Scribd
Upload
118 views2 pages

Finding Process Id

This document provides instructions for finding the process ID (PID) associated with open network ports on an AIX system using the lsof utility. It explains that netstat can show open ports but not the corresponding PID, while lsof treats open ports as files and shows the PID. A sample shell script is provided that uses netstat and lsof to output all open ports and their associated PIDs.

Uploaded by

larje
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
118 views2 pages

Finding Process Id

This document provides instructions for finding the process ID (PID) associated with open network ports on an AIX system using the lsof utility. It explains that netstat can show open ports but not the corresponding PID, while lsof treats open ports as files and shows the PID. A sample shell script is provided that uses netstat and lsof to output all open ports and their associated PIDs.

Uploaded by

larje
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Finding Process ID (PID) for open network port

Abstract: The command 'netstat -a' lists all the open network ports on the system, but
sometimes it is hard to correlate these port numbers to the actual processes that are
associated with the network traffic. This simple how to provides an easy method to look at
the process ID's associated with each network port using the public domain utility lsof.

How can I find the AIX PID associated with open network connections?

This can be done quite easily with a small shell script and the utility 'lsof'. This utility can be
obtained from the Linux Toolkit for AIX CD, The AIX toolbox for Linux on the web at
http://www.ibm.com/servers/aix/products/aixos/linux/ , or from ftp://vic.cc.purdue.edu/pub/

With this utility you can get process information for any open file and the ports are treated by
UNIX as open files. To look at the process information for say port

lsof -i | grep 5901


Xvnc 33152 jwtesch 6u IPv4 0x7006d1f0 0t0 TCP *:5901 (LISTEN)
This can be useful if you find a port with a lot of network traffic that may be hurting the
performance, but don't know the process that is using the port.

For a complete list of all the processes that are using the network you can use the following
script.

Shell script source

#!/bin/ksh
#script title=/tmp/port-process.ksh
netstat -a|grep LISTEN|awk '{print $4}'>/tmp/port.list
for PORT in `cat /tmp/port.list`
do
/usr/sbin/lsof -i | grep $PORT
done
echo "script exection $0 completed"

Sample Output

inetd 12540 root 11u IPv4 0x701ef9f0 0t0 TCP *:daytime (LISTEN)
inetd 12540 root 14u IPv4 0x701e8400 0t0 UDP *:daytime
inetd 12540 root 4u IPv6 0x7006e9f0 0t0 TCP *:ftp (LISTEN)
sshd 10944 root 3u IPv4 0x7006ddf0 0t0 TCP *:ssh (LISTEN)
inetd 12540 root 5u IPv6 0x701ecdf0 0t0 TCP *:telnet (LISTEN)
sendmail 33648 root 9u IPv4 0x704159f0 0t0 TCP *:smtp (LISTEN)
inetd 12540 root 12u IPv4 0x701ef5f0 0t0 TCP *:time (LISTEN)
inetd 12540 root 15u IPv4 0x701e8700 0t0 UDP *:time
httpd 9322 nobody 16u IPv4 0x703535f0 0t0 TCP *:www (LISTEN)
httpd 11100 root 16u IPv4 0x703535f0 0t0 TCP *:www (LISTEN)
snmpdv3ne 16336 root 10u IPv4 0x7006e5f0 0t0 TCP *:smux (LISTEN)
db2sysc 20648 ldapdb2 48u IPv4 0x702f15f0 0t0 TCP *:ldapdb2svc
(LISTEN)
slapd 37666 ldap 19u IPv4 0x702b5df0 0t0 TCP *:ldap (LISTEN)
inetd 12540 root 8u IPv6 0x701ec1f0 0t0 TCP *:login (LISTEN)
inetd 12540 root 6u IPv6 0x701ec9f0 0t0 TCP *:shell (LISTEN)
lpd 5700 root 3u IPv4 0x702cadf0 0t0 TCP *:printer (LISTEN)
inetd 12540 root 9u IPv4 0x701efdf0 0t0 TCP *:klogin (LISTEN)
inetd 12540 root 7u IPv4 0x701ec5f0 0t0 TCP *:kshell (LISTEN)
rmcd 18598 root 10u IPv4 0x702ca9f0 0t0 TCP *:rmc (LISTEN)
writesrv 8858 root 3u IPv4 0x702675f0 0t0 TCP *:writesrv
(LISTEN)
httpdlite 17808 imnadm 3u IPv4 0x702671f0 0t0 TCP loopback:49213
(LISTEN)
httpd 9322 nobody 4u IPv4 0x703389f0 0t2966 TCP loopback:1022-
>loopback:995 (ESTABLISHED)
secldapcl 24342 root 3u IPv4 0x70324df0 0t0 TCP loopback:995
(LISTEN)
secldapcl 24342 root 12u IPv4 0x7032a5f0 0t3106 TCP loopback:995-
>loopback:1023 (ESTABLISHED)
httpd 33496 nobody 4u IPv4 0x703389f0 0t2966 TCP loopback:1022-
>loopback:995 (ESTABLISHED)
sendmail 33648 root 5u IPv4 0x702d21f0 0t52 TCP loopback:1016-
>loopback:995 (ESTABLISHED)
ksh 35098 root 6u IPv4 0x7035f5f0 0t2966 TCP loopback:1021-
>loopback:995 (ESTABLISHED)
sshd 42418 jwtesch 3u IPv4 0x7031ddf0 0t3106 TCP loopback:1023-
>loopback:995 (ESTABLISHED)
httpd 42912 nobody 4u IPv4 0x703389f0 0t2966 TCP loopback:1022-
>loopback:995 (ESTABLISHED)
Xvnc 33152 jwtesch 7u IPv4 0x703f69f0 0t0 TCP *:5801 (LISTEN)
Xvnc 33152 jwtesch 6u IPv4 0x7006d1f0 0t0 TCP *:5901 (LISTEN)
X 2950 root 8u IPv4 0x70075df0 0t0 TCP *:6000 (LISTEN)
Xvnc 33152 jwtesch 4u IPv4 0x702899f0 0t0 TCP *:6001 (LISTEN)
inetd 12540 root 16u IPv4 0x701ef1f0 0t0 TCP *:dtspc (LISTEN)
X 2950 root 6u IPv4 0x701eadf0 0t0 TCP *:32768 (LISTEN)
dtlogin 3188 root 6u IPv4 0x701eadf0 0t0 TCP *:32768 (LISTEN)
inetd 12540 root 19u IPv4 0x701ee9f0 0t0 TCP *:32769 (LISTEN)
rpc.ttdbs 29676 root 0u IPv4 0x701ee9f0 0t0 TCP *:32769 (LISTEN)
snmpdv3ne 16336 root 8u IPv4 0x7006edf0 0t0 TCP *:32770 (LISTEN)
inetd 12540 root 18u IPv4 0x701f4e00 0t0 UDP *:32776
ttsession 28176 jwtesch 5u IPv4 0x702f95f0 0t0 TCP *:32796 (LISTEN)
dtsession 7874 jwtesch 11u IPv4 0x703f31f0 0t0 TCP *:32800 (LISTEN)
dtwm 29930 jwtesch 11u IPv4 0x703ea5f0 0t0 TCP *:32803 (LISTEN)
dtexec 34864 jwtesch 5u IPv4 0x703f79f0 0t0 TCP *:32964 (LISTEN)
inetd 12540 root 17u IPv4 0x701eedf0 0t0 TCP *:wsmserver
(LISTEN)
script exection portproc.sh completed

You might also like