Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Server dependencies
Top Forums UNIX for Dummies Questions & Answers Server dependencies Post 302650503 by frappa on Sunday 3rd of June 2012 09:12:37 AM
Old 06-03-2012
Hi,

not very clear what are you really looking for, but maybe this can help:
If you're trying to look for what network services the server is acting as a client (that is, applications running on the server that are acting as clients with regard to some network services):
1. netstat: look at external ports/services the server has in state ESTABLISHED or CLOSE_WAIT; run this command if you have a login account on the server. You could find services provided by the server itself (i.e. applications from the monitored server connecting to TCP/UDP sockets on the server itself).
2. a network traffic sniffing tool (i.e. tcpdump, wireshark, etc.) may also do the job, provided they are run for a sufficiently long time (many applications may have permanet traffic with external services while others may just connect once in a while). You don't have to run tcpdump or wireshark on the machine itself, as long as you have a machine in the same subnet as the server you are monitoring with a network interface capable of 'promiscuous mode'.

When you asked for nmap usage, remember that nmap is generally used to discover what network services are listening on the target server. Unless you run nmap on the target server itself, the results returned by nmap may be less comprehensive than the results returned by running netstat (this time, you would look to results with TCP/UDP sockets in state LISTENING), because a firewall may filter some sockets.

see ya
fra
This User Gave Thanks to frappa For This Post:
greatmaple
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Cksum dependencies

Hi, On what factors does the cksum depend. If i build 2 machines exactly the same, then can i get the checksum of 2 compiled files same. Thanks (3 Replies)
Discussion started by: vibhor_agarwali
3 Replies

2. Solaris

Determinining Software Dependencies

How does one determine what software dependenices are required for a software package? I looked up the command pkginfo in the man pages, but could not find anything to answer this question... Thanks Rob (1 Reply)
Discussion started by: RobSand
1 Replies

3. Solaris

Software Dependencies Conflicts

Question: What do you do when you have a software dependency conflict? Case in point, according to Freeware for Solaris, before one can install tcl, tk must be installed first. And then when I go to investigate dependencies for tk, it says that tcl must be installed first!!! Its like... (2 Replies)
Discussion started by: RobSand
2 Replies

4. Red Hat

RPM and dependencies OPENSSH

Hello Sorry, I am not to well versed in RHE and I am having some issues. I have doen a cursury look around and could not find an answer. I have 2 RHE4 servers. Both have old versions of OPENSSH along with , server, askpass, askpass-gnome, etc. I cannot upgrade to our new pkg release of... (8 Replies)
Discussion started by: mhenryj
8 Replies

5. Red Hat

problem with Dependencies package !

Dear Friends , I am using RHEL 5 server . In Linux when I am going to install 'mod_ssl' rpm then I got the following error : # rpm -ivh mod_ssl-2.2.3-6.el5.i386.rpm --aid --force warning: mod_ssl-2.2.3-6.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 error: Failed... (5 Replies)
Discussion started by: shipon_97
5 Replies

6. Red Hat

RPM dependencies fail

Hello, I am trying to install krb5-libs-1.4-4.pp-rh73.i386.rpm on my Red Hat 7.X server, however while installing/upgrading it fails due to dependencies. I checked for these dependencies and i already found them on the server. I wonder why it is giving these errors. I tried copying these... (1 Reply)
Discussion started by: sunny_a_j
1 Replies

7. UNIX and Linux Applications

Help me | RT Installation and its dependencies

Hello everyone, This is my problem: I'm installing RT (Request Tracker) when I found the firsts difficulties with package that must be configured. I could resolve them :). The real problem are the missing dependencies. The command perl -MCPAN -e"install denpendency" resolved some missing... (0 Replies)
Discussion started by: journey
0 Replies

8. Linux

Failed dependencies

Hi all, i'm trying to upgrade pandorafms to the new version 4.0.3-130118, actually i have installed on my machine the version 3.0.0-8.1.el5, the error i'm getting when trying to update its the following rpm -Uvh pandorafms_agent_unix-4.0.3-130118.noarch.rpm error: Failed dependencies: ... (1 Reply)
Discussion started by: charli1
1 Replies

9. Red Hat

RPM failed dependencies

I'm trying to package the latest Oracle JDK (1.7.0_51) into an RPM. Packaging works fine but when i try to install via rpm -Uvh xxx.rpm, i get the following: #sudo rpm -ivh Sun_JDK7-1.7.0-51.x86_64.rpm error: Failed dependencies: libavcodec.so.52()(64bit) is needed by Sun_JDK7-1.7.0-51.x86_64... (3 Replies)
Discussion started by: asc123321
3 Replies

10. AIX

Dependencies errors

Hi guys when I'm trying to install some RPMs file I got this errors # rpm -ivh DSM-IBMAIXServer-7.2-796075.noarch.rpm error: failed dependencies: perl(Digest::MD5) is needed by DSM-IBMAIXServer-7.2-796075 perl(Exporter) is needed by DSM-IBMAIXServer-7.2-796075 ... (1 Reply)
Discussion started by: khaled_ly84
1 Replies

LEARN ABOUT DEBIAN

nstreams

nstreams(1)							   Users Manuals						       nstreams(1)

NAME

       network streams - a tcpdump output analyzer

SYNOPSIS

       nstreams [ -v ] [ -c nstreams-services ] [ -n nstreams-networks_file ] [ -N [ -i ] [ -I ]] [ -r ] [ -O output [ -D iface ] [ -Y ]] [ -u ] [
       -U ] [ -B ] [ -f tcpdump_file ] [ -l <iface> ] [ tcpdump output ]

DESCRIPTION

       nstreams is a utility designed to identify the IP streams that are occuring on a network from a non-user friendly tcpdump output of several
       megabytes.

