Unix Tip: Finding services on a subnet
Send in your Unix questions today! |
See additional Unix tips and tricks
If you have ever needed to survey a large group of systems to find out which of them supported some particular service, such as ftp, telnet, ssh or some other particular application, you have probably thought of numerous ways to query the systems for the required information and display it in some usable fashion. Many methods of obtaining information from servers, however, require some sort of login or a remote shell request that either takes more time than you want to spend or requires you to configure some sort of trust on the part of the systems with the information for the system on which it is being collected. In today's column, we will look at a way to find out about services running on systems without setting up any access ahead of time. In fact, you don't need an account, never mind access to the root account to collect information in an expedient way. By using nmap to query particular ports and some perl text processing to streamline your output, you can produce a list of systems on which a particular port (say 21 for ftp or 23 for telnet) is listening for requests.
To understand how this works, you need to know a little about how nmap works. One of the most well-known port scanners, nmap is mostly used to scan systems from the outside (i.e., without logging into the system) to determine what ports are active. By acquiring a list of responsive ports, you will have an idea what services and applications are likely running on that system. Hackers use tools such as nmap as a starting point in determining what kinds of exploits they might be able to use to attack particular systems.
Nmap isn't just for hackers looking for systems to attach, however. It can also be used to help legitimate systems administrators to inventory applications and services on their systems. You might want to know, for example, which systems on a network you manage are hosting web services, Which provide ssh login support or which systems are providing services.
To use nmap to query a particular port on a subnet, you need to know what port you are interested in and you need to know the subnet you want to query. The command below, for example, attempts a connection to port 1521 on the particular server. This port is the most commonly used by Oracle. You can use a command like this to get the answer:
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
services
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
christian louboutin
christian louboutinchristian louboutin shoes
christian louboutin sale
discount christian louboutin
cheap christian louboutin
Christian Louboutin Pump
Christian Louboutin Sandal
Christian Louboutin Boot
Air jordan shoes
Thanks for your useful info, I think it’s a good topic. So would you like the info about thejordan shoes
Air jordan shoes
cardy ugg boots
Tiffany Jewelry
ugg bailey button boots
cheap jordan shoes
ugg boots uk
Michael jordan shoes
ugg london
ugg nightfall boots
ugg boots sale
classic ugg boots
sundance ugg boots
air jordan fusion 6
air jordan 6 rings
jordan shoes for sale