- Kali Linux Tutorial
- Kali Linux - Home
- Installation & Configuration
- Information Gathering Tools
- Vulnerability Analyses Tools
- Kali Linux - Wireless Attacks
- Website Penetration Testing
- Kali Linux - Exploitation Tools
- Kali Linux - Forensics Tools
- Kali Linux - Social Engineering
- Kali Linux - Stressing Tools
- Kali Linux - Sniffing & Spoofing
- Kali Linux - Password Cracking Tools
- Kali Linux - Maintaining Access
- Kali Linux - Reverse Engineering
- Kali Linux - Reporting Tools
- Kali Linux Useful Resources
- Kali Linux - Quick Guide
- Kali Linux - Useful Resources
- Kali Linux - Discussion
Finding the PID of the Process Using a Specific Port
Introduction
In the world of Linux, processes play a crucial role in enabling software programs to function efficiently. Each running application or task on a computer system is assigned a distinct process identification number (PID) that serves as a unique identifier to differentiate it from any other active process running on the same system. Similarly, every network connection in a computer system is associated with a specific port number that helps identify the source and destination of the data transfer. In some cases, it may be necessary to find the PID of a process that is using a particular port. In this article, different techniques will be discussed to identify the process identification number (PID) of a process utilizing a particular port in a Linux operating system.
Obtaining Detailed Information with Root User
The root users only obtain the detailed information of the process in Linux.
$ sudo su [sudo] password for papan: Enter your own password
Now you entered in Linux as a root user. If you want to exit from root user just simply type ‘exit’.
Using Netstat for Network Troubleshooting
Netstat is a command-line tool that is used to display active network connections and related statistics in a Linux system. It is a powerful and versatile utility that provides detailed information about network activity on the system, making it a valuable tool for network troubleshooting and analysis.
To utilize 'netstat', open a terminal window and input the ensuing command.
$ netstat -ltnup Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 689/systemd-resolve tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 754/cupsd tcp6 0 0 ::1:631 :::* LISTEN 754/cupsd udp 0 0 127.0.0.53:53 0.0.0.0:* 689/systemd-resolve udp 0 0 0.0.0.0:5353 0.0.0.0:* 746/avahi-daemon: r udp 0 0 0.0.0.0:631 0.0.0.0:* 856/cups-browsed udp 0 0 0.0.0.0:36761 0.0.0.0:* 746/avahi-daemon: r udp6 0 0 :::5353 :::* 746/avahi-daemon: r udp6 0 0 :::40743 :::* 746/avahi-daemon: r
Here is a breakdown of the various parts of the command −
'netstat' − This is the main command, which is used to display network-related information.
'-l' − This option is used to show only listening sockets. It means that the command will display only the active connections that are listening for incoming connections.
'-t' − This option is used to show only TCP connections. It means that the command will display only the active TCP connections.
'-n' − This option is used to display IP addresses and port numbers in numerical form instead of resolving them to host and service names.
'-u' − This option is used to show only UDP connections. It means that the command will display only the active UDP connections.
'-p' − This option is used to show the PID and process name that is using the connection.
Therefore, the full command 'netstat -ltnup' will display a list of all the active TCP and UDP connections that are listening on a system, along with their IP addresses and port numbers, and the process identification number (PID) and process name that is using the connection. This command is useful for troubleshooting network-related issues and identifying which processes are using specific network ports.
Let’s take one port as an example for better understanding.
$ netstat -ltnup | grep ':36761' udp 0 0.0.0.0:36761 0.0.0.0:* 746/avahi-daemon: r
Using the ss Linux utility Command
The ss command is a Linux utility that provides detailed information about active network connections. To find the PID of a process using a specific port, we can use the following command −
$ ss -ltnup 'sport = :36761'
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 0.0.0.0:36761 0.0.0.0:* users:(("avahi-daemon",pid=746,fd=14))
Using the lsof Command
The lsof command (short for "list open files") is a powerful Linux utility that allows users to retrieve information about open files, including network connections. To find the PID of a process using a specific port, we can use the following command −
$ lsof -i :36761 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME avahi-dae 746 avahi 14u IPv4 39187 0t0 UDP *:36761
Using the fuser Command
The fuser command is a Linux utility that allows users to identify processes that are using a specific file or directory. To find the PID of a process using a specific port, we can use the following command −
$ fuser 36761/udp 36761/udp: 746
Another example using fuser command.
$ fuser 5353/udp 5353/udp: 746
we can pass the “-v” option to the fuser command to see more details about the ports.
$ fuser -v 36761/udp USER PID ACCESS COMMAND 36761/udp: avahi 746 F.... avahi-daemon
We can utilize the fuser command to obtain information about multiple running processes on TCP or UDP ports simultaneously.
$ fuser -v 36761/udp 631/tcp USER PID ACCESS COMMAND 36761/udp: avahi 746 F.... avahi-daemon 631/tcp: root 754 F.... cupsd
Exit from Root User
If you want to exit from root user just simply type ‘exit’.
root@ubuntu:/home/papan# exit exit papan@ubuntu:~$
Conclusion
In conclusion, the PID of a process using a specific port is an essential piece of information for troubleshooting network-related issues in Linux. This article encompasses an overview of various techniques that can be employed to determine the process identification number (PID) of a process that is utilizing a specific port in a Linux operating system. Each of these methods has its advantages and disadvantages, and users can choose the method that best suits their needs. By using these methods, users can easily identify the process responsible for a particular network connection and take appropriate actions to resolve any issues.
- Related Articles
- Kill a process running on a specific port?
- How to check whether a process with a given PID is running
- How to get the specific process(es) information using PowerShell?
- How to get the port number of the processes using PowerShell?
- Finding number of occurrences of a specific string in MySQL?
- How to stop the specific instance of the process in PowerShell?
- Finding content of arrays on the basis of specific property in JavaScript?
- Finding two closest elements to a specific number in an array using JavaScript
- Finding the length of the diagonal of a cuboid using JavaScript
- How to open a port in the Windows Operating System using PowerShell?
- Finding a specific item in subdocument with MongoDB?
- Finding the k-prime numbers with a specific distance in a range in JavaScript
- Finding how many time a specific letter is appearing in the sentence using for loop, break, and continue - JavaScript
- Finding the date at which money deposited equals a specific amount in JavaScript
- Finding the multiples of a number in a given list using NumPy
