Search This Blog

Networking - NMAP, Checking Network Port(s) Status

No discussion of detecting network service would be completed without including nmap. It can scan its own host port. Nmap is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what services they are offering.   nmap supports a large number of scanning techniques such as: UDP, TCP connect(), TCP SYN (half open), ftp  proxy (bounce attack), Reverse-ident, ICMP (ping sweep), FIN, ACK sweep, Xmas  Tree, SYN sweep, IP Protocol, and Null scan.  See the Scan Types section for more details.  nmap also offers a number of advanced features such as remote OS detection via TCP/IP  fingerprinting,  stealth  scanning, dynamic delay and retransmission calculations, parallel scanning,  detection of down hosts via parallel pings, decoy scanning,  port  filtering  detection,  direct (non-portmapper) RPC scanning, fragmentation scanning, and flexible target and port specification.

To install the nmap service, execute the following command,
susanta@admin:~$ sudo  apt-get  install  nmap


Now, to check the network status, follow the below syntax in command prompt,

nmap  <IP Address>

Example,

susanta@admin:~$ nmap www.bdjobs.com
Starting Nmap 5.00 ( http://nmap.org ) at 2011-02-18 08:36 BDT
Interesting ports on www.bdjobs-server.com (198.106.21.68):
Not shown: 958 filtered ports, 30 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
25/tcp   open  smtp
80/tcp   open  http
81/tcp   open  hosts2-ns
110/tcp  open  pop3
443/tcp  open  https
444/tcp  open  snpp
554/tcp  open  rtsp
587/tcp  open  submission
1433/tcp open  ms-sql-s
1755/tcp open  wms
8080/tcp open  http-proxy

Nmap done: 1 IP address (1 host up) scanned in 57.33 seconds







We can check all available network ports by opening /etc/services


susanta@admin:~$ sudo gedit /etc/services
# Network services, Internet style
#
# Note that it is presently the policy of IANA to assign a single well-known
# port number for both TCP and UDP; hence, officially ports have two entries
# even if the protocol doesn't support UDP operations.
#
# Updated from http://www.iana.org/assignments/port-numbers and other
# sources like http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/services .
# New ports will be added on request if they have been officially assigned
# by IANA and used in the real-world or are needed by a debian package.
# If you need a huge list of used numbers please install the nmap package.

