Find all ports in use linux

How to Find All Open Ports (Listening Ports) on Ubuntu Linux

This brief tutorial shows students and new users how to find all ports in use or listening ports when using Ubuntu Linux systems.

The steps below should be handy if you’re a server administrator or web admin and want to ensure that only approved ports are opened on your Ubuntu Linux server.

Most servers built for public access will have services that listen to their assigned ports for communication. In some cases, ports that are not in use will stay open, which may lead to them being exploited.

Ubuntu comes with some default commands that can be used to scan your servers for open ports. The steps below will show you how to use some of these commands to identify listening ports and how to find them.

Since you can’t have two services listening on the same port, it’s a good chance that you may have ports you’re probably not using, and you’ll want to close them.

A network port is identified by its number, the associated IP address, and the type of communication protocol, such as TCP or UDP.

To identify listening ports on Ubuntu, follow the steps below:

Use the netstat Command

netstat is a command-line tool that can provide information about network connections, including IP addresses, ports, and services communicating on these ports.

If you don’t already netstat tool installed, use the commands below to install it.

sudo apt install net-tools

If you want to list all ports available on a server, you run the commands below:

For detailed command options, view the bullet below:

• -t Show TCP ports.
• -u Show UDP ports.
• -n Show numerical addresses instead of resolving hosts.
• -l Show only listening ports.
• -p Show the PID and name of the listener’s process.

When you run the Command above with the options, you should see similar lines as below:

Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 486/systemd-resolve tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2851/cupsd

That should give you a lot of information.

However, if you only want to see a specific service name or port, you can use the netstat Command with the option above with grep.

The example below shows you to scan for open ports and only list port 22.

sudo netstat -tnlp | grep :22

You should see a similar line below:

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 25538/sshd tcp6 0 0 . 22 . * LISTEN 25538/sshd

The Command above using grep shows port 22 only, and sshd service is listening on that port.

Use the ss Command

netstat is not installed on Ubuntu by default. The ss command is installed as a replacement for netstat. As with netstat, the ss command displays network information on Linux systems.

netstat and ss commands share almost the same command options. So if you’re used to netstat, the ss command should work almost the same.

To view all listening ports on Ubuntu using the ss command, run the Command below:

You should see a similar screen as shown below:

NetidState Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=486,fd=12)) udp UNCONN 0 0 0.0.0.0:68 0.0.0.0:* users:(("dhclient",pid=782,fd=6)) tcp LISTEN 0 5 [::1]:631 [::]:* users:(("cupsd",pid=2851,fd=6))

The output above is similar to the netstat Command we ran previously.

Use the lsof Command

The lsof Command is another powerful utility available to Linux systems that allows you to display networking information.

To list all listening TCP ports using the lsof Command, run it with the options below:

sudo lsof -nP -iTCP -sTCP:LISTEN

You should see similar lines as shown below:

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME systemd-r 486 systemd-resolve 13u IPv4 15733 0t0 TCP 127.0.0.53:53 (LISTEN) cupsd 2851 root 6u IPv6 36958 0t0 TCP [::1]:631 (LISTEN) cupsd 2851 root 7u IPv4 36959 0t0 TCP 127.0.0.1:631 (LISTEN) sshd 25538 root 3u IPv4 77978 0t0 TCP *:22 (LISTEN) sshd 25538 root 4u IPv6 77980 0t0 TCP *:22 (LISTEN)

That should list open ports as well.

Now you know how to list listing ports on Ubuntu; you can use any of the commands above to find ports that are not in use and turn off services to them.

Richard W

I love computers; maybe way too much. What I learned I try to share at geekrewind.com.

Источник

How can I see what ports are open on my machine?

I would like to see what ports are open on my machine, e.g. what ports my machine is listening on. E.g. port 80 if I have installed a web server, and so on. Is there any command for this?

10 Answers 10

If the netstat command is not available, install it with:

sudo apt install net-tools 

-l already filters for listening. grep LISTEN won’t help beyond hiding 2 lines of header information.

-t : tcp, -l : listening socket, -p : show pid and program name, -n : print 127.0.0.1:80 instead of localhost:http . Reference: linux.die.net/man/8/netstat

The expanded command is sudo netstat —tcp —listening —programs —numeric . There’s no need to use grep unless you want to eliminate column headers.

nmap (install)

Nmap («Network Mapper») is a free and open source utility for network exploration or security auditing.

Use nmap 192.168.1.33 for internal PC or nmap external IP address .

More information man nmap .

Zenmap is the official GUI frontend.

Remember that there is a difference between nmap localhost and nmap 192.168.0.3 (or what ever you machine IP is)

I think netstat is a better answer to this. netstat will list what the system is listening on directly, and without using an additional application or doing unnecessary calls over localhost or thought the network.

