When I check my system today, I noticed a weird output from netstat’s output,
joseph# sudo netstat -lnpt | grep 60023 tcp 0 0 0.0.0.0:60023 0.0.0.0:* LISTEN -
There is no process attached to an open port. I used different command to try to address the process that attaches to this port, but all failed.
After searching around, I realized it’s an port opened by kernel, that’s why it won’t show up with program name. For the port like this, it may relate to NFS and OCFS stuff, or something like that, or it could be a kernel bug. If you need to find more details, check kernel logs for OOPS and bug.
A nmap scan help me confirm my guess,
# nmap -sV -p 60023 localhost Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2014-07-03 07:32 GMT Interesting ports on localhost.localdomain (127.0.0.1): PORT STATE SERVICE VERSION 60023/tcp open rpc Nmap finished: 1 IP address (1 host up) scanned in 6.154 seconds