- How can I see what ports are open on my machine?
- 10 Answers 10
- nmap (install)
- 4 Ways to Find Out What Ports Are Listening in Linux
- 1. Using Netstat Command
- 2. Using ss Command
- 3. Using Nmap Command
- 4. Using lsof Command
- How to Check If a Port Is in Use in Linux
- Method 1: Using the lsof Command
- Method 2: Using the ss Command
- Method 3: Using the netstat Command
- Method 4: Using the nmap Command
- Conclusion
- About the author
- Aqsa Yasin
- How to check if a certain port is open and unused?
- 9 Answers 9
- Eg 1:
- Eg 2:
How can I see what ports are open on my machine?
I would like to see what ports are open on my machine, e.g. what ports my machine is listening on. E.g. port 80 if I have installed a web server, and so on. Is there any command for this?
10 Answers 10
If the netstat command is not available, install it with:
sudo apt install net-tools
-l already filters for listening. grep LISTEN won’t help beyond hiding 2 lines of header information.
-t : tcp, -l : listening socket, -p : show pid and program name, -n : print 127.0.0.1:80 instead of localhost:http . Reference: linux.die.net/man/8/netstat
The expanded command is sudo netstat —tcp —listening —programs —numeric . There’s no need to use grep unless you want to eliminate column headers.
nmap (install)
Nmap («Network Mapper») is a free and open source utility for network exploration or security auditing.
Use nmap 192.168.1.33 for internal PC or nmap external IP address .
More information man nmap .
Zenmap is the official GUI frontend.
Remember that there is a difference between nmap localhost and nmap 192.168.0.3 (or what ever you machine IP is)
I think netstat is a better answer to this. netstat will list what the system is listening on directly, and without using an additional application or doing unnecessary calls over localhost or thought the network.
This is stupid. If you have access to the computer, just use netstat -ln . You’ll instantly see all the open ports.
nmap localhost didn’t find services that were bound only to localhost. For example, I run influxd with bind-address:localhost:8086 . That didn’t show up in sudo nmap localhost , but did show up in sudo netstat -tulpn .
Other good ways to find out what ports are listenting and what your firewall rules are:
To list open ports use the netstat command.
$ sudo netstat -tulpn | grep LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 5452/dnsmasq tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1037/cupsd tcp6 0 0 ::1:631 . * LISTEN 1037/cupsd
In the above example three services are bound to the loopback address.
IPv4 services bound to the loopback address «127.0.0.1» are only available on the local machine. The equivalent loopback address for IPv6 is «::1». The IPv4 address «0.0.0.0» means «any IP address», which would mean that other machines could potentially connect to any of the locally configured network interfaces on the specific port.
Another method is to use the lsof command:
$ sudo lsof -nP -i | grep LISTEN cupsd 1037 root 9u IPv6 11276 0t0 TCP [::1]:631 (LISTEN) cupsd 1037 root 10u IPv4 11277 0t0 TCP 127.0.0.1:631 (LISTEN) dnsmasq 5452 nobody 5u IPv4 212707 0t0 TCP 127.0.0.1:53 (LISTEN)
For more details see man netstat or man lsof .
4 Ways to Find Out What Ports Are Listening in Linux
The state of a port is either open, filtered, closed, or unfiltered. A port is said to be open if an application on the target machine is listening for connections/packets on that port.
In this article, we will explain four ways to check open ports and also will show you how to find which application is listening on what port in Linux.
1. Using Netstat Command
Netstat is a widely used tool for querying information about the Linux networking subsystem. You can use it to print all open ports like this:
The flag -l tells netstat to print all listening sockets, -t shows all TCP connections, -u displays all UDP connections and -p enables printing of application/program name listening on the port.
To print numeric values rather than service names, add the -n flag.
You can also use grep command to find out which application is listening on a particular port, for example.
$ sudo netstat -lntup | grep "nginx"
Alternatively, you can specify the port and find the application bound to, as shown.
$ sudo netstat -lntup | grep ":80"
2. Using ss Command
ss command is another useful tool for displaying information about sockets. It’s output looks similar to that of netstat. The following command will show all listening ports for TCP and UDP connections in numeric value.
3. Using Nmap Command
Nmap is a powerful and popular network exploration tool and port scanner. To install nmap on your system, use your default package manager as shown.
$ sudo apt install nmap [On Debian/Ubuntu] $ sudo yum install nmap [On CentOS/RHEL] $ sudo dnf install nmap [On Fedora 22+]
To scan all open/listening ports in your Linux system, run the following command (which should take a long time to complete).
$ sudo nmap -n -PN -sT -sU -p- localhost
4. Using lsof Command
The final tool we will cover for querying open ports is lsof command, which is used to list open files in Linux. Since everything is a file in Unix/Linux, an open file may be a stream or a network file.
To list all Internet and network files, use the -i option. Note that this command shows a mix of service names and numeric ports.
To find which application is listening on a particular port, run lsof in this form.
That’s all! In this article, we have explained four ways to check open ports in Linux. We also showed how to check which processes are bound upon particular ports. You can share your thoughts or ask any questions via the feedback form below.
How to Check If a Port Is in Use in Linux
If you are from a computer science background or even a little bit familiar with networking, then you may have heard of the TCP/IP stack. The TCP/IC stack comprises of five different layers, namely, the Physical Layer, Data Link Layer, Network Layer, Transport Layer, and Application Layer. Every layer of the TCP/IP stack has a different means of communication, and all communication within the Transport Layer is done via port numbers.
