Hi, > What program or possibly how can I check what service is using > which port. > I'm trying to set up Squid to use port 80 and I'm getting an > error that the port is in use first of all, Port 80 is traditionaly used by httpd. The Proxy should run on Port 8080. If you know your apache is not running, see if somebody is abusing your System or check if some wrong settings, in other services, cause these Services to use Port 80. nmap is usefull to find out which port is open, and "/etc/services" will just tell you what service should be used on that port, to find out what is going on, you need to poke a bit deeper. This shows you all Services using any kind of Port with the number "80" ##################################### cat /etc/services | grep "80" ##################################### On RH( you should get a Result like this: ##################################### http 80/tcp www www-http # WorldWideWeb HTTP http 80/udp www www-http # HyperText Transfer Protocol socks 1080/tcp # socks proxy server socks 1080/udp # socks proxy server corbaloc 2809/tcp # CORBA naming service locator amanda 10080/tcp # amanda backup services amanda 10080/udp # amanda backup services omirr 808/tcp omirrd # online mirror omirr 808/udp omirrd # online mirror canna 5680/tcp http-alt 8008/tcp http-alt 8008/udp webcache 8080/tcp # WWW caching service webcache 8080/udp # WWW caching service tproxy 8081/tcp # Transparent Proxy tproxy 8081/udp # Transparent Proxy ##################################### Pick the Service that fits to the Port you are looking for. (In this case "http") Next find out if the httpd is actualy listening on that Port: ##################################### lsof | grep http | grep LISTEN ##################################### The Output should look like this: ##################################### httpd 1373 root 3u IPv4 2817 TCP *:http (LISTEN) httpd 1373 root 4u IPv4 2818 TCP *:https (LISTEN) httpd 29710 apache 3u IPv4 2817 TCP *:http (LISTEN) httpd 29710 apache 4u IPv4 2818 TCP *:https (LISTEN) ...etc. ##################################### If it appears that the apache is using this Port, switch it of or change Squid to port 8080 and try it again. If the apache is not aktiv, poke deeper and find out more about the proccess that uses this Port. Just pick the proccess ID (the second filed in the list) and check in proc-filesystem: ##################################### ls -al /proc/1373 ------------------------------------- 1373 is a nummber assigned by my RH, you have to replace it with the PID of the proccesses you are looking for: ls -al /proc/(your pid) ##################################### At this point you are able to see the Details of the proccess, and you should know if it's an ordinary System procces that runs on port 80, or if somebody is abusing your System. For example: if apache is listening on Port 80 it should look like this. ##################################### ...>ls -al /proc/1373 total 0 dr-xr-xr-x 3 root root 0 Nov 25 13:28 . dr-xr-xr-x 92 root root 0 Nov 16 17:12 .. -r--r--r-- 1 root root 0 Nov 25 13:28 cmdline lrwxrwxrwx 1 root root 0 Nov 25 13:28 cwd -> / -r-------- 1 root root 0 Nov 25 13:28 environ lrwxrwxrwx 1 root root 0 Nov 25 13:28 exe -> /usr/sbin/httpd dr-x------ 2 root root 0 Nov 25 13:28 fd -r--r--r-- 1 root root 0 Nov 25 13:28 maps -rw------- 1 root root 0 Nov 25 13:28 mem -r--r--r-- 1 root root 0 Nov 25 13:28 mounts lrwxrwxrwx 1 root root 0 Nov 25 13:28 root -> / -r--r--r-- 1 root root 0 Nov 25 13:28 stat -r--r--r-- 1 root root 0 Nov 25 13:28 statm -r--r--r-- 1 root root 0 Nov 25 13:28 status ##################################### If you got the impression that something is wrong, or an application like "ls" owns the proccess, check this: http://www.chkrootkit.org/ Sandro -- Sandro Wabner - sandro@xxxxxxxxx - http://sandro.wabner.de/ Tel: 00 49 5271 49337 - Fax: 00 49 5271 496663 Rosenstr. 19 - 37671 Höxter PGP public key: http://sandro.wabner.de/keys/key_swabner.gpg -- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/psyche-list
