One day, I was unable to start a java server (Sonar) on port 9000. It turns out something was already listening:
sudo netstat -an | grep 9000 tcp4 0 0 127.0.0.1.9000 *.* LISTEN tcp4 0 0 127.0.0.1.49155 127.0.0.1.9000 CLOSE_WAIT tcp4 0 0 127.0.0.1.9000 127.0.0.1.49155 FIN_WAIT_2
To find out exactly what was listening:
sudo lsof -i TCP:9000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME SecureCli 279 bone 13u IPv4 0x081e5b18 0t0 TCP localhost:49155->localhost:cslistener (CLOSE_WAIT) SR_Servic 613 root 68u IPv4 0x081e6b58 0t0 TCP localhost:cslistener (LISTEN)
Google didn't turn up and info on cslistener. So, I hunted down the process. To locate the command and kill it:
locate SR_Service /opt/CPsrsc-50/bin/SR_Service
A quick read of the copyright in /opt/CPsrsc-50 revealed that the culprit was Checkpoint firewall. Sure enough, a quick uninstall of Checkpoint and 9000 was happily available.
Hopefully this helps people that can't track down cslistener.