       This  is  especially  useful  when you plan to install a firewall but if you do not know the nstreams that the network users are generating
       (http, real audio, and more...).  nstreams can read the tcpdump output directly from stdin, or from a file. It can even generate  the  con-
       figuration file of your firewall, using the  -O option.

OPTIONS

       -c <nstreams-services-file>
	      The  path to an alternate nstreams service file. This file is used to identify each protocol. See the services file section later in
	      this manual page.

       -n <nstreams-networks-file>
	      The path to an alternate nstreams network file. This file is used to identify which hosts belong to which network. See the  networks
	      file section later in this manual page.

       -f <tcpdump output file>
	      The path to the file to read data from. This file must have been generated using 'tcpdump -w filename'.

       -l <iface>
	      Listen directly on interface <iface>. This avoids the use of tcpdump.

       -N     print  the  networks  names instead of the hosts IP addresses. The intra-network traffic will not be shown. Use this option twice to
	      show the networks IP address instead of their names.

       -i     Also show the intra-network traffic (must be used with -N)

       -I     Only show the intra-network traffic (must be used with -N)

       -r     be redundant. That is, the same streams will be printed each time they appear in the dump.

       -v     print version number and exit.

       -O <type>
	      output type. You can use this option to generate your firewall startup script.  Do nstreams -h to see the supported output types.

       -D <iface>
	      interface to apply to output onto. Must be used with -O.

       -Y     The firewall rules that will be generated will deny all packets coming from the outside  trying  to  establish  connections  to  the
	      inside. If you system is not serving anything, then it's safe to turn on this option.

       -u     Do not print the unknown streams

       -U     Only print the unknown streams

       -B     Show broadcasts and networks

USAGE

       Let tcpdump(1) run some time on your network (like one week), and save its output in a file, by doing :
       tcpdump -l -n > output
       or
       tcpdump -w filename

       Then,  feed nstreams with this output file, and it will turn it into a easily-readable file which will help you to write efficient firewall
       filters.  You may also do :
       tcpdump -l -n | nstreams
       or
       nstreams -f filename (if you used tcpdump -w)

THE SERVICES FILE

       The service file contains the description of each protocol, as well as their name. Its syntax is :
       protocol_name:server_port(s)/{udp,tcp}:client_ports(s)
       or :
       protocol_name:type(s)/icmp:code(s)

       Whereas :

       protocol_name
	      is the name of the protocol described. This name may contain any character, including space, except ':'.

       server_port(s)
	      is the range of ports used by the server. Usually, you will want to define one server port only, but you may  enter  any	range  you
	      want.

       ip_protocol
	      is the IP protocol that this protocol is lying onto. Acceptable values are tcp and udp

       client_port(s)

	      is  the  range  of  ports  that  the  client  may  use. You can set this to any or, for more accurate results, to ports ranges, like
	      '1-1024,2048-4096'.
	      The rules are : 'first match, first taken'.

SERVICE FILE EXAMPLE

       Using this syntax, you would declare the ssh protocol by :
       ssh-unix:22/tcp:1000-1023
       Because the Unix version of the ssh client uses a privileged port to connect onto the ssh server which listens on port 22.

THE NETWORKS FILE

       The networks file is used to define sets and subsets of hosts (also known as networks). This avoids redundancy in the output file. The syn-
       tax format for this file is :
       network name:ip/mask
       Whereas	the network name is whatever you want, the IP is the ip of the network, and the mask is the CIDR netmask of the network.  The rule
       is 'first match, first taken'.

NETWORKS FILE EXAMPLE

       admin:192.168.19.0/29
       whole_subnet:192.168.0.0/16
       internet:0.0.0.0/0

LIMITS

       o nstreams can only parse the output of 'tcpdump -n'

       o Even though the output of nstreams is easier to read than the one of tcpdump, it is still not easily readable. Use sort(1) on the nstream
       output to get a more readable file.

       o This program could have been written in perl

FILES

       /etc/nstreams-services
       /etc/nstreams-networks

SEE ALSO

       tcpdump(1)

AUTHORS

       Concept : Herve Schauer Consultants - http://www.hsc.fr
       Coding : Renaud Deraison <deraison@cvs.nessus.org>

BUG REPORTS

       Please send all your bug reports with the detail of your configuration to Renaud Deraison <deraison@cvs.nessus.org>

nstreams							     July 1999							       nstreams(1)
All times are GMT -4. The time now is 09:51 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy