You are not logged in.

#1 2014-10-06 22:00:42

danleeca
Member
Registered: 2014-10-06
Posts: 1

Trying to figure out why ports are open for systemd processes

Output of my "netstat -nlp"

[root@server ~]# netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2159/sshd
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      2060/mysqld
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      2168/systemd-resolv
tcp6       0      0 :::80                   :::*                    LISTEN      4460/nginx: master
tcp6       0      0 :::22                   :::*                    LISTEN      2159/sshd
tcp6       0      0 :::443                  :::*                    LISTEN      4460/nginx: master
tcp6       0      0 :::5355                 :::*                    LISTEN      2168/systemd-resolv
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 IP4:68                  0.0.0.0:*                           2078/systemd-networ
udp        0      0 127.0.0.1:123           0.0.0.0:*                           4491/ntpd
udp        0      0 0.0.0.0:5355            0.0.0.0:*                           2168/systemd-resolv
udp6       0      0 ::1:123                 :::*                                4491/ntpd
udp6       0      0 :::5355                 :::*                                2168/systemd-resolv
raw6       0      0 :::58                   :::*                    7           2078/systemd-networ

Why are ports 5355, 58, and 68 being listened to/open ?

Please let me know if any additional information is needed, it is the latest version or arch linux and fully updated as of this post.

Offline

#2 2014-10-07 16:54:49

HiImTye
Member
From: Halifax, NS, Canada
Registered: 2012-05-09
Posts: 1,072

Re: Trying to figure out why ports are open for systemd processes

I'm not sure what they're specifically for, but those are loopback ports

Offline

#3 2014-10-08 08:21:37

rsmarples
Member
Registered: 2009-05-12
Posts: 287

Re: Trying to figure out why ports are open for systemd processes

68 is for BOOTP/DHCP. Why it needs so many open is beyond me - dhcpcd just has the one global 68 open for any amount of interfaces.
The other two ports don't look like anything network setup related should have open.

I would file a ticket with systemd upstream.

Offline

#4 2015-01-17 08:35:19

nponeccop
Member
Registered: 2011-09-05
Posts: 17

Re: Trying to figure out why ports are open for systemd processes

5355 is for LLMNR which can be disabled by systemd-networkd or systemd-resolved configuration.

Offline

#5 2016-01-06 23:28:55

ArgylePwnage
Member
Registered: 2014-12-24
Posts: 8

Re: Trying to figure out why ports are open for systemd processes

I know this is an old post, but it just helped me. If you're trying to disable LLMNR the following steps will accomplish this.
1) edit /etc/systemd/resolved.conf
2) set LLMNR=0
3) Restart the service.  systemctl restart systemd-resolved.service

Offline

Board footer

Powered by FluxBB