Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How to determine a Unix port is internal or external?

Posted on 2009-12-29
Medium Priority
Last Modified: 2013-12-27
I am working on a Solaris 10 machine, and use "netstat" to get the list of all the opened ports. For those ports, I want to further determine which are external used and which are only internal used. So far I am using "nmap" from my PC to scan my Solairs box and get a list of ports reported. So could I assume that those returned from nmap are external ports and those not returned are internal ones?
Question by:gs_kanata
  • 2
LVL 48

Accepted Solution

Tintin earned 1000 total points
ID: 26140591
When you do

netstat -an | grep LISTEN

if you look at the 4th column "Local Address", that will tell you what IP address the service is listening on.

If it is (loopback address), that means it is only accessible from the server (internal)
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 1000 total points
ID: 26141080

only listening ports can be connected to. Those will come in three varieties;

universal (for which the local address is either :: or,

fixed (routable) IP (for which the "local" address is an IP of a real interface),

or loopback (for which the local address is of the form 127.0.0.x)

if they are universal or fixed, then they are at least potentially connectible from outside the server (Only loopback addresses are guaranteed unreachable). If they are fixed, then they are reachable by any path which reaches the interface for which they represent the fixed ip (so if sr0 is and sr1 is, a listener on is not going to be reachable from machines on the sr1 interface, only from machines whose routes take them to the sr0) - universal listeners are reachable from all interfaces, including loopback.
LVL 25

Expert Comment

ID: 26144148
netstat -ap  can see all the sockets currently open
or using lsof
to find out which process is listening upon a port
#lsof -i :port
so to see which process is listening upon port 80 we can run:
# lsof -i :80

LVL 33

Expert Comment

by:Dave Howe
ID: 26144320
its usually easier to just do netstat -nap | grep LISTEN

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question