[bf1942] HELP!

The Dark Clown rickbuford at greeblesnort.com
Tue Feb 25 17:15:23 EST 2003 

lsof -g 17072 might also be useful...this will tell you all open files 
on the system related to that process, including ports

E.g.:
[root at netmon01 root]# lsof -g 937 (notice the IPv4 and UDP near the bottom)
COMMAND PID PGID USER   FD   TYPE     DEVICE    SIZE  NODE NAME
ntpd    937  937  ntp  cwd    DIR       8,22     520     2 /
ntpd    937  937  ntp  rtd    DIR       8,22     520     2 /
ntpd    937  937  ntp  txt    REG       8,18  324440  7654 /usr/sbin/ntpd
ntpd    937  937  ntp  mem    REG       8,22   87341    79 /lib/ld-2.2.93.so
ntpd    937  937  ntp  mem    REG       8,22  170910    75 
/lib/i686/libm-2.2.93.so
ntpd    937  937  ntp  mem    REG       8,22   51259   185 
/lib/libcap.so.1.10
ntpd    937  937  ntp  mem    REG       8,22   42657   112 
/lib/libnss_files-2.2.93.so
ntpd    937  937  ntp  mem    REG       8,22 1395734    73 
/lib/i686/libc-2.2.93.so
ntpd    937  937  ntp    0u   CHR        1,3          9040 /dev/null
ntpd    937  937  ntp    1u   CHR        1,3          9040 /dev/null
ntpd    937  937  ntp    2u   CHR        1,3          9040 /dev/null
ntpd    937  937  ntp    3u  unix 0xdd4b00e0         27506 socket
ntpd    937  937  ntp    4u  IPv4      27511           UDP *:ntp
ntpd    937  937  ntp    5u  IPv4      27512           UDP 
netmon01.xxx.cfx:ntp
ntpd    937  937  ntp    6u  IPv4      27513           UDP 
netmon01.xxx.cfx:n

grep (some.dotted.number:SERVICE) /etc/services to see what port it's 
actually running on
e.g.,
[root at netmon01 root]# grep ntp /etc/services
nntp            119/tcp         readnews untp   # USENET News Transfer 
Protocol
nntp            119/udp         readnews untp   # USENET News Transfer 
Protocol
ntp             123/tcp
ntp             123/udp                         # Network Time Protocol
nntps           563/tcp                         # NNTP over SSL
nntps           563/udp                         # NNTP over SSL
trnsprntproxy   3346/tcp                        # Trnsprnt Proxy
trnsprntproxy   3346/udp                        # Trnsprnt Proxy


also usefull, but less diagnostic would be netstat:
[root at netmon01 root]# netstat -lnp | grep 937
udp        0      0 172.18.87.1:123         
0.0.0.0:*                           937/ntpd
udp        0      0 127.0.0.1:123           
0.0.0.0:*                           937/ntpd
udp        0      0 0.0.0.0:123             
0.0.0.0:*                           937/ntpd

Sorry if I'm less clear today than I'd like...working with new PIXs and 
load-balancers makes my wee brain hurt. As always copious use of man and 
apropos are good.

Rick

Jay Anstiss wrote:

>Yep - I did check for the process - infact I tried again just to be sure
>after reading the email from The Dark Clown. It said:
>
>17072 46.1 14.4 114276 90612 pts/0  S    21:41   0:16 ./bf1942_lnxded
>17220  0.0  0.0  1288  416 pts/1    S    21:42   0:00 grep bf
>
>I'm not too conversant with the finer niceties of linux, so hopefully the
>above pasted line shows it's running...does it?
>
>Jay.
>
>  
>

-- 
A computer without a Microsoft operating system is like a dog without bricks tied to its head.

More information about the Bf1942 mailing list