A port number is used to uniquely identify a device alongside the IP address. Inter-process communication is common when using computer systems. To facilitate this communication, operating systems keep certain ports open, depending upon the entity with which the user wishes to communicate. So, at any single instance, multiple ports can be open in your system.
When we say that a port is in use, we are essentially referring to a port that is open, or, in other words, a port that is in the listening state (ready to accept connections). There are multiple ways of determining the ports that are open in an operating system. This article shows you four possible methods to use to check whether a port is in use in Linux.
Note: All the methods demonstrated in this article have been executed in Linux Mint 20.
To determine whether a port is in use in Linux Mint 20, any of the following four methods can be used.
Method 1: Using the lsof Command
The lsof command can be used to list all the ports in use in your system in the following manner:
First, launch the Linux Mint 20 terminal by clicking on its shortcut icon. The terminal is shown in the image below:
Next, you will have to install the lsof command if you have never used it before. To do so, execute the following command in the terminal:
Upon the successful installation of the command, you will see the following output in the terminal:
Once this command has been installed, it can be used for querying any ports that are in use in Linux. To check your system for open ports, execute the following command in your terminal:
In the output of this command, the ports listed in the “LISTEN” state are the ones that are in use, as shown in the image below:
Method 2: Using the ss Command
The ss command can be used to determine any open TCP and UDP ports in your system in the following manner:
To query both the TCP and UDP ports that are in use, execute the following command in the terminal:
In the output of this command, the ports (both TCP and UDP) that are in use have the “LISTEN” state, whereas all the other ports show the “UNCONN” state.
Method 3: Using the netstat Command
The netstat command can also be used to determine any open TCP and UDP ports in your system in the following manner:
To query for the TCP and UDP ports that are in use, run the following command in the terminal:
If you try to run this command without the “sudo” keyword, you will not be able to access all the ports. If you are logged in with the root user account, then you may skip this keyword.
When you run this command, you will be able to see that all ports in use are in the “LISTEN” state, whereas the states of all other ports are unavailable, as shown in the image below:
Method 4: Using the nmap Command
The nmap command is yet another utility that can be used to determine the TCP and UDP ports that are in use in the following manner:
If the nmap utility is not yet installed on your Linux Mint 20 system, as it does not come installed by default, you may have to manually install it. To do so, execute the following command:
Once you have successfully installed the nmap utility on your Linux Mint 20 system, your terminal will return you the control back so that you can execute the next command, as shown in the image below:
After installing this utility, query for both the TCP and UDP ports that are in use in your system by running the following command in the terminal:
Once you have executed this command, the state of all ports that are in use will be “open,” as shown in the output in the image below:
Conclusion
This article showed you four different methods for checking whether a port is in use in your Linux system. All of these methods were tested with Linux Mint 20, however, you can also run the commands shown in these methods with any other distribution of Linux, with slight variations. Each of the commands used in these methods takes only a few seconds to execute. So, you have the time to try any of the four methods to see which one works best for you.
About the author
Aqsa Yasin
I am a self-motivated information technology professional with a passion for writing. I am a technical writer and love to write for all Linux flavors and Windows.
How to check if a certain port is open and unused?
Could you please help and tell how can i find out if port 80 is open and unused so that I can start installation.
For what it’s worth, /etc/services is completely static. Grepping it can tell you if a port is officially designated by IANA or some such, but does not tell whether or not it’s in local use.
9 Answers 9
sudo netstat -anp | grep ':80 '
That should give you pid & name of the process that holds port 80
This can be achieved using the nc command as follows:
It will return TRUE if the port is already in use, or FALSE is it (i.e, available not listening currently).
I don’t recommend lsof or netstat method as it first try to scan all running PIDs to get all bounded ports:
# time lsof -i:8888 real 0m1.194s user 0m0.137s sys 0m1.056s``` # time nc -z 127.0.0.1 8888 real 0m0.014s user 0m0.011s sys 0m0.004s
Here 8888 is an unused port. The nc command is ~85 times faster in the above example.
Eg 1:
$ nc -z 127.0.0.1 80 && echo "IN USE" || echo "FREE" IN USE $ nc -z 127.0.0.1 81 && echo "IN USE" || echo "FREE" FREE
Eg 2:
If you are trying with a remote IP, it is better to add a timeout to auto-exit if it is not accepting connection for the specified time.
Its Google’s IP which is not used, so it will timeout after trying for 2 seconds.
This also works greatly when running inside the Docker image that uses host network. Inside the image, lsof incorrectly reports the port is not in use when it actually is.
The traditional version of nc does not include the -z option. See the differences between traditional and openbsd.
netstat -tln | tail -n +3 | awk '< print $4 >'
This one displays bind addresses of TCP listening endpoints. All other endpoints are free; Also if on Unix and you are not root, then you can’t bind to a ‘privileged’ port number (port number lower than 1024).
Explained in more details:
- netstat -tln — all listening tcp ports
- tail -n +3 — cut off the header of netstat command
- awk ‘< print $4 >‘ — print the fourth column that consists of [ip]:[port]
For the general case you still need to care to cut out all irrelevant interfaces; a listening address 0.0.0.0 is listening on all network cards, if there is an IP address then that’s the specific IP of the network card/network interface.