尽管搞IT多年,但一些基本性的概念却依旧似懂非懂,就好比说什么是端口号?你说知道吧,确实知道,每个程序都有个自己的端口号,有些都是约定俗称的,比如FTP端口21、SFTP端口22、IIS端口80等等。
尽管搞IT多年,但一些基本性的概念却依旧似懂非懂,就好比说什么是端口号?你说知道吧,确实知道,每个程序都有个自己的端口号,有些都是约定俗称的,比如FTP端口21、SFTP端口22、IIS端口80等等。可是让你去细细解释一下,还真不一定能回答上来。
什么是端口号?
我们都知道,每台联网的计算机都有自己的IP,这个IP好比是在互联网上的地址编号,是唯一的,这样才能通过IP地址正常通信。那么问题就来了,一台计算机它可能会提供多个服务,比如Apache服务、FTP服务、Email服务等等,通过IP地址来区分显示是不可能的。这个时候我们就需要用端口来进行区分,每个服务对应指定的端口,这样通过IP+端口就能唯一确定要访问的服务了。
为了统一整个互联网的端口和网络服务的对应关系,以便让所有的主机都能使用相同的机制来请求或提供服务,同一个服务使用相同的端口,这就是协议。
计算机中的协议主要分为两大类:面向连接的可靠的TCP协议(Transmission Control Protocol,传输控制协议);面向无连接的不可靠的UDP协议(User Datagram Protocol,用户数据报协议)。这么多的端口,我们该如何知道哪个端口对应哪个呢?其实在linux系统中,提供了/etc/services的文件,可以进行查看。
端口信息查看方法(进程号与的端口号均可查看)
以下的命令较多,详细的用法不必深究,先记住固定用法,后期遇到了再细讲。
方法 1:使用 ss 命令
ss 一般用于转储套接字统计信息,类似于 netstat 输出的信息,但它显示了更多的 TCP 信息和状态信息。它还可以显示所有类型的套接字统计信息,包括 PACKET、TCP、UDP、DCCP、RAW、Unix 域等。
[root@localhost ~]<span># ss -tnlp | grep dmserver</span>State Recv-Q Send-Q Local <span>Address:</span>Port Peer <span>Address:</span>Port LISTEN <span>0</span> <span>5</span> *<span>:</span><span>5900</span> *<span>:*</span> <span>users:</span> LISTEN <span>0</span> <span>128</span> <span>:</span><span>:</span><span>:</span><span>5236</span> <span>:</span><span>:</span><span>:*</span> <span>users:</span>((<span>\"dmserver\"</span>,pid=<span>7060</span>,fd=<span>4</span>))[root@localhost ~]<span># </span>方法 2:使用 netstat 命令
netstat 能够显示网络连接、路由表、接口统计信息、伪装连接以及多播成员。既然已经会用ss的高级命令了,就忘记它吧。
<span>[root@localhost</span> <span>~]#</span> <span>netstat</span> <span>-tnlp</span><span>Active</span> <span>Internet</span> <span>connections</span> <span>(only</span> <span>servers)</span><span>Proto</span> <span>Recv-Q</span> <span>Send-Q</span> <span>Local</span> <span>Address</span> <span>Foreign</span> <span>Address</span> <span>State</span> <span>PID/Program</span> <span>name</span> <span>tcp6</span> <span>0</span> <span>0</span> <span>:::4236</span> <span>:::*</span> <span>LISTEN</span> <span>7059</span><span>/dmap</span> <span>tcp6</span> <span>0</span> <span>0</span> <span>:::5236</span> <span>:::*</span> <span>LISTEN</span> <span>7060</span><span>/dmserver</span> <span>tcp6</span> <span>0</span> <span>0</span> <span>:::22</span> <span>:::*</span> <span>LISTEN</span> <span>6831</span><span>/sshd</span> <span>tcp6</span> <span>0</span> <span>0</span> <span>::1:631</span> <span>:::*</span> <span>LISTEN</span> <span>6832</span><span>/cupsd</span> <span>tcp6</span> <span>0</span> <span>0</span> <span>::1:25</span> <span>:::*</span> <span>LISTEN</span> <span>7225</span><span>/master</span> <span>[root@localhost</span> <span>~]#</span> 方法 3:使用 fuser 命令
fuser 工具会将本地系统上打开了文件的进程的进程 ID 显示在标准输出中,一般通过端口去查看对应的进程和和用户。
<span>[root@localhost</span> <span>~]#</span> <span>fuser</span> <span>-v</span> <span>5236</span><span>/tcp</span> <span>用户</span> <span>进程号</span> <span>权限</span> <span>命令</span><span>5236/tcp:</span> <span>dmdba</span> <span>7060</span> <span>F....</span> <span>dmserver</span>方法 4:使用 nmap 命令
nmap(“Network Mapper”)是一款用于网络检测和安全审计的开源工具。它最初用于对大型网络进行快速扫描,但它对于单个主机的扫描也有很好的表现。
nmap 使用原始 IP 数据包来确定网络上可用的主机,这些主机的服务(包括应用程序名称和版本)、主机运行的操作系统(包括操作系统版本等信息)、正在使用的数据包过滤器或防火墙的类型,以及很多其它信息。
<span>[root@localhost</span> <span>~]#</span> <span>nmap</span> <span>-sV</span> <span>-p</span> <span>5236</span> <span>localhost</span><span>Starting</span> <span>Nmap</span> <span>6.40</span> <span>(</span> <span>http://nmap.org</span> <span>)</span> <span>at</span> <span>2021</span><span>-01</span><span>-01</span> <span>00</span><span>:23</span> <span>CST</span><span>mass_dns: warning:</span> <span>Unable</span> <span>to</span> <span>determine</span> <span>any</span> <span>DNS</span> <span>servers.</span> <span>Reverse</span> <span>DNS</span> <span>is</span> <span>disabled.