Auditing network services with netstat

The following are two reasons why you would want to keep track of what network services are running on your system:

  • To ensure that no legitimate network services that you don't need are running
  • To ensure that you don't have any malware that's listening for network connections from its master

The netstat command is both handy and easy to use for these instances. First, let's say that you want to see a list of network services that are listening, waiting for someone to connect to them:

donnie@linux-0ro8:~> netstat -lp -A inet(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)Active Internet connections (only servers)Proto Recv-Q ...

Get Mastering Linux Security and Hardening now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.