jilorunner.blogg.se

Proto Recv-Q Send-Q Local Address Foreign Address State In this case, all destination ports is UDP 123 which is NTP while the source port number is different and random. This number is random and normally bigger than 1024. In this case, the source port number chosen by your computer is 41136. Generally, clients/source address ( 192.168.1.25) set the source port number to a unique number that they choose themselves - usually based on the program that started the connection. The source port number ( 41136) serves analogues to the destination port ( 123 or NTP), but is used by the sending host ( 192.168.1.25) to help keep track of new incoming connections and existing data streams. Udp 0 0 mylinux:34255 :ntp ESTABLISHEDĪs you can see in the netstat ( network statistics) output, Proto Recv-Q Send-Q Local Address Foreign Address State

To have a feel of the difference try, I adapted your original netstat output for a possible output without -n: $netstat -a | grep ESTABLISHED You can also take the out -n, for resolving IP addresses/DNS and service names, however be aware that it introduces a noticeable lag in a machine/server with many connections (and/or with a slow DNS service). (Is your server in China? If not I would worry about possible malware) dynamic port numbers (private port numbers): The dynamic port numbers (also known as the private port numbers ) are the port number s that are available for use by any application to use in communicating with any other application, using the Internet's Transmission Control Protocol ( TCP ) or the User Datagram Protocol ( UDP ). Usually, with the majority of protocols, when the known port service is on your side (first), you usually are the server receiving the connection, and the ephemeral port is on the right side when it is the contrary, often it is your server that is using a remote service. Or else, it is your machine doing an NTP request to an NTP server in China.Īctually, all those 4 lines are connections to NTP servers in China. You can see it is the current machine using an NTP service UDP/123 on a remote server.

Linux kernels use the port range 32768 to 61000 The Internet Assigned Numbers Authority (IANA) suggests the rangeĤ9152 to 65535 (2 15+2 14 to 2 16−1) for dynamic or private ports.