ss: Display Linux TCP / UDP Network and Socket Information by Vivek Gite on June 2, 2009 last updated September 1, 2014
The ss command is used to show socket statistics. It can display stats for PACKET sockets, TCP sockets, UDP sockets, DCCP sockets, RAW sockets, Unix domain sockets, and more. It allows showing information similar to netstat command. It can display more TCP and state information than other tools. It is a new, incredibly useful and faster (as compare to netstat) tool for tracking TCP connections and sockets. SS can provide information about:
* All TCP sockets. * All UDP sockets. * All established ssh / ftp / http / https connections. * All local processes connected to X server. * Filtering by state (such as connected, synchronized, SYN-RECV, SYN-SENT,TIME-WAIT), addresses and ports. * All the tcp sockets in state FIN-WAIT-1 and much more.
Most Linux distributions are shipped with ss and many monitoring tools. Being familiar with this tool helps enhance your understand of what’s going on in the system sockets and helps you find the possible causes of a performance problem.
Task: Display Sockets Summary List currently established, closed, orphaned and waiting TCP sockets, enter: # ss -s
Task: Display All Open Network Ports # ss -l
Type the following to see process named using open socket: # ss -pl Find out who is responsible for opening socket / port # 4949: # ss -lp | grep 4949
Sample output: 0 0 *:4949 *:* users:(("munin-node",3772,5)) munin-node (PID # 3772) is responsible for opening port # 4949. You can get more information about this process (like memory used, users, current working directory and so on) visiting /proc/3772 directory: # cd /proc/3772 # ls -l
Task: Display All TCP Sockets # ss -t -a
Task: Display All UDP Sockets # ss -u -a
Task: Display All RAW Sockets # ss -w -a
Task: Display All UNIX Sockets # ss -x -a
Task: Display All Established SMTP Connections # ss -o state established '( dport = :smtp or sport = :smtp )'
Task: Display All Established HTTP Connections # ss -o state established '( dport = :http or sport = :http )'
Task: Find All Local Processes Connected To X Server # ss -x src /tmp/.X11-unix/*
Task: List All The Tcp Sockets in State FIN-WAIT-1 List all the TCP sockets in state -FIN-WAIT-1 for our httpd to network 202.54.1/24 and look at their timers: # ss -o state fin-wait-1 '( sport = :http or sport = :https )' dst 202.54.1/24
How Do I Filter Sockets Using TCP States?
The syntax is as follows:
## tcp ipv4 ## ss -4 state FILTER-NAME-HERE
## tcp ipv6 ## ss -6 state FILTER-NAME-HERE
## tcp ipv4 ## ss -4 state FILTER-NAME-HERE## tcp ipv6 ## ss -6 state FILTER-NAME-HERE
Where FILTER-NAME-HERE can be any one of the following,
1. established 2. syn-sent 3. syn-recv 4. fin-wait-1 5. fin-wait-2 6. time-wait 7. closed 8. close-wait 9. last-ack 10. listen 11. closing 12. all : All of the above states 13. connected : All the states except for listen and closed 14. synchronized : All the connected states except for syn-sent 15. bucket : Show states, which are maintained as minisockets, i.e. time-wait and syn-recv. 16. big : Opposite to bucket state.
Examples Type the following command to see closing sockets: ss -4 state closing ss -4 state closing Recv-Q Send-Q Local Address:Port Peer Address:Port 1 11094 75.126.153.214:http
Сетевой порт Материал из Викиучебника — открытых книг для открытого мира В Википедии имеется статья по теме «Порт (компьютерные сети)» http://ru.wikibooks.org/wiki/Сетевой_порт
Port (computer networking) From Wikipedia, the free encyclopedia This article is about software communication ports. For physical ports, see Computer port (hardware) .. Examples include: * 21: File Transfer Protocol (FTP) * 22: Secure Shell (SSH) * 23: Telnet remote login service * 25: Simple Mail Transfer Protocol (SMTP) * 53: Domain Name System (DNS) service * 80: Hypertext Transfer Protocol (HTTP) used in the World Wide Web * 110: Post Office Protocol (POP3) * 119: Network News Transfer Protocol (NNTP) * 123: Network Time Protocol (NTP) * 143: Internet Message Access Protocol (IMAP) * 161: Simple Network Management Protocol (SNMP) * 194: Internet Relay Chat (IRC) * 443: HTTP Secure (HTTPS) .. http://en.wikipedia.org/wiki/Port (computer networking)
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
carisma_sensei
no subject
Date: 2017-01-27 06:30 am (UTC)http://www.cyberciti.biz/tips/linux-unix-windows-find-hidden-processes-tcp-udp-ports.html
Unhide homepage - Linux
http://www.unhide-forensics.info/?Linux
no subject
Date: 2017-01-27 07:19 am (UTC)The ss command is used to show socket statistics. It can display stats for PACKET sockets, TCP sockets, UDP sockets, DCCP sockets, RAW sockets, Unix domain sockets, and more. It allows showing information similar to netstat command. It can display more TCP and state information than other tools. It is a new, incredibly useful and faster (as compare to netstat) tool for tracking TCP connections and sockets. SS can provide information about:
* All TCP sockets. * All UDP sockets. * All established ssh / ftp / http / https connections. * All local processes connected to X server. * Filtering by state (such as connected, synchronized, SYN-RECV, SYN-SENT,TIME-WAIT), addresses and ports. * All the tcp sockets in state FIN-WAIT-1 and much more.