tcpmux       1/tcp                # TCP port service multiplexer
echo          7/tcp
echo        7/udp
discard        9/tcp        sink null
discard        9/udp        sink null
systat        11/tcp        users
daytime        13/tcp
daytime        13/udp
netstat        15/tcp
qotd        17/tcp        quote
msp        18/tcp                # message send protocol
msp        18/udp
chargen        19/tcp        ttytst source
chargen        19/udp        ttytst source
ftp-data    20/tcp
ftp        21/tcp
fsp        21/udp        fspd
ssh        22/tcp                # SSH Remote Login Protocol
ssh        22/udp
telnet        23/tcp
smtp        25/tcp        mail
time        37/tcp        timserver
time        37/udp        timserver
rlp        39/udp        resource    # resource location
nameserver    42/tcp        name        # IEN 116
whois        43/tcp        nicname
tacacs        49/tcp                # Login Host Protocol (TACACS)
tacacs        49/udp
re-mail-ck    50/tcp                # Remote Mail Checking Protocol
re-mail-ck    50/udp
domain        53/tcp                # name-domain server
domain        53/udp
mtp        57/tcp                # deprecated
tacacs-ds    65/tcp                # TACACS-Database Service
tacacs-ds    65/udp
bootps        67/tcp                # BOOTP server
bootps        67/udp
bootpc        68/tcp                # BOOTP client
bootpc        68/udp
tftp        69/udp
gopher        70/tcp                # Internet Gopher
gopher        70/udp
rje        77/tcp        netrjs
finger        79/tcp
www        80/tcp        http        # WorldWideWeb HTTP
www        80/udp                # HyperText Transfer Protocol
link        87/tcp        ttylink
kerberos    88/tcp        kerberos5 krb5 kerberos-sec    # Kerberos v5
kerberos    88/udp        kerberos5 krb5 kerberos-sec    # Kerberos v5
supdup        95/tcp
hostnames    101/tcp        hostname    # usually from sri-nic
iso-tsap    102/tcp        tsap        # part of ISODE
acr-nema    104/tcp        dicom        # Digital Imag. & Comm. 300
acr-nema    104/udp        dicom        # Digital Imag. & Comm. 300
csnet-ns    105/tcp        cso-ns        # also used by CSO name server
csnet-ns    105/udp        cso-ns
rtelnet        107/tcp                # Remote Telnet
rtelnet        107/udp
pop2        109/tcp        postoffice pop-2 # POP version 2
pop2        109/udp        pop-2
pop3        110/tcp        pop-3        # POP version 3
pop3        110/udp        pop-3
sunrpc        111/tcp        portmapper    # RPC 4.0 portmapper
sunrpc        111/udp        portmapper
auth        113/tcp        authentication tap ident
sftp        115/tcp
uucp-path    117/tcp
nntp        119/tcp        readnews untp    # USENET News Transfer Protocol
ntp        123/tcp
ntp        123/udp                # Network Time Protocol
pwdgen        129/tcp                # PWDGEN service
pwdgen        129/udp                # PWDGEN service
loc-srv        135/tcp        epmap        # Location Service
loc-srv        135/udp        epmap
netbios-ns    137/tcp                # NETBIOS Name Service
netbios-ns    137/udp
netbios-dgm    138/tcp                # NETBIOS Datagram Service
netbios-dgm    138/udp
netbios-ssn    139/tcp                # NETBIOS session service
netbios-ssn    139/udp
imap2        143/tcp        imap        # Interim Mail Access P 2 and 4
imap2        143/udp        imap
snmp        161/tcp                # Simple Net Mgmt Protocol
snmp        161/udp                # Simple Net Mgmt Protocol
snmp-trap    162/tcp        snmptrap    # Traps for SNMP
snmp-trap    162/udp        snmptrap    # Traps for SNMP
cmip-man    163/tcp                # ISO mgmt over IP (CMOT)
cmip-man    163/udp
cmip-agent    164/tcp
cmip-agent    164/udp
mailq        174/tcp            # Mailer transport queue for Zmailer
mailq        174/udp            # Mailer transport queue for Zmailer
xdmcp        177/tcp                # X Display Mgr. Control Proto
xdmcp        177/udp
nextstep    178/tcp        NeXTStep NextStep    # NeXTStep window
nextstep    178/udp        NeXTStep NextStep    #  server
bgp        179/tcp                # Border Gateway Protocol
bgp        179/udp
prospero    191/tcp                # Cliff Neuman's Prospero
prospero    191/udp
irc        194/tcp                # Internet Relay Chat
irc        194/udp
smux        199/tcp                # SNMP Unix Multiplexer
smux        199/udp
at-rtmp        201/tcp                # AppleTalk routing
at-rtmp        201/udp
at-nbp        202/tcp                # AppleTalk name binding
at-nbp        202/udp
at-echo        204/tcp                # AppleTalk echo
at-echo        204/udp
at-zis        206/tcp                # AppleTalk zone information
at-zis        206/udp
qmtp        209/tcp                # Quick Mail Transfer Protocol
qmtp        209/udp                # Quick Mail Transfer Protocol
z3950        210/tcp        wais        # NISO Z39.50 database
z3950        210/udp        wais
ipx        213/tcp                # IPX
ipx        213/udp
imap3        220/tcp                # Interactive Mail Access
imap3        220/udp                # Protocol v3
pawserv        345/tcp                # Perf Analysis Workbench
pawserv        345/udp
zserv        346/tcp                # Zebra server
zserv        346/udp
fatserv        347/tcp                # Fatmen Server
fatserv        347/udp
rpc2portmap    369/tcp
rpc2portmap    369/udp                # Coda portmapper
codaauth2    370/tcp
codaauth2    370/udp                # Coda authentication server
clearcase    371/tcp        Clearcase
clearcase    371/udp        Clearcase
ulistserv    372/tcp                # UNIX Listserv
ulistserv    372/udp
ldap        389/tcp            # Lightweight Directory Access Protocol
ldap        389/udp
imsp        406/tcp            # Interactive Mail Support Protocol
imsp        406/udp
https        443/tcp                # http protocol over TLS/SSL
https        443/udp
snpp        444/tcp                # Simple Network Paging Protocol
snpp        444/udp
microsoft-ds    445/tcp                # Microsoft Naked CIFS
microsoft-ds    445/udp
kpasswd        464/tcp
kpasswd        464/udp
saft        487/tcp            # Simple Asynchronous File Transfer
saft        487/udp
isakmp        500/tcp            # IPsec - Internet Security Association
isakmp        500/udp            #  and Key Management Protocol
rtsp        554/tcp            # Real Time Stream Control Protocol
rtsp        554/udp            # Real Time Stream Control Protocol
nqs        607/tcp                # Network Queuing system
nqs        607/udp
npmp-local    610/tcp        dqs313_qmaster        # npmp-local / DQS
npmp-local    610/udp        dqs313_qmaster
npmp-gui    611/tcp        dqs313_execd        # npmp-gui / DQS
npmp-gui    611/udp        dqs313_execd
hmmp-ind    612/tcp        dqs313_intercell    # HMMP Indication / DQS
hmmp-ind    612/udp        dqs313_intercell
qmqp        628/tcp
qmqp        628/udp
ipp        631/tcp                # Internet Printing Protocol
ipp        631/udp
#
# UNIX specific services
#
exec        512/tcp
biff        512/udp        comsat
login        513/tcp
who        513/udp        whod
shell        514/tcp        cmd        # no passwords used
syslog        514/udp
printer        515/tcp        spooler        # line printer spooler
talk        517/udp
ntalk        518/udp
route        520/udp        router routed    # RIP
timed        525/udp        timeserver
tempo        526/tcp        newdate
courier        530/tcp        rpc
conference    531/tcp        chat
netnews        532/tcp        readnews
netwall        533/udp                # for emergency broadcasts
gdomap        538/tcp                # GNUstep distributed objects
gdomap        538/udp
uucp        540/tcp        uucpd        # uucp daemon
klogin        543/tcp                # Kerberized `rlogin' (v5)
kshell        544/tcp        krcmd        # Kerberized `rsh' (v5)
afpovertcp    548/tcp                # AFP over TCP
afpovertcp    548/udp
remotefs    556/tcp        rfs_server rfs    # Brunhoff remote filesystem
nntps        563/tcp        snntp        # NNTP over SSL
nntps        563/udp        snntp
submission    587/tcp                # Submission [RFC4409]
submission    587/udp
ldaps        636/tcp                # LDAP over SSL
ldaps        636/udp
tinc        655/tcp                # tinc control port
tinc        655/udp
silc        706/tcp
silc        706/udp
kerberos-adm    749/tcp                # Kerberos `kadmin' (v5)
#
webster        765/tcp                # Network dictionary
webster        765/udp
rsync        873/tcp
rsync        873/udp
ftps-data    989/tcp                # FTP over SSL (data)
