only loopback addresses are guaranteed unreachable). If they are fixed, then they are reachable by any path which reaches the interface for which they represent the fixed ip (so if sr0 is and sr1 is, a listener on is not going to be reachable from machines on the sr1 interface, only from machines whose routes take them to the sr0) - universal listeners are reachable from all interfaces, including loopback.
    LVL 25

    Expert Comment

    netstat -ap  can see all the sockets currently open
    or using lsof
    to find out which process is listening upon a port
    #lsof -i :port
    so to see which process is listening upon port 80 we can run:
    # lsof -i :80

    LVL 33

    Expert Comment

    by:Dave Howe
    its usually easier to just do netstat -nap | grep LISTEN

    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    Article by: btan
    The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
    Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now