Q

The meaning of "port already in use"

When accessing a network from a remote location, does "port already in use" indicate a sniffer/hacker? If not,...

what does it mean?

It means that there is a process already using a TCP or UDP port. It could be a backdoor, or it could simply be some server running on the machine. You need to find out what it is. To get some handle on it, I recommend running "netstat ?na" on Unix or Windows. It will show you the listening ports. Look for the one used by the program you are trying to run that gives you the "port already in use" error. To find out what is normally supposed to listen on that port, consult this list of well-known port numbers. Then, use a program like Inzider for Windows or lsof for Linux to determine what program is listening on the port. Then, investigate that program. What is it? Did you install it on the box? If not, you may want to disable it. But, be careful; you?re production environment may depend on it.


For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Infrastructure and network security


This was last published in July 2002

Dig Deeper on Security Resources

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close