MacOS: How to list my open network ports?
↳ $ date | cat c4t3g0ry;
- - Publicado el 01/11/2016 | Esto es sobre: Unix/Linux Sys.Admin
This commands is perfect when you are paranoid, about what ports/processes are open, or what ports/processes are listening.
We have differents methods and outputs, but netstat and lsof are my preferreds :
$ netstat -atp tcp | grep -i "listen" tcp46 0 0 *.4---- *.* LISTEN tcp4 0 0 *.4---- *.* LISTEN tcp46 0 0 *.http *.* LISTEN tcp4 0 0 localhost.49153 *.* LISTEN tcp4 0 0 localhost.49152 *.* LISTEN
lsof, This command lists only the processes of the current user. But you can run this command as root… maybe the hacker got root access?
$ lsof -iTCP -sTCP:LISTEN -n -P COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ---n 367 rafael 3u IPv4 0xb---------3 0t0 TCP *:--- (LISTEN) ---n 367 rafael 4u IPv6 0xb---------3 0t0 TCP *:--- (LISTEN) $ sudo lsof -iTCP -sTCP:LISTEN -n -P COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME mtmfs 91 root 3u IPv4 0xbf5a44a29de7f403 0t0 TCP 127.0.0.1:49152 (LISTEN) mtmfs 91 root 5u IPv4 0xbf5a44a29de7fcfb 0t0 TCP 127.0.0.1:49153 (LISTEN) httpd 98 root 4u IPv6 0xbf5a44a2a133bc6b 0t0 TCP *:80 (LISTEN) ---n 367 rafael 3u IPv4 0xb---------3 0t0 TCP *:**0 (LISTEN) ---n 367 rafael 4u IPv6 0xb---------3 0t0 TCP *:**0 (LISTEN) httpd 454 _www 4u IPv6 0xbf5a44a2a133bc6b 0t0 TCP *:80 (LISTEN)
Remember when execute this commands, list only the process of the current user, if you have a malicious software and this proccess is running by root you need execute lsof as root.
Tested in MacOS Sierra
#HappyParanoid