Главная » Linux

Linux check which ports are listening to

На чтение 11 мин Просмотров 1 Опубликовано
Содержание
  1. How can I see what ports are open on my machine?
  2. 10 Answers 10
  3. nmap (install)
  4. 4 Ways to Find Out What Ports Are Listening in Linux
  5. 1. Using Netstat Command
  6. 2. Using ss Command
  7. 3. Using Nmap Command
  8. 4. Using lsof Command
  9. Checking Open and Listening Ports on Linux Using netstat and ss
  10. What is a Port in Computer Networking?
  11. How to Check Which Linux Ports Are in Use?
  12. Using netstat
  13. Using ss
  14. Using lsof

How can I see what ports are open on my machine?

I would like to see what ports are open on my machine, e.g. what ports my machine is listening on. E.g. port 80 if I have installed a web server, and so on. Is there any command for this?

10 Answers 10

If the netstat command is not available, install it with:

sudo apt install net-tools

-l already filters for listening. grep LISTEN won’t help beyond hiding 2 lines of header information.

-t : tcp, -l : listening socket, -p : show pid and program name, -n : print 127.0.0.1:80 instead of localhost:http . Reference: linux.die.net/man/8/netstat

The expanded command is sudo netstat —tcp —listening —programs —numeric . There’s no need to use grep unless you want to eliminate column headers.

nmap (install)

Nmap («Network Mapper») is a free and open source utility for network exploration or security auditing.

Use nmap 192.168.1.33 for internal PC or nmap external IP address .

More information man nmap .

Zenmap is the official GUI frontend.

Remember that there is a difference between nmap localhost and nmap 192.168.0.3 (or what ever you machine IP is)

I think netstat is a better answer to this. netstat will list what the system is listening on directly, and without using an additional application or doing unnecessary calls over localhost or thought the network.

This is stupid. If you have access to the computer, just use netstat -ln . You’ll instantly see all the open ports.

nmap localhost didn’t find services that were bound only to localhost. For example, I run influxd with bind-address:localhost:8086 . That didn’t show up in sudo nmap localhost , but did show up in sudo netstat -tulpn .

Other good ways to find out what ports are listenting and what your firewall rules are:

To list open ports use the netstat command.

 $ sudo netstat -tulpn | grep LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 5452/dnsmasq tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1037/cupsd tcp6 0 0 ::1:631 . * LISTEN 1037/cupsd

In the above example three services are bound to the loopback address.

IPv4 services bound to the loopback address «127.0.0.1» are only available on the local machine. The equivalent loopback address for IPv6 is «::1». The IPv4 address «0.0.0.0» means «any IP address», which would mean that other machines could potentially connect to any of the locally configured network interfaces on the specific port.

Another method is to use the lsof command:

 $ sudo lsof -nP -i | grep LISTEN cupsd 1037 root 9u IPv6 11276 0t0 TCP [::1]:631 (LISTEN) cupsd 1037 root 10u IPv4 11277 0t0 TCP 127.0.0.1:631 (LISTEN) dnsmasq 5452 nobody 5u IPv4 212707 0t0 TCP 127.0.0.1:53 (LISTEN)

For more details see man netstat or man lsof .

Читайте также:  Date linux изменить часовой пояс

Источник

4 Ways to Find Out What Ports Are Listening in Linux

The state of a port is either open, filtered, closed, or unfiltered. A port is said to be open if an application on the target machine is listening for connections/packets on that port.

In this article, we will explain four ways to check open ports and also will show you how to find which application is listening on what port in Linux.

1. Using Netstat Command

Netstat is a widely used tool for querying information about the Linux networking subsystem. You can use it to print all open ports like this:

The flag -l tells netstat to print all listening sockets, -t shows all TCP connections, -u displays all UDP connections and -p enables printing of application/program name listening on the port.

Check Open Ports Using Netstat Command

To print numeric values rather than service names, add the -n flag.

