Last friday started as any other friday. I went to the office, plugged in my laptop and logged into my Fedora 7 system. Open a shell, setup a couple of environment variables, launch postgresql and start programming in Django. What a wonderful job, isn't it?

Well, it is until you get errors like this:

[lgs@portatil-lgs saludinnova]$ python runserver
Validating models...
0 errors found
Django version 0.97-pre-SVN-6670, using settings 'saludinnova.settings'
Development server is running at
Quit the server with CONTROL-C.
Error: That port is already in use.

Wait, I run the exact same command yesterday at the end of my job day and it actually worked! I immediately thought about a virus since I swear I didn't change the system in any way. Or maybe I did...

So first, I needed to know which program was using the Django sacred port: 8000. Of course I can run Django development server in another port. But that's not the point. And it's not fun!

But first let's make sure something is listening in port 8000:

[root@portatil-lgs ~]# nmap -sT -O localhost
Starting Nmap 4.20 ( ) at 2007-11-30 10:39 CET
Interesting ports on portatil-lgs (
Not shown: 1691 closed ports
22/tcp   open  ssh
25/tcp   open  smtp
111/tcp  open  rpcbind
631/tcp  open  ipp
5432/tcp open  postgres
8000/tcp open  http-alt
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux SMP (x86)
Uptime: 0.080 days (since Fri Nov 30 08:43:31 2007)
Network Distance: 0 hops

Right, http-alt, what's that?

[root@portatil-lgs ~]# ps aux | grep http-alt
root      6045  0.0  0.0   4032   752 pts/0    S+   10:40   0:00 grep http-alt
No process is called http-alt. No big surprise since it looks like a standard name not binded to a real application. Let's check the well known services:

[root@portatil-lgs ~]# cat /etc/services | grep 8000
irdmi           8000/tcp                        # iRDMI
irdmi           8000/udp                        # iRDMI
mtl8000-matrix  8115/tcp                        # MTL8000 Matrix
mtl8000-matrix  8115/udp                        # MTL8000 Matrix
biimenu         18000/tcp                       # Beckman Instruments, Inc.
biimenu         18000/udp                       # Beckman Instruments, Inc.
nxlmd           28000/tcp                       # NX License Manager
nxlmd           28000/udp                       # NX License Manager
nimcontroller   48000/tcp                       # Nimbus Controller
nimcontroller   48000/udp                       # Nimbus Controller

Still no clue of what's going on. Let's try netstat:

[root@portatil-lgs ~]# netstat -anp | grep 8000
tcp        0      0    *                   LISTEN      2333/nasd
Aha! I got you nasd daemon! Whatever you are.

[root@portatil-lgs ~]# which nasd
[root@portatil-lgs ~]# rpm -qf /usr/bin/nasd
[root@portatil-lgs ~]# yum remove nas
Dependencies Resolved
Package                 Arch       Version          Repository        Size
nas                     i386       1.9.1-2.fc7      installed         1.3 M
Removing for dependencies:
qt4-x11                 i386       4.3.2-4.fc7      installed          16 M
skype                   i586    installed          15 M

Finally I see the guilty program: it was Skype (well, one of its dependencies, a sound server), which I installed on thursday night to speak with my sister, who lives in Slovaquia. So it looks like I actually changed my system but I really couldn't think about this kind of side effects. Fortunately my box is full of tools to help my damaged brain repair this tiny little problems :-)