Im trying to lock down an Ubuntu server and ran nmap -T4 against
my server. Everything looks right except that it shows port 3128
open but I dont run a squid server or anything else I know of on
that port.
PORT STATE SERVICE
80/tcp open http
3128/tcp open squid-http
So I have 2 questions:
-
When I run netstat -tlnp I get nothing that shows port 3128. When I telnet
to that port from another machine on my local lan it responds!? What is
running and why cant I find it? -
I have iptables setup to bare minimum, but I cant seem to close port 3128
from telnet in question 1?
Can anyone tell me whats going on with port 3128?
Is it something to do with the linksys router thats responding
and not the computer itself? Ive googled this and havent been able to
find an answer.
Thanks in advance
Best Answer
Try
Which will give you the Process ID's associated with the port, then you can use, for example
to get the associated process. (There are probably more elegant ways to do the second step, but it works for me !)