Hi !!! I recently check a my CentOS 5.2 installation with nmap: PORT STATE SERVICE 22/tcp open ssh 3306/tcp open mysql 5001/tcp open commplex-link 8080/tcp open http-proxy 8443/tcp open https-alt Nmap finished: 1 IP address (1 host up) scanned in 0.080 seconds I can't find which process is opening the 5001/tcp. Anyone has an ideia about who is opening that port and how to close it ? Is there a service that uses this tcp port and is enabled by default after a CentOS Server installation using GUI ??? Thanks to all, Klaus
so netstat -tap does not show any process opening 5001? Maybe you got (x)intetd running, that's opening this port...
Ben... The services running on that server are: [root@phantom ~]# chkconfig --list | grep '3n' anacron 0ff 1ff 2n 3n 4n 5n 6ff apmd 0ff 1ff 2n 3n 4n 5n 6ff atd 0ff 1ff 2ff 3n 4n 5n 6ff autofs 0ff 1ff 2ff 3n 4n 5n 6ff cpuspeed 0ff 1n 2n 3n 4n 5n 6ff crond 0ff 1ff 2n 3n 4n 5n 6ff denyhosts 0ff 1ff 2n 3n 4n 5n 6ff gpm 0ff 1ff 2n 3n 4n 5n 6ff haldaemon 0ff 1ff 2ff 3n 4n 5n 6ff ip6tables 0ff 1ff 2n 3n 4n 5n 6ff iptables 0ff 1ff 2n 3n 4n 5n 6ff irqbalance 0ff 1ff 2n 3n 4n 5n 6ff kudzu 0ff 1ff 2ff 3n 4n 5n 6ff lvm2-monitor 0ff 1n 2n 3n 4n 5n 6ff messagebus 0ff 1ff 2ff 3n 4n 5n 6ff microcode_ctl 0ff 1ff 2n 3n 4n 5n 6ff mysqld 0ff 1ff 2n 3n 4n 5n 6ff network 0ff 1ff 2n 3n 4n 5n 6ff ntpd 0ff 1ff 2n 3n 4n 5n 6ff readahead_early 0ff 1ff 2n 3n 4n 5n 6ff readahead_later 0ff 1ff 2n 3n 4n 5n 6ff sendmail 0ff 1ff 2n 3n 4n 5n 6ff sshd 0ff 1ff 2n 3n 4n 5n 6ff syslog 0ff 1ff 2n 3n 4n 5n 6ff tomcat5 0ff 1ff 2n 3n 4n 5n 6ff xfs 0ff 1ff 2n 3n 4n 5n 6ff As you can see there is no xinetd ou inetd running. Using your suggested command I see the following line: tcp 0 0 *:commplex-link *:* LISTEN 10430/java Which means that I have to check my Java installation. Thanks for the help... I'll see what I can do and I'll post the solution here.
