Get Information about All Running Services Remotely

Posted on in Categories Debian Linux, FreeBSD, Gentoo Linux, Hardware, Howto, Linux last updated January 29, 2008

From my mailbag the other day I received an interesting suggestion about obtaining information regarding all running process and network connections remotely using inetd / xinetd :

SSH client can be used to execute a command(s) on a remote UNIX box. Same technique can be used to get current network and system information using netstat information:
ssh [email protected] netstat -a
ssh [email protected] netstat -tulpn

He suggests that above command can be run via inetd / xinetd so that admin can connect easily and get information using telnet from 100s UNIX boxes. All you have to do is open /etc/inetd.conf under UNIX / Linux:
# vi /etc/inetd.conf
Append following line:
netstat stream tcp nowait root /bin/netstat netstat -a
Restart inetd:
# /etc/init.d/openbsd-inetd restart
Next, use telnet to connect to the netstat service (port 15) and get network connection information:
$ telnet server-name netstat
$ telnet 192.168.1.5 15
Output:

Trying 192.168.1.5...
Connected to 192.168.1.5.
Escape character is '^]'.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 *:6881                  *:*                     LISTEN
tcp        0      0 *:6081                  *:*                     LISTEN
tcp        0      0 *:nfs                   *:*                     LISTEN
tcp        0      0 localhost:6082          *:*                     LISTEN
tcp        0      0 *:54053                 *:*                     LISTEN
tcp        0      0 *:59275                 *:*                     LISTEN
tcp        0      0 *:netstat               *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
tcp        0      0 localhost:webcache      *:*                     LISTEN
tcp        0      0 *:43218                 *:*                     LISTEN
tcp        0      0 *:domain                *:*                     LISTEN
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp        0      0 *:telnet                *:*                     LISTEN
tcp        0      0 *:3128                  *:*                     LISTEN
tcp        0      0 localhost:smtp          *:*                     LISTEN
tcp        0      1 vivek-desktop.loc:48925 bas4-kitchener06-:56662 SYN_SENT
tcp        0      0 vivek-desktop.loc:54791 customer5673.pool:16273 ESTABLISHED
tcp        0      0 vivek-desktop.loc:38398 59.94.1xx.yy:45483      ESTABLISHED
tcp        0      0 vivek-desktop.loc:42048 60.21.zz.yyy:23235       ESTABLISHED
...........
....
....
unix  3      [ ]         STREAM     CONNECTED     15973
unix  3      [ ]         STREAM     CONNECTED     15947    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     15946
unix  3      [ ]         STREAM     CONNECTED     15936    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     15935
unix  2      [ ]         DGRAM                    15931
unix  3      [ ]         STREAM     CONNECTED     15916
unix  3      [ ]         STREAM     CONNECTED     15915
unix  2      [ ]         DGRAM                    15906
Connection closed by foreign host.

There are few problems with this solution:
a] Unnecessary service running at port # 15

b] Telnet protocol is not secure

c] I strongly recommend using ssh and password-less login for scripts to obtain this kind of information:
ssh [email protected] netstat -a
ssh [email protected] df -H
ssh [email protected] free -m
ssh [email protected] /path/to/script.pl

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 0 comments/add one below):

Leave a Comment

Tagged as: Tags , , , , ,