In Linux, a port is a logical connection point for transmitting data between a client and a server. To ensure the security and functionality of a system, it is important to know which ports are open and listening for incoming connections. Ports are identified by a number, ranging from 0 to 65535.
There are three categories of ports in a Linux system:
- Well-known ports: These are the ports that are reserved for specific services and are assigned by the Internet Assigned Numbers Authority (IANA). Some examples of well-known ports are 22 for SSH, 80 for HTTP, and 443 for HTTPS.
- Registered ports: These are the ports that are registered with the IANA for specific purposes but are not reserved for specific services. These ports are typically used by specific applications or protocols.
- Dynamic and/or private ports: These are the ports that are not reserved or registered with the IANA and can be used by any application or protocol. These ports are typically used for temporary or ephemeral connections.
In this article, we will cover several methods for checking open ports in Linux.
How to Check Open Ports in Linux
To check open or listening ports in Linux, you can use the `netstat`
, `ss`
, `lsof`
, and `nmap`
commands.
- Using the
`netstat`
CommandThe
`netstat`
command is a utility that displays network connections, routing tables, and a variety of network statistics. To check open ports in Linux with`netstat`
, follow these steps:Open a terminal window and run the following command:
sudo netstat -tulpn
The
-t
flag displays TCP connections, the-u
flag displays UDP connections, the`-l`
flag displays listening sockets, the`-p`
flag displays the PID and name of the process, and the`-n`
flag displays numerical addresses instead of symbolic names.OutputProto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 534/sshd: /usr/sbin tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 347/systemd-resolve tcp6 0 0 :::80 :::* LISTEN 245266/apache2 tcp6 0 0 :::22 :::* LISTEN 534/sshd: /usr/sbin udp 0 0 0.0.0.0:5353 0.0.0.0:* 409/avahi-daemon: r udp 0 0 0.0.0.0:52848 0.0.0.0:* 409/avahi-daemon: rThe output of the command will show a list of open ports and the corresponding processes.
- Using the
`lsof`
CommandThe
`lsof`
command is a utility that lists open files on a system. To check open ports in Linux with lsof, follow these steps:Open a terminal window and run the following command:
sudo lsof -i
The
-i
flag specifies the Internet address of a file.OutputCOMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME systemd-r 347 systemd-resolve 13u IPv4 25561 0t0 UDP 127.0.0.53:domain systemd-r 347 systemd-resolve 14u IPv4 25562 0t0 TCP 127.0.0.53:domain (LISTEN) avahi-dae 409 avahi 12u IPv4 26700 0t0 UDP *:mdns avahi-dae 409 avahi 14u IPv4 26702 0t0 UDP *:52848 sshd 534 root 3u IPv4 27554 0t0 TCP *:ssh (LISTEN) sshd 534 root 4u IPv6 27589 0t0 TCP *:ssh (LISTEN) sshd 4675 root 4u IPv4 136177 0t0 TCP 192.168.1.210:ssh->192.168.1.10:52623 (ESTABLISHED) apache2 245266 root 4u IPv6 686069 0t0 TCP *:http (LISTEN) apache2 245269 www-data 4u IPv6 686069 0t0 TCP *:http (LISTEN)The output of the command will show a list of open ports and the corresponding processes.
You can also check for the specific port number:
sudo lsof -i :80
- Using the
`ss`
commandThe
`ss`
command is a utility that displays network sockets and their associated connections. To check open ports in Linux with`ss`
, follow these steps:Open a terminal window and run the following command:
ss -tulpn
The
`-t`
flag displays TCP connections, the`-u`
flag displays UDP connections, the`-l`
flag displays listening sockets, the`-p`
flag displays the PID and name of the process, and the`-n`
flag displays numerical addresses instead of symbolic names.The output of the command will show a list of open ports and the corresponding processes.
- Using the
`nmap`
CommandThe
`nmap`
command is a utility that scans networks for hosts and services. To check open ports in Linux with`nmap`
, follow these steps:Open a terminal window and run the following command:
nmap -p- localhost
The
`-p-`
flag specifies a range of ports to scan. The`-`
indicates that all ports should be scanned.The `localhost` argument specifies the target host to scan.
The output of the command will show a list of open ports on the target host.
Conclusion
In this article, we covered several methods for checking open ports in Linux. We covered using the `netstat`
, `ss`
, `lsof`
, and `nmap`
commands to display a list of open ports and the corresponding processes. By using these methods, you can easily check open ports on your Linux system.
I hope this helps you understand how to check open ports in Linux. If you have any further questions, please don’t hesitate to ask.