This is stupid. If you have access to the computer, just use netstat -ln . You’ll instantly see all the open ports.

nmap localhost didn’t find services that were bound only to localhost. For example, I run influxd with bind-address:localhost:8086 . That didn’t show up in sudo nmap localhost , but did show up in sudo netstat -tulpn .

Other good ways to find out what ports are listenting and what your firewall rules are:

To list open ports use the netstat command.

 $ sudo netstat -tulpn | grep LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 5452/dnsmasq tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1037/cupsd tcp6 0 0 ::1:631 . * LISTEN 1037/cupsd 

In the above example three services are bound to the loopback address.

IPv4 services bound to the loopback address «127.0.0.1» are only available on the local machine. The equivalent loopback address for IPv6 is «::1». The IPv4 address «0.0.0.0» means «any IP address», which would mean that other machines could potentially connect to any of the locally configured network interfaces on the specific port.

Another method is to use the lsof command:

 $ sudo lsof -nP -i | grep LISTEN cupsd 1037 root 9u IPv6 11276 0t0 TCP [::1]:631 (LISTEN) cupsd 1037 root 10u IPv4 11277 0t0 TCP 127.0.0.1:631 (LISTEN) dnsmasq 5452 nobody 5u IPv4 212707 0t0 TCP 127.0.0.1:53 (LISTEN) 

For more details see man netstat or man lsof .

Источник

How to Find Out all the Open Ports in Linux?

In this tutorial, we will learn how to find out all the open ports in Linux.

There are different commands to know which ports are opened such as nmap, netstat, and lsof. But do we know what ports are? Some people might think that it is the gateway to enter the system. There are a lot of myth concepts regarding port numbers. Let’s discuss this in detail.

What is Port number?

There are many services running in the system such as httpd, Hadoop service and so on. How will the network client identify the particular service from the bundle of services running on the system? Whenever we start the web server, instead of creating unique names for each service, a port number is assigned where the service listens for packets. Let’s look at some common ports.

• Port number of HTTP: 80
• Port number of SMTP: 25
• Port number of FTP: 21
• Port number of DNS: 53

The user can use his own personal port also. The port is internally stored in 2 bytes i.e. 2^16 = 65536. The range of the port number is from 0 to 65535. This is divided into different categories:

• 0 – 1023: The ports in this range are called well-known ports or system ports.
• 1024 –49151: The ports in this range are called registered ports or user ports.
• 49152-65535: The ports in this range are called the Dynamic ports and Private ports.

I hope the concept is clear. Let’s understand how to find out list of the open ports in Linux.

List all the services and their ports

If you want to know the list of all the services with their ports, it can be done using cat command. The file named services in /etc/ directory consists of the name and ports of all the services. It will also display the protocols related to the service. Let’s have a look at command below:

You can see that it has displayed the list of services with their port and protocols.

Find out all the open ports in Linux using netstat command

Earlier, we described how to list all the services. If the user wants to know the find out all the open ports in Linux, we can use the netstat command. It will list all the network connections in the system. Apart from this, it also prints the routing tables, interfaces statistics, and multicast memberships.

For more detail information, check the Linux Official Documentation.

The user will use -lntu option with the netstat command where,

• -l: It will print only listening sockets
• -n: It will display the port number
• -t: It enables the listing of TCP ports.
• -u: It enables the listing of UDP ports.

Let’s have a look at the command below:

Display the running ports using ss command

Earlier we used netstat command to display the running ports. Here, we are using the ss command to do so. You might be thinking that what is the difference between both of them.

The ss command is the substitute of the netstat command. Although it is similar to the netstat command, it displays more information. It is used to track TCP connections and sockets. The ss is included in the iproute2 package while netstat uses /proc/net/tcp to gather the information about the system network.

Let’s have a look at the following command:

The significance of -lntu is described above in the netstat command.

Find out all the open ports in Linux using lsof command

Earlier, we discussed how to list the ports using netstat command and ss command. Both were used to display the running services. Here, we will discuss about lsof command. The LSOF stands for List open files. This command is used to list all the open files and processes in the system. It is used in Unix-Linux operating system.

Let’s have a look at the command below:

sudo lsof -i -P -n | grep LISTEN

The options associated with this command are:

• -i: It will list all the running process of specific ports
• -P: It will convert the port numbers to port names for network files.
• -n: It will convert the network names to hostnames for network files.

Grep command is used to search for the particular word. As here it will print the ports which are in LISTEN state.

Find out all the open ports using the ps Command

Earlier, we used lsof command to print the ports. Here we will discuss the ps command. The ps command is used to display the information related to the running process in the system. Here, we will use ps -aux command which will print all those processes that are owned by the user. Remember, using “ps aux” will print the warning.

Let’s have a look at the following command:

Conclusion

We have discussed how to find out all the open ports in Linux using ps, netstat, lsof and ss command. Since most of the commands have usage apart from what’s described here, go ahead use the man pages by using the man command in Linux. We hope the concept is cleared. If you face any issues, do let us know in the comments.

Источник