As mentioned in the article, "10 security tips for all general-purpose OSes," you should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Ten specific services for Microsoft Windows were mentioned in my later article, "10 services to turn off in MS Windows XP." While ten is a good number for a quick list in an article, it's hardly comprehensive.There's essentially no way to provide a comprehensive list, of course. Different systems will have different services running by default, even between different service pack versions of MS Windows XP, and if you're coming into a situation where you must assume responsibility for the security of computers that were already set up before you got there, there are certain to be different services running than on a default install of the system. Worse, there are new services being invented from time to time, expanding the number of services that may possibly be running on a given computer.
What's needed is a tool for listing active services and open ports. I'll explain how such tools can be used on three types of systems, in alphabetical order -- Linux distributions, FreeBSD, and MS Windows -- plus how to use an additional tool for commercial UNIX systems where the other tools may not be available.
On a FreeBSD Unix system, as with other BSD Unix systems, you have a number of utilities with a base system install that can be used for listing open files, running processes, and network connections. The
netstat utility is maintained as a part of the FreeBSD base system by the FreeBSD core developers, and offers exactly the sort of functionality you need to list open ports on your system.
To list open network ports and the processes that own them on FreeBSD with
netstat, you can use this command:
<code> netstat -a | egrep 'Proto|LISTEN'
The output for this on my laptop running FreeBSD is:
<p>This information can be used to determine what services are running, in cases where services are using standard ports. On a FreeBSD system, you can get a listing of standard port associations by searching through the contents of <code>/etc/services. For instance, if you wanted to find out what was up with port 631, you might use this command:
<code> grep -w 631 /etc/services
<h3>Linux distributions</h3><p>As with FreeBSD, the obvious choice of tool to use for listing open ports is <code>netstat. Most Linux distributions use a different version of the utility, however -- maintained separately from the Linux distribution, as an independent software development project.
One consequence of that fact is that the command line options used to achieve the same results may be different with FreeBSD than with Debian, Ubuntu, or Fedora Core Linux systems. On a typical Linux system, this command will list open network ports and the processes that own them:
<code> netstat -lnptu
The output should look something like this:
<p>The output of this command should look something like this:</p> <pre style="code>TCP hostname:epmap hostname:0 LISTENING <p>TCP hostname:microsoft-ds hostname:0 LISTENING</p> <p>TCP hostname:10110 hostname:0 LISTENING</p> <p>TCP hostname:netbios-ssn hostname:0 LISTENING</p> </pre> <p> </p><p>. . . with" hostname"="" replaced="" by="" the="" system's="" hostname,="" of="" course.<="" p=""><h3>Commercial UNIX Systems</h3><p>For most commercial UNIX systems, even if there is not a version of <code>netstator
sockstatavailable, you should be able to install
lsof-- which is short for "list open files". Most Linux distributions and BSD Unix systems will provide
lsofwith a default install or through their respective software management systems. Some commercial UNIX systems do so as well, and for many others you can download it. The following command will limit the output of the utility to network ports:
<code> lsof -i -n | egrep 'COMMAND|LISTEN'
The output should look something like this (as run on my laptop, again):
Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.