ftps        990/tcp
telnets        992/tcp                # Telnet over SSL
telnets        992/udp
imaps        993/tcp                # IMAP over SSL
imaps        993/udp
ircs        994/tcp                # IRC over SSL
ircs        994/udp
pop3s        995/tcp                # POP-3 over SSL
pop3s        995/udp
#
# From ``Assigned Numbers'':
#
#> The Registered Ports are not controlled by the IANA and on most systems
#> can be used by ordinary user processes or programs executed by ordinary
#> users.
#
#> Ports are used in the TCP [45,106] to name the ends of logical
#> connections which carry long term conversations.  For the purpose of
#> providing services to unknown callers, a service contact port is
#> defined.  This list specifies the port used by the server process as its
#> contact port.  While the IANA can not control uses of these ports it
#> does register or list uses of these ports as a convienence to the
#> community.
#
socks        1080/tcp            # socks proxy server
socks        1080/udp
proofd        1093/tcp
proofd        1093/udp
rootd        1094/tcp
rootd        1094/udp
openvpn        1194/tcp
openvpn        1194/udp
rmiregistry    1099/tcp            # Java RMI Registry
rmiregistry    1099/udp
kazaa        1214/tcp
kazaa        1214/udp
nessus        1241/tcp            # Nessus vulnerability
nessus        1241/udp            #  assessment scanner
lotusnote    1352/tcp    lotusnotes    # Lotus Note
lotusnote    1352/udp    lotusnotes
ms-sql-s    1433/tcp            # Microsoft SQL Server
ms-sql-s    1433/udp
ms-sql-m    1434/tcp            # Microsoft SQL Monitor
ms-sql-m    1434/udp
ingreslock    1524/tcp
ingreslock    1524/udp
prospero-np    1525/tcp            # Prospero non-privileged
prospero-np    1525/udp
datametrics    1645/tcp    old-radius
datametrics    1645/udp    old-radius
sa-msg-port    1646/tcp    old-radacct
sa-msg-port    1646/udp    old-radacct
kermit        1649/tcp
kermit        1649/udp
l2f        1701/tcp    l2tp
l2f        1701/udp    l2tp
radius        1812/tcp
radius        1812/udp
radius-acct    1813/tcp    radacct        # Radius Accounting
radius-acct    1813/udp    radacct
msnp        1863/tcp            # MSN Messenger
msnp        1863/udp
unix-status    1957/tcp            # remstats unix-status server
log-server    1958/tcp            # remstats log server
remoteping    1959/tcp            # remstats remoteping server
cisco-sccp    2000/tcp    sieve        # Cisco SCCP
cisco-sccp    2000/udp
search        2010/tcp    ndtp
pipe_server    2010/tcp
nfs        2049/tcp            # Network File System
nfs        2049/udp            # Network File System
gnunet        2086/tcp
gnunet        2086/udp
rtcm-sc104    2101/tcp            # RTCM SC-104 IANA 1/29/99
rtcm-sc104    2101/udp
gsigatekeeper    2119/tcp
gsigatekeeper    2119/udp
gris        2135/tcp        # Grid Resource Information Server
gris        2135/udp        # Grid Resource Information Server
cvspserver    2401/tcp            # CVS client/server operations
cvspserver    2401/udp
venus        2430/tcp            # codacon port
venus        2430/udp            # Venus callback/wbc interface
venus-se    2431/tcp            # tcp side effects
venus-se    2431/udp            # udp sftp side effect
codasrv        2432/tcp            # not used
codasrv        2432/udp            # server port
codasrv-se    2433/tcp            # tcp side effects
codasrv-se    2433/udp            # udp sftp side effect
mon        2583/tcp            # MON traps
mon        2583/udp
dict        2628/tcp            # Dictionary server
dict        2628/udp
gsiftp        2811/tcp
gsiftp        2811/udp
gpsd        2947/tcp
gpsd        2947/udp
gds_db        3050/tcp            # InterBase server
gds_db        3050/udp
icpv2        3130/tcp    icp        # Internet Cache Protocol
icpv2        3130/udp    icp
mysql        3306/tcp
mysql        3306/udp
nut        3493/tcp            # Network UPS Tools
nut        3493/udp
distcc        3632/tcp            # distributed compiler
distcc        3632/udp
daap        3689/tcp            # Digital Audio Access Protocol
daap        3689/udp
svn        3690/tcp    subversion    # Subversion protocol
svn        3690/udp    subversion
suucp        4031/tcp            # UUCP over SSL
suucp        4031/udp            # UUCP over SSL
sysrqd        4094/tcp            # sysrq daemon
sysrqd        4094/udp            # sysrq daemon
remctl        4373/tcp        # Remote Authenticated Command Service
remctl        4373/udp        # Remote Authenticated Command Service
iax        4569/tcp            # Inter-Asterisk eXchange
iax        4569/udp
radmin-port    4899/tcp            # RAdmin Port
radmin-port    4899/udp
rfe        5002/udp            # Radio Free Ethernet
rfe        5002/tcp
mmcc        5050/tcp    # multimedia conference control tool (Yahoo IM)
mmcc        5050/udp
sip        5060/tcp            # Session Initiation Protocol
sip        5060/udp
sip-tls        5061/tcp
sip-tls        5061/udp
aol        5190/tcp            # AIM
aol        5190/udp
xmpp-client    5222/tcp    jabber-client    # Jabber Client Connection
xmpp-client    5222/udp    jabber-client
xmpp-server    5269/tcp    jabber-server    # Jabber Server Connection
xmpp-server    5269/udp    jabber-server
cfengine    5308/tcp
cfengine    5308/udp
mdns        5353/tcp            # Multicast DNS
mdns        5353/udp            # Multicast DNS
postgresql    5432/tcp    postgres    # PostgreSQL Database
postgresql    5432/udp    postgres
freeciv        5556/tcp    rptp        # Freeciv gameplay
freeciv        5556/udp
amqp        5672/tcp
amqp        5672/udp
amqp        5672/sctp
ggz        5688/tcp            # GGZ Gaming Zone
ggz        5688/udp            # GGZ Gaming Zone
x11        6000/tcp    x11-0        # X Window System
x11        6000/udp    x11-0
x11-1        6001/tcp
x11-1        6001/udp
x11-2        6002/tcp
x11-2        6002/udp
x11-3        6003/tcp
x11-3        6003/udp
x11-4        6004/tcp
x11-4        6004/udp
x11-5        6005/tcp
x11-5        6005/udp
x11-6        6006/tcp
x11-6        6006/udp
x11-7        6007/tcp
x11-7        6007/udp
gnutella-svc    6346/tcp            # gnutella
gnutella-svc    6346/udp
gnutella-rtr    6347/tcp            # gnutella
gnutella-rtr    6347/udp
sge_qmaster    6444/tcp            # Grid Engine Qmaster Service
sge_qmaster    6444/udp            # Grid Engine Qmaster Service
sge_execd    6445/tcp            # Grid Engine Execution Service
sge_execd    6445/udp            # Grid Engine Execution Service
afs3-fileserver 7000/tcp    bbs        # file server itself
afs3-fileserver 7000/udp    bbs
afs3-callback    7001/tcp            # callbacks to cache managers
afs3-callback    7001/udp
afs3-prserver    7002/tcp            # users & groups database
afs3-prserver    7002/udp
afs3-vlserver    7003/tcp            # volume location database
afs3-vlserver    7003/udp
afs3-kaserver    7004/tcp            # AFS/Kerberos authentication
afs3-kaserver    7004/udp
afs3-volser    7005/tcp            # volume managment server
afs3-volser    7005/udp
afs3-errors    7006/tcp            # error interpretation service
afs3-errors    7006/udp
afs3-bos    7007/tcp            # basic overseer process
afs3-bos    7007/udp
afs3-update    7008/tcp            # server-to-server updater
afs3-update    7008/udp
afs3-rmtsys    7009/tcp            # remote cache manager service
afs3-rmtsys    7009/udp
font-service    7100/tcp    xfs        # X Font Service
font-service    7100/udp    xfs
http-alt    8080/tcp    webcache    # WWW caching service
http-alt    8080/udp            # WWW caching service
bacula-dir    9101/tcp            # Bacula Director
bacula-dir    9101/udp
bacula-fd    9102/tcp            # Bacula File Daemon
bacula-fd    9102/udp
bacula-sd    9103/tcp            # Bacula Storage Daemon
bacula-sd    9103/udp
xmms2        9667/tcp    # Cross-platform Music Multiplexing System
xmms2        9667/udp    # Cross-platform Music Multiplexing System
amanda        10080/tcp            # amanda backup services
amanda        10080/udp
hkp        11371/tcp            # OpenPGP HTTP Keyserver
hkp        11371/udp            # OpenPGP HTTP Keyserver
bprd        13720/tcp            # VERITAS NetBackup
bprd        13720/udp
bpdbm        13721/tcp            # VERITAS NetBackup
bpdbm        13721/udp
bpjava-msvc    13722/tcp            # BP Java MSVC Protocol
bpjava-msvc    13722/udp
vnetd        13724/tcp            # Veritas Network Utility
vnetd        13724/udp
bpcd        13782/tcp            # VERITAS NetBackup
bpcd        13782/udp
vopied        13783/tcp            # VERITAS NetBackup
vopied        13783/udp
wnn6        22273/tcp            # wnn6
wnn6        22273/udp

