Whilst trying to reboot a stubborn server I couldn’t reach from the admin panel, I noticed with nmap that there is an extra port 60910 that appears to be opened on my droplet. However I can only see this port externally and not from within the droplet itself.

From inside droplet:

Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-27 16:18 EST
Nmap scan report for example.com (xxx.xxx.xxx.xxx)
Host is up (0.00090s latency).
Not shown: 65529 closed ports
PORT      STATE SERVICE
25/tcp    open  smtp
80/tcp    open  http
443/tcp   open  https

From outside droplet:


Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-27 16:00 EST
Nmap scan report for example.com (xxx.xxx.xxx.xxx)
Host is up (0.038s latency).
Not shown: 65528 filtered ports
PORT      STATE SERVICE
25/tcp    open  smtp
80/tcp    open  http
443/tcp   open  https
60910/tcp open  unknown

It appears to be an SSH daemon running on that port since it asks me to confirm an ED25519 key fingerprint, but does not accept the private key I have set up on my droplet’s usual SSH port.

I attempted to find documentation on this but couldn’t find any. I’m assuming this is used for maintenance on the hypervisor, but wanted to know exactly what it was used for and make sure that others can’t use that to access my droplet without my knowledge?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hello,

You can also use netstat to see what service is listening on this port. To make netstat available on your system simply install the net-tools package using the bellow command:

Ubuntu

sudo apt-get install net-tools

CentOS

yum install net-tools

Then you can run the netstat command to show you what’s listening on the port:

netstat -plunt | grep 60910

You will then see the exact service that is using the port. Let me know if you have any questions.

Alex

Submit an Answer