Most Linux distributions are shipped with ss and many monitoring tools. Being familiar with this tool helps enhance your understand of what’s going on in the system sockets and helps you find the possible causes of a performance problem.
Task: Display Sockets Summary List currently established, closed, orphaned and waiting TCP sockets, enter: # ss -s
Task: Display All Open Network Ports # ss -l
Type the following to see process named using open socket: # ss -pl Find out who is responsible for opening socket / port # 4949: # ss -lp | grep 4949
Sample output: 0 0 *:4949 *:* users:(("munin-node",3772,5)) munin-node (PID # 3772) is responsible for opening port # 4949. You can get more information about this process (like memory used, users, current working directory and so on) visiting /proc/3772 directory: # cd /proc/3772 # ls -l
Task: Display All TCP Sockets # ss -t -a
Task: Display All UDP Sockets # ss -u -a
Task: Display All RAW Sockets # ss -w -a
Task: Display All UNIX Sockets # ss -x -a
Task: Display All Established SMTP Connections # ss -o state established '( dport = :smtp or sport = :smtp )'
Task: Display All Established HTTP Connections # ss -o state established '( dport = :http or sport = :http )'
Task: Find All Local Processes Connected To X Server # ss -x src /tmp/.X11-unix/*
Task: List All The Tcp Sockets in State FIN-WAIT-1 List all the TCP sockets in state -FIN-WAIT-1 for our httpd to network 202.54.1/24 and look at their timers: # ss -o state fin-wait-1 '( sport = :http or sport = :https )' dst 202.54.1/24
How Do I Filter Sockets Using TCP States?
The syntax is as follows:
## tcp ipv4 ## ss -4 state FILTER-NAME-HERE
## tcp ipv6 ## ss -6 state FILTER-NAME-HERE
## tcp ipv4 ## ss -4 state FILTER-NAME-HERE## tcp ipv6 ## ss -6 state FILTER-NAME-HERE
Where FILTER-NAME-HERE can be any one of the following,
1. established 2. syn-sent 3. syn-recv 4. fin-wait-1 5. fin-wait-2 6. time-wait 7. closed 8. close-wait 9. last-ack 10. listen 11. closing 12. all : All of the above states 13. connected : All the states except for listen and closed 14. synchronized : All the connected states except for syn-sent 15. bucket : Show states, which are maintained as minisockets, i.e. time-wait and syn-recv. 16. big : Opposite to bucket state.
Examples Type the following command to see closing sockets: ss -4 state closing ss -4 state closing Recv-Q Send-Q Local Address:Port Peer Address:Port 1 11094 75.126.153.214:http
How Do I Matches Remote Address And Port Numbers?
Use the following syntax: ..
http://www.cyberciti.biz/tips/linux-investigate-sockets-network-connections.html
no subject
Date: 2017-02-01 11:42 am (UTC)no subject
Date: 2017-02-03 01:27 am (UTC)Sep 03 2010
http://bocoup.com/weblog/apache-could-not-bind-address-to-port-make_sock
http://google.com/search?q=cache:rgtMvxRY3AsJ:https://bocoup.com/weblog/apache-could-not-bind-address-to-port-make_sock%2Bbocoup.com/weblog/apache-could-not-bind-address-to-port-make_sock&inlang=ru&newwindow=1&hl=ru&gbv=1&ct=clnk
How to fix Apache – "Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName" Error on Ubuntu – Aslam Najeebdeen
http://aslamnajeebdeen.com/how-to-fix-apache-could-not-reliably-determine-the-servers-fully-qualified-domain-name-using-127011-for-servername-error-on-ubuntu
Список портов TCP и UDP
http://ru.wikipedia.org/wiki/Список_портов_TCP_и_UDP
Ports Database
http://www.speedguide.net/port.php
no subject
Date: 2017-02-03 02:08 am (UTC)В Википедии имеется статья по теме «Порт (компьютерные сети)»
http://ru.wikibooks.org/wiki/Сетевой_порт
rinetd - a TCP port redirector by Lenz Grimmer 30 June, 1999
http://www.lenzg.net/rinetd/rinetd.html
no subject
Date: 2017-02-03 03:01 am (UTC)From Wikipedia, the free encyclopedia
This article is about software communication ports. For physical ports, see Computer port (hardware)
.. Examples include: * 21: File Transfer Protocol (FTP) * 22: Secure Shell (SSH) * 23: Telnet remote login service * 25: Simple Mail Transfer Protocol (SMTP) * 53: Domain Name System (DNS) service * 80: Hypertext Transfer Protocol (HTTP) used in the World Wide Web * 110: Post Office Protocol (POP3) * 119: Network News Transfer Protocol (NNTP) * 123: Network Time Protocol (NTP) * 143: Internet Message Access Protocol (IMAP) * 161: Simple Network Management Protocol (SNMP) * 194: Internet Relay Chat (IRC) * 443: HTTP Secure (HTTPS) ..
http://en.wikipedia.org/wiki/Port (computer networking)