ip commands
ifconfig
disable eth
show services of port
show all listen ports
netstat -lnput
[root@srv]# netstat -lnput
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:5941 0.0.0.0:* LISTEN 12642/teamviewerd
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 2154/dnsmasq
tcp 0 0 172.16.0.2:53 0.0.0.0:* LISTEN 1344/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1344/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 28645/sshd
tcp 0 0 127.0.0.1:5910 0.0.0.0:* LISTEN 21602/Xvnc
tcp 0 0 127.0.0.1:3350 0.0.0.0:* LISTEN 1443/xrdp-sesman
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1247/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 26909/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1344/named
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 1450/xrdp
tcp 0 0 0.0.0.0:7070 0.0.0.0:* LISTEN 13330/anydesk
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 1907/mongod
tcp 0 0 127.0.0.1:27117 0.0.0.0:* LISTEN 25249/bin/mongod
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 817/rpcbind
tcp6 0 0 :::22 :::* LISTEN 28645/sshd
tcp6 0 0 ::1:5910 :::* LISTEN 21602/Xvnc
tcp6 0 0 ::1:631 :::* LISTEN 1247/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 26909/master
tcp6 0 0 ::1:953 :::* LISTEN 1344/named
tcp6 0 0 :::8443 :::* LISTEN 25166/java
tcp6 0 0 :::6789 :::* LISTEN 25166/java
tcp6 0 0 :::8843 :::* LISTEN 25166/java
tcp6 0 0 :::111 :::* LISTEN 817/rpcbind
tcp6 0 0 :::8880 :::* LISTEN 25166/java
tcp6 0 0 :::8080 :::* LISTEN 25166/java
udp 0 0 0.0.0.0:50001 0.0.0.0:* 13330/anydesk
udp 0 0 0.0.0.0:973 0.0.0.0:* 817/rpcbind
udp 0 0 0.0.0.0:5353 0.0.0.0:* 776/avahi-daemon: r
udp 0 0 0.0.0.0:34776 0.0.0.0:* 776/avahi-daemon: r
udp 0 0 192.168.122.1:53 0.0.0.0:* 2154/dnsmasq
sudo ss -tulwn
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:50001 *:*
udp UNCONN 0 0 *:973 *:*
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 *:34776 *:*
udp UNCONN 0 0 192.168.122.1:53 *:*
udp UNCONN 0 0 172.16.0.2:53 *:*
udp UNCONN 0 0 127.0.0.1:53 *:*
udp UNCONN 0 0 *%virbr0:67 *:*
udp UNCONN 0 0 *:111 *:*
udp UNCONN 0 0 [::ffff:192.168.122.1]:47422 [::]:*
udp UNCONN 0 0 [::]:973 [::]:*
udp UNCONN 0 0 [::]:5353 [::]:*
udp UNCONN 0 0 [::ffff:172.16.0.2]:50500 [::]:*
check ports with nmap
nmap -Pn -sV --version-all --reason -v 172.16.0.1
Starting Nmap 6.40 ( http://nmap.org ) at 2020-10-28 16:24 CET
NSE: Loaded 23 scripts for scanning.
Initiating ARP Ping Scan at 16:24
Scanning 172.16.0.1 [1 port]
Completed ARP Ping Scan at 16:24, 0.24s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 16:24
Completed Parallel DNS resolution of 1 host. at 16:24, 0.00s elapsed
Initiating SYN Stealth Scan at 16:24
Scanning ubnt.lab.schnuerle.com (172.16.0.1) [1000 ports]
Discovered open port 80/tcp on 172.16.0.1
Discovered open port 443/tcp on 172.16.0.1
Discovered open port 53/tcp on 172.16.0.1
Discovered open port 22/tcp on 172.16.0.1
Completed SYN Stealth Scan at 16:24, 1.36s elapsed (1000 total ports)
Initiating Service scan at 16:24
Scanning 4 services on ubnt.lab.schnuerle.com (172.16.0.1)
Completed Service scan at 16:24, 12.47s elapsed (4 services on 1 host)
NSE: Script scanning 172.16.0.1.
Nmap scan report for ubnt.lab.schnuerle.com (172.16.0.1)
Host is up, received arp-response (0.0014s latency).
Not shown: 996 closed ports
Reason: 996 resets
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack OpenSSH 6.6.1p1 Debian 4~bpo70+1 (protocol 2.0)
53/tcp open domain syn-ack dnsmasq 2.78-23-g9e09429
80/tcp open http syn-ack lighttpd
443/tcp open ssl/http syn-ack lighttpd
MAC Address: B4:FB:E4:2D:BE:6A (Unknown)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 14.60 seconds
Raw packets sent: 1088 (47.856KB) | Rcvd: 1090 (43.674KB)
UDP nmap scan
nmap -Pn -sU -sV --version-all --reason -v 172.16.0.1
nmap with OS detection
nmap -Pn -sS -sV --version-all --reason -v -A -O --osscan-guess -p0-65535 172.16.0.1
Links