TCP port 32768?

When I use netstat to check about the opened ports, I found this:

netstat -tlnpe Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN 0 16493 -

I'm shocked, what's this port? Hacked?

Then, I checked /proc/net/tcp:

sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:8000 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 16493 1 cd672000 3000 0 0 2 -1

I think, may be just opened by kernel, but why?

Just for save, I goggled about this and found this interesting thread! hm... rpc

What happen?

I used to mount a few NFS shared directory from another box, hence, the nlockmgr of RPC is always running and listening of port 32768. nlockmgr is a RPC service which is used for NFS lock recovery when machine crashed or reboot.

This time, I learn the usefulness of this commands :)

$ lsof -i tcp:32768 $ fuser -v -n tcp 32768 $ rpcinfo -p 127.0.0.1