#
# Datagram Delivery Protocol services
#
rtmp        1/ddp            # Routing Table Maintenance Protocol
nbp        2/ddp            # Name Binding Protocol
echo        4/ddp            # AppleTalk Echo Protocol
zip        6/ddp            # Zone Information Protocol

#=========================================================================
# The remaining port numbers are not as allocated by IANA.
#=========================================================================

# Kerberos (Project Athena/MIT) services
# Note that these are for Kerberos v4, and are unofficial.  Sites running
# v4 should uncomment these and comment out the v5 entries above.
#
kerberos4    750/udp        kerberos-iv kdc    # Kerberos (server)
kerberos4    750/tcp        kerberos-iv kdc
kerberos_master    751/udp                # Kerberos authentication
kerberos_master    751/tcp
passwd_server    752/udp                # Kerberos passwd server
krb_prop    754/tcp        krb5_prop hprop    # Kerberos slave propagation
krbupdate    760/tcp        kreg        # Kerberos registration
swat        901/tcp                # swat
kpop        1109/tcp            # Pop with Kerberos
knetd        2053/tcp            # Kerberos de-multiplexor
zephyr-srv    2102/udp            # Zephyr server
zephyr-clt    2103/udp            # Zephyr serv-hm connection
zephyr-hm    2104/udp            # Zephyr hostmanager
eklogin        2105/tcp            # Kerberos encrypted rlogin
# Hmmm. Are we using Kv4 or Kv5 now? Worrying.
# The following is probably Kerberos v5  --- ajt@debian.org (11/02/2000)
kx        2111/tcp            # X over Kerberos
iprop        2121/tcp            # incremental propagation
#
# Unofficial but necessary (for NetBSD) services
#
supfilesrv    871/tcp                # SUP server
supfiledbg    1127/tcp            # SUP debugging

