Ports

How to Check Open Ports in Linux

by Kiran kumarin LINUXon Posted on

Network ports are standardized number identifiers that allow devices to use one IP address to handle multiple network requests simultaneously. Since there are 65535 port numbers, keeping a record of which ports are in use can be challenging.

Prerequisites

  • A Linux distribution installed on a computer.
  • Administrative access to the command line.

What Is a Listening Port?

Applications and services use listening ports to listen for incoming network requests. Each listening port is tied to an IP address and a communication protocol such as TCP or UDP.

Depending on the network setup, listening ports can be open or closed.

  • Open ports accept outside connections using the correct protocol.
  • Closed ports do not accept all the connections. They communicate with a predetermined outside service or application while a firewall blocks other attempted connections.

One listening port tied can host only one service. For instance, if there is a VPS server on the system that already uses port 80, any other installed hosting server will have to use a different, non-default port number.

How to Check Open Ports in Linux?

Linux users can check open ports using multiple available networking tools. Each tool displays the same results, but the output format and the amount of information vary.

The following sections provide instructions for checking open ports using lsofnetstatssNmap, and netcat utilities.

There are few ways to check Open Ports in Linux below is the most and widely used steps and commands,

Check Ports via lsof Command

The lsof command allows users to list the programs that utilize listening ports and daemons that maintain active network connections.

Use the lsof command to:

Display a list of ports in use:

sudo lsof -nP -iTCP -sTCP:LISTEN

The command outputs a list of the connections that use the TCP protocol.

Check a specific port number with this syntax:

sudo lsof -nP -i:[port-number]

For example, to check if port 32121 is in use, type:

sudo lsof -nP -i:32121

If the port is free, the command shows no output. If an application is using the port, the output shows its details:

Specify the protocol you wish to scan by adding it to the -i option.

For example, to check if the UDP port 83 is open, type:

sudo lsof -nP -iUDP:83

Check Ports via netstat Command

The netstat command provides a network activity overview and statistics. Use the command below to display the listening ports on the system with netstat:

sudo netstat -tunpl

The command uses five command arguments:

  • -t – Queries the command for TCP ports.
  • -u – Queries for UDP ports.
  • -n – Avoids DNS lookup and shows only IP addresses to speed up the process.
  • -p – Displays the process ID and the name of the program using the port.
  • -l – Outputs listening ports.

Identify the listening ports/sockets by checking the State column and looking for the label LISTENING.

Check Ports via ss Command

The ss command is a faster and easier-to-use version of the obsolete netstat command. It uses the same options as netstat, but provides more statistics in the output.

The following command scans TCP and UDP ports for listening sockets and displays them in a list:

sudo ss -tunl

The listening ports/sockets are marked as LISTEN in the State column.

Check Ports via nmap Command

The Nmap utility allows users to scan for open ports on local and remote systems. Execute the command below to scan for all open TCP and UDP ports on the local system:

sudo nmap -n -PN -sT -sU -p- localhost

The following are the nmap options used in the example.

  • -n – Skips DNS resolution.
  • -PN – Skips the discovery phase.
  • -sT and -sU – Tell netstat to scan TCP and UDP ports, respectively.
  • -p- – Scans all the ports.

The output lists the open ports alongside the services that use them.

I believe this article will explain and understand to Check Open Ports in Linux.