01-10-2017
I don't see MSSQL mentioned earlier and I missed the point about them being
Gateway as opposed to plain database listeners, but how about this suggestion:-
- Select a range of ports that are free
- Define them in /etc/services quoting the database name (DA, DB, DC, DD etc.)
- As the listener starts, it reads /etc/services and starts on a fixed port number, reporting failures however you choose, e.g. syslog, email, sms, console, 3rd party tools etc.
That way you know the ports should be allocated to just your service. If you start them at boot, then one would think that they should still be free. if something else is grabbing one, then find out why and/or change
/etc/services to move your service to a new port. It's not foolproof because not everything respects
/etc/services but it's a good place to start and many network tools (e.g.
netstat &
lsof) do, making their output more meaningful.
You could even (if your databases are using a sequential naming system) make the port numbers obvious and predictable, e.g. DA is port 13001, DB is port 13002, etc. This would give your clients wanting to connect a consistent port to connect to.
Would that help?
Robin
This User Gave Thanks to rbatte1 For This Post:
9 More Discussions You Might Find Interesting
1. Cybersecurity
/* Linux Slackware */
Nmap shows the following ports open on the gateway.
21/tcp ftp
22/tcp ssh
23/tcp telnet
25/tcp smtp
37/tcp time
80/tcp http
113/tcp auth
515/tcp printer
587/tcp submission
1024/tcp kdm
6000/tcp x11
-------------------------------
i would like to close as... (10 Replies)
Discussion started by: LowOrderBit
10 Replies
2. Shell Programming and Scripting
Hello, i need a script (bash type maybe?..), which would check open ports on 127.0.0.1 and then compare open ports with "registered/allowed" port list and try to kill the program who uses unregistered ports. It would be great that script would be started lets say every 5 or 10 minutes.
You see i... (2 Replies)
Discussion started by: MorchiuS
2 Replies
3. Shell Programming and Scripting
i'd like to grep a range of ports on a netstat -nt output, localaddress, say :1 to :1023. how do i do it via sed/awk/grep?
Thanks,
Marc (1 Reply)
Discussion started by: marcpascual
1 Replies
4. UNIX for Dummies Questions & Answers
Hello,
I have a number of Solaris 8 Sun servers that have open ports that I cannot identify. I see some with 1012-1020 (which are reserved ports according to the IANA. Lsof does not identify these. One server has all these on and one server just has 1017.
*.1023 ... (3 Replies)
Discussion started by: csross
3 Replies
5. Solaris
Hello,
I have a number of Solaris 8 Sun servers that have open ports that I cannot identify. I see some with 1013-1023 (which are reserved ports according to the IANA. Lsof does not identify these. I rebooted the server and they went off, but this morning I saw they were all back on again. Any... (1 Reply)
Discussion started by: csgonan
1 Replies
6. Shell Programming and Scripting
My requirement is
I need to write a program in shell scripting to check 2 TCP unused unique port numbers in SOLARIS and I have to lock the same ports so that it will not be used in any other new process and the same port numbers should be used and locked in the LINUX machine to communicate... (2 Replies)
Discussion started by: sreeramr30
2 Replies
7. Solaris
hi guys,
may i know the exact steps to open a port in solaris.i have some rough idea - which is adding the port number in /etc/services.
but i am not sure the correct conventions, steps or any other steps.
kindly advise.thanks guys ! (1 Reply)
Discussion started by: cromohawk
1 Replies
8. AIX
We have a system and we have modified the /etc/ind.conf and the
/etc/services and the /etc/rc.tcpip file to turn off specific applications.
I need to know what is the correct procedure for locking down unused
ports that still appear to be in a listen mode even... (1 Reply)
Discussion started by: admaix
1 Replies
9. Shell Programming and Scripting
Hello,
I have a file with multiple columns of which the first two columns are like
a1_144601_144650 ABC_yellow_144608_16785
a1_144651_144700 ABC_yellow_144608_16785
a1_144701_144751 ABC_yellow_144608_16785
So Based on column 1 (red values) I need to check if its falling in... (3 Replies)
Discussion started by: Diya123
3 Replies
LEARN ABOUT SUSE
services
SERVICES(5) Linux Programmer's Manual SERVICES(5)
NAME
services - Internet network services list
DESCRIPTION
services is a plain ASCII file providing a mapping between human-friendly textual names for internet services, and their underlying
assigned port numbers and protocol types. Every networking program should look into this file to get the port number (and protocol) for
its service. The C library routines getservent(3), getservbyname(3), getservbyport(3), setservent(3), and endservent(3) support querying
this file from programs.
Port numbers are assigned by the IANA (Internet Assigned Numbers Authority), and their current policy is to assign both TCP and UDP proto-
cols when assigning a port number. Therefore, most entries will have two entries, even for TCP-only services.
Port numbers below 1024 (so-called "low numbered" ports) can only be bound to by root (see bind(2), tcp(7), and udp(7)). This is so
clients connecting to low numbered ports can trust that the service running on the port is the standard implementation, and not a rogue
service run by a user of the machine. Well-known port numbers specified by the IANA are normally located in this root-only space.
The presence of an entry for a service in the services file does not necessarily mean that the service is currently running on the machine.
See inetd.conf(5) for the configuration of Internet services offered. Note that not all networking services are started by inetd(8), and
so won't appear in inetd.conf(5). In particular, news (NNTP) and mail (SMTP) servers are often initialized from the system boot scripts.
The location of the services file is defined by _PATH_SERVICES in <netdb.h>. This is usually set to /etc/services.
Each line describes one service, and is of the form:
service-name port/protocol [aliases ...]
where:
service-name
is the friendly name the service is known by and looked up under. It is case sensitive. Often, the client program is named
after the service-name.
port is the port number (in decimal) to use for this service.
protocol is the type of protocol to be used. This field should match an entry in the protocols(5) file. Typical values include tcp and
udp.
aliases is an optional space or tab separated list of other names for this service. Again, the names are case sensitive.
Either spaces or tabs may be used to separate the fields.
Comments are started by the hash sign (#) and continue until the end of the line. Blank lines are skipped.
The service-name should begin in the first column of the file, since leading spaces are not stripped. service-names can be any printable
characters excluding space and tab. However, a conservative choice of characters should be used to minimize compatibility problems. E.g.,
a-z, 0-9, and hyphen (-) would seem a sensible choice.
Lines not matching this format should not be present in the file. (Currently, they are silently skipped by getservent(3), getservby-
name(3), and getservbyport(3). However, this behavior should not be relied on.)
This file might be distributed over a network using a network-wide naming service like Yellow Pages/NIS or BIND/Hesiod.
A sample services file might look like this:
netstat 15/tcp
qotd 17/tcp quote
msp 18/tcp # message send protocol
msp 18/udp # message send protocol
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp 21/tcp
# 22 - unassigned
telnet 23/tcp
FILES
/etc/services
The Internet network services list
<netdb.h>
Definition of _PATH_SERVICES
SEE ALSO
listen(2), endservent(3), getservbyname(3), getservbyport(3), getservent(3), setservent(3), inetd.conf(5), protocols(5), inetd(8)
Assigned Numbers RFC, most recently RFC 1700, (AKA STD0002)
COLOPHON
This page is part of release 3.25 of the Linux man-pages project. A description of the project, and information about reporting bugs, can
be found at http://www.kernel.org/doc/man-pages/.
Linux 2010-05-22 SERVICES(5)