#
# Services added for the Debian GNU/Linux distribution
#
linuxconf    98/tcp                # LinuxConf
poppassd    106/tcp                # Eudora
poppassd    106/udp
ssmtp        465/tcp        smtps        # SMTP over SSL
moira_db    775/tcp                # Moira database
moira_update    777/tcp                # Moira update protocol
moira_ureg    779/udp                # Moira user registration
spamd        783/tcp                # spamassassin daemon
omirr        808/tcp        omirrd        # online mirror
omirr        808/udp        omirrd
customs        1001/tcp            # pmake customs server
customs        1001/udp
skkserv        1178/tcp            # skk jisho server port
predict        1210/udp            # predict -- satellite tracking
rmtcfg        1236/tcp            # Gracilis Packeten remote config server
wipld        1300/tcp            # Wipl network monitor
xtel        1313/tcp            # french minitel
xtelw        1314/tcp            # french minitel
support        1529/tcp            # GNATS
cfinger        2003/tcp            # GNU Finger
frox        2121/tcp            # frox: caching ftp proxy
ninstall    2150/tcp            # ninstall service
ninstall    2150/udp
zebrasrv    2600/tcp            # zebra service
zebra        2601/tcp            # zebra vty
ripd        2602/tcp            # ripd vty (zebra)
ripngd        2603/tcp            # ripngd vty (zebra)
ospfd        2604/tcp            # ospfd vty (zebra)
bgpd        2605/tcp            # bgpd vty (zebra)
ospf6d        2606/tcp            # ospf6d vty (zebra)
ospfapi        2607/tcp            # OSPF-API
isisd        2608/tcp            # ISISd vty (zebra)
afbackup    2988/tcp            # Afbackup system
afbackup    2988/udp
afmbackup    2989/tcp            # Afmbackup system
afmbackup    2989/udp
xtell        4224/tcp            # xtell server
fax        4557/tcp            # FAX transmission service (old)
hylafax        4559/tcp            # HylaFAX client-server protocol (new)
distmp3        4600/tcp            # distmp3host daemon
munin        4949/tcp    lrrd        # Munin
enbd-cstatd    5051/tcp            # ENBD client statd
enbd-sstatd    5052/tcp            # ENBD server statd
pcrd        5151/tcp            # PCR-1000 Daemon
noclog        5354/tcp            # noclogd with TCP (nocol)
noclog        5354/udp            # noclogd with UDP (nocol)
hostmon        5355/tcp            # hostmon uses TCP (nocol)
hostmon        5355/udp            # hostmon uses UDP (nocol)
rplay        5555/udp            # RPlay audio service
nsca        5667/tcp            # Nagios Agent - NSCA
mrtd        5674/tcp            # MRT Routing Daemon
bgpsim        5675/tcp            # MRT Routing Simulator
canna        5680/tcp            # cannaserver
sane-port    6566/tcp    sane saned    # SANE network scanner daemon
ircd        6667/tcp            # Internet Relay Chat
zope-ftp    8021/tcp            # zope management by ftp
tproxy        8081/tcp            # Transparent Proxy
omniorb        8088/tcp            # OmniORB
omniorb        8088/udp
clc-build-daemon 8990/tcp            # Common lisp build daemon
xinetd        9098/tcp
mandelspawn    9359/udp    mandelbrot    # network mandelbrot
git        9418/tcp            # Git Version Control System
zope        9673/tcp            # zope server
webmin        10000/tcp
kamanda        10081/tcp            # amanda backup services (Kerberos)
kamanda        10081/udp
amandaidx    10082/tcp            # amanda backup services
amidxtape    10083/tcp            # amanda backup services
smsqp        11201/tcp            # Alamin SMS gateway
smsqp        11201/udp
xpilot        15345/tcp            # XPilot Contact Port
xpilot        15345/udp
sgi-cmsd    17001/udp        # Cluster membership services daemon
sgi-crsd    17002/udp
sgi-gcd        17003/udp            # SGI Group membership daemon
sgi-cad        17004/tcp            # Cluster Admin daemon
isdnlog        20011/tcp            # isdn logging system
isdnlog        20011/udp
vboxd        20012/tcp            # voice box system
vboxd        20012/udp
binkp        24554/tcp            # binkp fidonet protocol
asp        27374/tcp            # Address Search Protocol
asp        27374/udp
csync2        30865/tcp            # cluster synchronization tool
dircproxy    57000/tcp            # Detachable IRC Proxy
tfido        60177/tcp            # fidonet EMSI over telnet
fido        60179/tcp            # fidonet EMSI over TCP

# Local services



Networking - Dynamic Host Configuration Protocol (DHCP)

The Dynamic Host Configuration Protocol (DHCP) is a network service that enables host computers to be automatically assigned settings from a server as opposed to manually configuring each network host. The most common settings provided by a DHCP server to DHCP clients include:
  • IP-Address and Netmask
  • DNS
  • WINS
  • Host Name
  • Domain Name
  • Default Gateway
  • Time Server
  • Print Server

A DHCP server can provide configuration settings using two methods:

MAC Address 
This method entails using DHCP to identify the unique hardware address of each network card connected to the network and then continually supplying a constant configuration each time the DHCP client makes a request to the DHCP server using that network device.  


Address Pool 
This method entails defining a pool (sometimes also called a range or scope) of IP addresses from which DHCP clients are supplied their configuration properties dynamically and on a fist come first serve basis. When a DHCP client is no longer on the network for a specified period, the configuration is expired and released back to the address pool for use by other DHCP Clients.


    Follow the below stages to install and configure DHCP:

    Stage 1]  Execute the following command to install DHCP server from internet in server computer.

    susanta@admin:~$ sudo   apt-get   install   dhcp3-server




    Stage 2]   If we have two network cards in your ubuntu server we need to select which interface you want to use for  DHCP server listening.By default it listens to eth0. To select another interface, edit the /etc/default/dhcp3-server file


    susanta@admin:~$ sudo gedit /etc/default/dhcp3-server
     Defaults for dhcp initscript
    # sourced by /etc/init.d/dhcp
    # installed at /etc/default/dhcp3-server by the maintainer scripts

    #
    # This is a POSIX shell fragment
    #

    # On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
    #    Separate multiple interfaces with spaces, e.g. "eth0 eth1".
    # INTERFACES="eth0"

    INTERFACES="eth1"  




    Stage 3]    Before editing the main configuration file of DHCP, take a backup of the file.

    susanta@admin:~$ sudo  cp  /etc/dhcp3/dhcpd.conf   /etc/dhcp3/dhcpd.conf.back







    Stage 4]   Now, edit the configuration file of DHCP server,

    susanta@admin:~$ sudo   gedit   /etc/dhcp3/dhcpd.conf
    #
    # Sample configuration file for ISC dhcpd for Debian
    #
    # Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
    # configuration file instead of this file.
    #
    # $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
    #

    # The ddns-updates-style parameter controls whether or not the server will
    # attempt to do a DNS update when a lease is confirmed. We default to the
    # behavior of the version 2 packages ('none', since DHCP v2 didn't
    # have support for DDNS.)
    ddns-update-style none;

    # option definitions common to all supported networks...
    # option domain-name "example.org";
    # option domain-name-servers ns1.example.org, ns2.example.org;

    # default-lease-time 600;
    # max-lease-time 7200;

    # If this DHCP server is the official DHCP server for the local
    # network, the authoritative directive should be uncommented.
    #authoritative;

    # Use this to send dhcp log messages to a different log file (you also
    # have to hack syslog.conf to complete the redirection).
    log-facility local7;

    # No service will be given on this subnet, but declaring it helps the
    # DHCP server to understand the network topology.

    #subnet 10.152.187.0 netmask 255.255.255.0 {
    #}

    # This is a very basic subnet declaration.

    #subnet 10.254.239.0 netmask 255.255.255.224 {
    #  range 10.254.239.10 10.254.239.20;
    #  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
    #}

    # This declaration allows BOOTP clients to get dynamic addresses,
    # which we don't really recommend.

    #subnet 10.254.239.32 netmask 255.255.255.224 {
    #  range dynamic-bootp 10.254.239.40 10.254.239.60;
    #  option broadcast-address 10.254.239.31;
    #  option routers rtr-239-32-1.example.org;
    #}

    # A slightly different configuration for an internal subnet.
    #subnet 10.5.5.0 netmask 255.255.255.224 {
    #  range 10.5.5.26 10.5.5.30;
    #  option domain-name-servers ns1.internal.example.org;
    #  option domain-name "internal.example.org";
    #  option routers 10.5.5.1;
    #  option broadcast-address 10.5.5.31;
    #  default-lease-time 600;
    #  max-lease-time 7200;
    #}

    # Hosts which require special configuration options can be listed in
    # host statements.   If no address is specified, the address will be
    # allocated dynamically (if possible), but the host-specific information
    # will still come from the host declaration.

    #host passacaglia {
    #  hardware ethernet 0:0:c0:5d:bd:95;
    #  filename "vmunix.passacaglia";
    #  server-name "toccata.fugue.com";
    #}

    # Fixed IP addresses can also be specified for hosts.   These addresses
    # should not also be listed as being available for dynamic assignment.
    # Hosts for which fixed IP addresses have been specified can boot using
    # BOOTP or DHCP.   Hosts for which no fixed address is specified can only
    # be booted with DHCP, unless there is an address range on the subnet
    # to which a BOOTP client is connected which has the dynamic-bootp flag
    # set.
    #host fantasia {
    #  hardware ethernet 08:00:07:26:c0:a5;
    #  fixed-address fantasia.fugue.com;
    #}

    # You can declare a class of clients and then do address allocation
    # based on that.   The example below shows a case where all clients
    # in a certain class get addresses on the 10.17.224/24 subnet, and all
    # other clients get addresses on the 10.0.29/24 subnet.

    #class "foo" {
    #  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
    #}

    #shared-network 224-29 {
    #  subnet 10.17.224.0 netmask 255.255.255.0 {
    #    option routers rtr-224.example.org;
    #  }
    #  subnet 10.0.29.0 netmask 255.255.255.0 {
    #    option routers rtr-29.example.org;
    #  }
    #  pool {
    #    allow members of "foo";
    #    range 10.17.224.10 10.17.224.250;
    #  }
    #  pool {
    #    deny members of "foo";
    #    range 10.0.29.10 10.0.29.230;
    #  }
    #}
    default-lease-time  600;
    max-lease-time  7200;
    option  subnet-mask  255.255.255.0;
    option  broadcast-address  192.168.1.255;
    option  routers  192.168.1.254;
    option  domain-name-servers  192.168.1.1, 192.168.1.2;
    option  domain-name  “yourdomainname.com”;

    # Using address pool method
    subnet  192.168.1.0  netmask  255.255.255.0 {
    range  192.168.1.10  192.168.1.90;
    }
    # Using MAC address method
    host  dns_server {
      hardware  ethernet 
    00:16:76:1e:6a:60;
      fixed-address  192.168.1.100;
    }


    Note: Must select subnet IP address is the starting IP address of DHCP server's IP address (Example: 192.168.1.2). And DHCP server's IP address is always a Static IP address.

    Note: To get the MAC address of the Network Interface Card, execute the below command,


    susanta@admin:~$ ifconfig
    eth0     Link encap:Ethernet  HWaddr 00:16:76:1e:6a:60  
             UP BROADCAST MULTICAST  MTU:1500  Metric:1
             RX packets:0 errors:0 dropped:0 overruns:0 frame:0
             TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
             collisions:0 txqueuelen:1000
             RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
             Interrupt:21 Base address:0xde00









    Stage 5]  Now, we need to restart the DHCP server restart to get effect of the change in configuration file.


    susanta@admin:~$ sudo /etc/init.d/dhcp3-server start
     * Starting DHCP server dhcpd3                            [ OK ]

    Note: If the service is unable to restart and get a error message as like "check syslog for diagnostics", then check the syslog file which contents DHCP error related info,


    susanta@admin:~$ tail -n 100 /var/log/syslog

    Note: Check the few lines of the file, because it is very big file.





    Stage 5] Now we have to configure our DHCP client computer, just by editing the /etc/network/interfaces file,


    susanta@admin:~$ sudo gedit /etc/network/interfaces



    Note: The DHCP server writes all current IP address "leases" to the file /var/lib/dhcp3/dhcpd,

    susanta@admin:~$ vi /var/lib/dhcp3/dhcpd.leases
     


    Note: To check DHCP status, execute the below command,
    susanta@admin:~$ netstat -uap

    Networking - Static IP Address or DHCP Configuring for Network Interface Card (NIC)

    By two ways we can set IP address for Network Interface Card.

          a) Dynamic IP Address - by using DHCP (Dynamic Host Configuration Protocol) server
          b) Static IP Address - by Setting a fix IP address for NIC.




    Configuring DHCP Address for Network Interface Card (NIC)

    Just edit the /etc/network/interfaces file to configure dynamic IP address for the network card.

    susanta@admin:~$ sudo gedit /etc/network/interfaces
    # auto lo
    # iface lo inet loopback
    auto eth0
    iface eth0 inet dhcp


    Here the IP address of the Network card will be collected from local DHCP server.

    Now execute the following command to set IP address from DHCP server.


    susanta@admin:~$ sudo /etc/init.d/networking restart
     * Reconfiguring network interfaces...                                                                                       Internet Systems Consortium DHCP Client V3.1.3
    Copyright 2004-2009 Internet Systems Consortium.
    All rights reserved.
    For info, please visit https://www.isc.org/software/dhcp/

    Listening on LPF/eth0/00:16:76:1e:6a:60
    Sending on   LPF/eth0/00:16:76:1e:6a:60
    Sending on   Socket/fallback
    DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8

    ................................

    ................................







    Configuring Static IP Address for Network Interface Card (NIC)

    Same way edit the /etc/network/interfaces file to configure static IP address for the network card.

    susanta@admin:~$ sudo gedit /etc/network/interfaces
    # auto lo
    # iface lo inet loopback
    auto eth0
    iface eth0 inet static
    address 192.168.1.2
    gateway 192.168.1.1
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255

    Now restart the networking script file to set IP address for the Network Interface Card.


    susanta@admin:~$ sudo /etc/init.d/networking restart

    To check whether the new IP address is set for the network interface card, execute the following command,


    susanta@admin:~$ ifconfig
    eth0      Link encap:Ethernet  HWaddr 00:16:76:1e:6a:60
              inet addr:192.168.1.2   Bcast:192.168.1.255   Mask:255.255.255.0
              UP BROADCAST MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
              Interrupt:21 Base address:0xde00

    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:8 errors:0 dropped:0 overruns:0 frame:0
              TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:480 (480.0 B)  TX bytes:480 (480.0 B)

    ppp0      Link encap:Point-to-Point Protocol
              inet addr:10.1.77.54  P-t-P:2.2.2.2  Mask:255.255.255.255
              UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
              RX packets:1585 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1744 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:3
              RX bytes:553960 (553.9 KB)  TX bytes:792791 (792.7 KB)




    Note: We can also set second IP address or virtual IP address for same network interface

    susanta@admin:~$ sudo gedit /etc/network/interfaces
    auto eth0
    iface eth0 inet static
    address 192.168.1.2
    gateway 192.168.1.1
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255

    auto eth0:1
    iface eth0:1 inet static
    address 192.168.1.3
    gateway 192.168.1.1
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255 



    Now execute the following command to check, whether it is working properly,
     
    susanta@admin:~$ ifconfig
    eth0      Link encap:Ethernet  HWaddr 00:16:76:1e:6a:60
              inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
              UP BROADCAST MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
              Interrupt:21 Base address:0xde00

    eth0:1    Link encap:Ethernet  HWaddr 00:16:76:1e:6a:60
              inet addr:192.168.1.3  Bcast:192.168.1.255  Mask:255.255.255.0
              UP BROADCAST MULTICAST  MTU:1500  Metric:1
              Interrupt:21 Base address:0xde00


    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:8 errors:0 dropped:0 overruns:0 frame:0
              TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:480 (480.0 B)  TX bytes:480 (480.0 B)

    Networking - DNS (Domain Name Server)

    Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified domain names (FQDN) to one another. In this way, DNS alleviates the need to remember IP addresses. Computers that run DNS are called name servers. Ubuntu ships with BIND (Berkley Internet Naming Daemon), the most common program used for maintaining a name server on GNU/Linux. [Ref: Ubuntu Official Document on 22.02.11]

    When you are going to browse any web site, then you enter the web site's name, but this name converted into number. Each time you type a web site's address into your browser, the Domain Name System (DNS) goes to work. The level of FQDN (Fully Qualified Domain Name) are given below,


    Ex. mail.yahoo.com.

    Follow the below steps to install DNS and configure it.