</span> <span>Try</span> <span>using</span> <span>--system-dns</span> <span>or</span> <span>specify</span> <span>valid</span> <span>servers</span> <span>with</span> <span>--dns-servers</span><span>Nmap</span> <span>scan</span> <span>report</span> <span>for</span> <span>localhost</span> <span>(127.0.0.1)</span><span>Host</span> <span>is</span> <span>up</span> <span>(0.00031s</span> <span>latency).</span><span>Other</span> <span>addresses</span> <span>for</span> <span>localhost</span> <span>(not</span> <span>scanned):</span> <span>127.0</span><span>.0</span><span>.1</span><span>PORT</span> <span>STATE</span> <span>SERVICE</span> <span>VERSION</span><span>5236</span><span>/tcp</span> <span>open</span> <span>tcpwrapped</span><span>Service</span> <span>detection</span> <span>performed.</span> <span>Please</span> <span>report</span> <span>any</span> <span>incorrect</span> <span>results</span> <span>at</span> <span>http://nmap.org/submit/</span> <span>.</span><span>Nmap done:</span> <span>1</span> <span>IP</span> <span>address</span> <span>(1</span> <span>host</span> <span>up)</span> <span>scanned</span> <span>in</span> <span>10.91</span> <span>seconds</span>可以看出,对于普通用户来说,该命令似乎并不好用,也看得不大懂,还需要注意的是该命令一般不会默认安装,需要额外安装。
方法 5:使用 systemctl 命令
systemctl 是 systemd 系统的控制管理器和服务管理器,通过systemctl可以查看服务的具体运行信息,包括PID、是否自启、启动命令等。很遗憾,通过该命令只能查看到对应的PID进程号,如果要查看对应的端口号,可以通过本文中其他端口号、进程号查看方法进行互查。
<span>[root@localhost</span> <span>~]#</span> <span>systemctl</span> <span>status</span> <span>DmServiceDMSERVER.service</span> <span>●</span> <span>DmServiceDMSERVER.service</span> <span>-</span> <span>DM</span> <span>database</span> <span>instance</span> <span>service</span> <span>Loaded:</span> <span>loaded</span> <span>(/usr/lib/systemd/system/DmServiceDMSERVER.service;</span> <span>enabled;</span> <span>vendor preset:</span> <span>disabled)</span> <span>Active:</span> <span>active</span> <span>(running)</span> <span>since</span> <span>一</span> <span>2021</span><span>-03</span><span>-22</span> <span>16</span><span>:33:05</span> <span>CST;</span> <span>15h</span> <span>ago</span> <span>Process:</span> <span>6837</span> <span>ExecStart=/soft/dmdb/bin/DmServiceDMSERVER</span> <span>start</span> <span>(code=exited,</span> <span>status=0/SUCCESS)</span> <span>Main PID:</span> <span>7060</span> <span>(dmserver)</span> <span>Tasks:</span> <span>54</span> <span>CGroup:</span> <span>/system.slice/DmServiceDMSERVER.service</span> <span>└─7060</span> <span>/soft/dmdb/bin/dmserver</span> <span>/soft/dmdb/data/DAMENG/dm.ini</span> <span>-noconsole</span><span>3</span><span>月</span> <span>22</span> <span>16</span><span>:32:48</span> <span>localhost.localdomain</span> <span>systemd[1]:</span> <span>Starting</span> <span>DM</span> <span>database</span> <span>instance</span> <span>service...</span><span>3</span><span>月</span> <span>22</span> <span>16</span><span>:33:05</span> <span>localhost.localdomain</span> <span>DmServiceDMSERVER[6837]:</span> <span>[39B</span> <span>blob</span> <span>data]</span><span>3</span><span>月</span> <span>22</span> <span>16</span><span>:33:05</span> <span>localhost.localdomain</span> <span>systemd[1]:</span> <span>Started</span> <span>DM</span> <span>database</span> <span>instance</span> <span>service.</span><span>[root@localhost</span> <span>~]#</span> 方法 6:使用 lsof 命令
lsof 能够列出打开的文件,并列出系统上被进程打开的文件的相关信息。
<span>[root@localhost ~]</span># <span>lsof</span> <span>-i</span><span>:5236</span><span>COMMAND</span> <span>PID</span> <span>USER</span> <span>FD</span> <span>TYPE</span> <span>DEVICE</span> <span>SIZE</span>/<span>OFF</span> <span>NODE</span> <span>NAME</span><span>dmserver</span> <span>7060</span> <span>dmdba</span> <span>4u</span> <span>IPv6</span> <span>46668</span> <span>0t0</span> <span>TCP</span> *<span>:padl2sim</span> (LISTEN)总体来说,进程号和端口号查看的办法虽然很多,但在实际工作中,我们只需要掌握一种自己认为最好用的命令就可以了。后期会根据情况对相关命令进行复盘,详细介绍其用法。
本站部分文章来自网络或用户投稿,如无特殊说明或标注,均为本站原创发布。涉及资源下载的,本站旨在共享仅供大家学习与参考,如您想商用请获取官网版权,如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。