    Step 1] Install the bind9 package to install DNS after login as administrative.


    susanta@admin:~$ sudo -s
     

    root@admin:~# sudo  apt-get  install  bind9








    Step 2] Edit (or add new lines in) the main configuration file.

    root@admin:~# gedit  /etc/bind/named.conf
    // This is the primary configuration file for the BIND DNS server named.
    //
    // Please read /usr/share/doc/bind9/README.Debian.gz for information on the
    // structure of BIND configuration files in Debian, *BEFORE* you customize
    // this configuration file.
    //
    // If you are just adding zones, please do that in /etc/bind/named.conf.local

    include "/etc/bind/named.conf.options";
    include "/etc/bind/named.conf.local";
    include "/etc/bind/named.conf.default-zones";



    // reduce log verbosity on issues outside our control
    logging {
        category lame-servers { null; };
        category cname { null; };
    };

    // prime the server with knowledge of the root servers
    zone "." {
            type hint;
            file "/etc/bind/db.root";
    };

    // be authoritative for the localhost forward and reverse zones, and for
    // broadcast zones as per RFC 1912

    zone "home.com" {
            type master;
            file "/etc/bind/home.com.db";
    };

    zone "0.168.192.in-addr.arpa" {
            type master;
            file "/etc/bind/rev.0.168.192.in-addr.arpa.db";
    };






    Step 3]  Now creates two database files by following existing example. One file contents the information of converting host name to IP address and another contents the information of converting IP address to host name.root@admin:~# cp  /etc/bind/db.local  /etc/bind/home.com.db

    Note: It will help to convert host name to IP  address.






    root@admin:~# cp  /etc/bind/db.127   /etc/bind/rev.0.168.192.in-addr.arpa.db

    Note: It will help to convert IP  address to host name.



    Step 4]  Now, edit the home.com.db file to convert host name to IP address


    root@admin:~# gedit /etc/bind/home.com.db
    ;
    ; BIND data file for local loopback interface
    ;
    $TTL    604800
    @    IN    SOA    admin.home.com. root.admin.home.com. (
                      2        ; Serial
                 604800        ; Refresh
                  86400        ; Retry
                2419200        ; Expire
                 604800 )    ; Negative Cache TTL
    ;
    @    IN    NS    admin.home.com.
    admin    IN    A    192.168.0.1
    mail    IN    A    192.168.0.2
    chat    IN    A    192.168.0.3
    news    IN    A    192.168.0.4
    www    IN    A    192.168.0.5



    Step 5]  Now, edit the rev.0.168.192.in-addr.arpa.db file to convert IP address to host name.

    root@admin:~# gedit  /etc/bind/rev.0.168.192.in-addr.arpa.db
    ;
    ; BIND reverse data file for local loopback interface
    ;
    $TTL    604800
    @    IN    SOA    admin.home.com. root.admin.home.com. (
                      1        ; Serial
                 604800        ; Refresh
                  86400        ; Retry
                2419200        ; Expire
                 604800 )    ; Negative Cache TTL
    ;
    @    IN    NS    admin.home.com.
    1    IN    PTR    admin.home.com.
    2    IN    PTR    mail.home.com.
    3    IN    PTR    chat.home.com.
    4    IN    PTR    news.home.com.
    5    IN    PTR    www.home.com.

    Networking - Http Server (Apache)

    The Apache web server is used in Ubuntu to build HTTP server. Follow the below commands,


    Stage 1] Execute the below command to install Apache web server from internet.

    susanta@admin:~$  sudo  apt-get  install  apache2

    After installation the root configuration files and web resource director are
     /etc/apache2 and /var/www respectively.



    Stage 2] The main configuration file is /etc/apache2/apache2.conf.


    susanta@admin:~$  sudo gedit  /etc/apache2/apache2.conf



    Stage 3] If Domain Name Server (DNS) is not installed then modify the hosts file to configure Domain Name.

    susanta@admin:~$ sudo gedit /etc/hostname


    Here, admin.home.com is a fully qualified domain name.
     
    susanta@admin:~$ sudo gedit /etc/hosts



    Stage 4] Modify the /etc/apache2/sites-available/default file to select the domain name and the document path which will be opened in the browser.

    susanta@admin:~$ sudo gedit /etc/apache2/sites-available/default

    <VirtualHost admin.home.com:80>
        ServerAdmin susanta@admin.home.com
        DocumentRoot /var/www
     

        <Directory />
            Options FollowSymLinks
            AllowOverride None
        </Directory>


        <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
        </Directory>

        ErrorLog /var/log/apache2/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/access.log combined

        Alias /doc/ "/usr/share/doc/"
        <Directory "/usr/share/doc/">
            Options Indexes MultiViews FollowSymLinks
            AllowOverride None
            Order deny,allow
            Deny from all
            Allow from 127.0.0.0/255.0.0.0 ::1/128
        </Directory>

    </VirtualHost>


    Here, /var/www/ is the document directory and inside the director there is file called index.html which will be opened in browser.



    Stage 5] Now start or reload the apache server to get affect change.

    susanta@admin:~$ service apache2 start
    or
    susanta@admin:~$ service apache2 reload


    Stage 6] Open a browser and write the domain name admin.home.com.



    Stage 7] Apache can configure number of different virtual domain name(s) by using same IP address. To do this, we need to copy /etc/apache2/sites-available/default to /etc/apache2/sites-enabled/default in deferent name.

    susanta@admin:~$ sudo  cp  /etc/apache2/sites-available/default  /etc/apache2/sites-enabled/mysite


    Stage 8] Now edit the mysite file to create a virtual site.

    susanta@admin:~$ sudo  gedit  /etc/apache2/sites-enabled/mysite
    <VirtualHost mysite.home.com:80>
        ServerAdmin susanta@mysite.home.com

        DocumentRoot /var/redhat

        <Directory /var/redhat>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
        </Directory>
      
    </VirtualHost>



    Stage 9] Add the vertual domain name in /etc/hosts file.

    susanta@admin:~$ sudo gedit /etc/hosts
    127.0.0.1    localhost
    127.0.1.1    admin.home.com
    127.0.1.1    mysite.home.com


    # The following lines are desirable for IPv6 capable hosts
    ::1     localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts






    Stage 10] Now again reload the apache server to get affect change.

    susanta@admin:~$ service apache2 reload


    Stage 11] Open a browser and write the virtual domain name mysite.home.com