Show Numeric Values

You can also use grep command to find out which application is listening on a particular port, for example.

$ sudo netstat -lntup | grep "nginx"

Find Port of Running Application

Alternatively, you can specify the port and find the application bound to, as shown.

$ sudo netstat -lntup | grep ":80"

Find Application Using a Port Number

2. Using ss Command

ss command is another useful tool for displaying information about sockets. It’s output looks similar to that of netstat. The following command will show all listening ports for TCP and UDP connections in numeric value.

Find Open Ports Using ss Command

3. Using Nmap Command

Nmap is a powerful and popular network exploration tool and port scanner. To install nmap on your system, use your default package manager as shown.

$ sudo apt install nmap [On Debian/Ubuntu] $ sudo yum install nmap [On CentOS/RHEL] $ sudo dnf install nmap [On Fedora 22+]

To scan all open/listening ports in your Linux system, run the following command (which should take a long time to complete).

$ sudo nmap -n -PN -sT -sU -p- localhost

4. Using lsof Command

The final tool we will cover for querying open ports is lsof command, which is used to list open files in Linux. Since everything is a file in Unix/Linux, an open file may be a stream or a network file.

To list all Internet and network files, use the -i option. Note that this command shows a mix of service names and numeric ports.

List Open Network Files Using lsof Command

To find which application is listening on a particular port, run lsof in this form.

Find Application Using Port

That’s all! In this article, we have explained four ways to check open ports in Linux. We also showed how to check which processes are bound upon particular ports. You can share your thoughts or ask any questions via the feedback form below.

Источник

Checking Open and Listening Ports on Linux Using netstat and ss

Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.

One step in securing a Linux computer system is identifying which ports are active. Your system’s active ports give you information about which outside applications may be connected to your system. You can also discover if you are unintentionally exposing an application or service to the internet, like a MySQL database. There are several Linux tools that help you discover which ports are in use and identify both ends of active communications. This guide introduces three common tools you can use with links to guides that dive deeper into each tool.

Читайте также:  Linux запретить root ssh

What is a Port in Computer Networking?

Service names and port numbers are used to distinguish between different services that run over transport protocols. Common transport protocols are TCP, UDP, DCCP, and SCTP. These protocols enable communication between applications by establishing a connection and ensuring data is transmitted successfully. Well-known port assignments, such as HTTP at port 80 over TCP and UDP, are listed at the IANA Service Name and Transport Protocol Port Number Registry. These port assignments help distinguish different types of network traffic across the same connection.

How to Check Which Linux Ports Are in Use?

Three tools to help you check ports in use on a Linux system are:

  • netstat: This tool shows your server’s network status.
  • ss: You can view socket statistics with the ss tool. For example, ss allows you to monitor TCP, UDP, and UNIX sockets.
  • lsof: This Linux utility lists open files. Since everything on a Linux system can be considered a file, lsof provides a lot of information on your entire system.

While all three tools help you learn how to check if a port is open in Linux, each program has its own advantages and disadvantages. See the following examples to identify which tool is the best fit for your purpose.

Using netstat

The netstat tool is great for inspecting the following areas of your Linux system:

  • Unix sockets and network connections
  • Routing tables
  • Network interfaces
  • Network protocols
  • Multicast group membership

Running netstat without any options displays all open sockets and network connections. While this checks if a port is open in Linux, it can generate a lot of output. You can control the output using netstat’s command-line options. For example, to view the PID and program name for a system’s listening TCP connections, run netstat with the following command-line options:

The output resembles the following:

Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:http-alt 0.0.0.0:* LISTEN 381070/monitorix-ht tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 553/systemd-resolve tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 2145/sshd: /usr/sbi tcp 0 0 localhost:33060 0.0.0.0:* LISTEN 9638/mysqld tcp 0 0 localhost:mysql 0.0.0.0:* LISTEN 9638/mysqld tcp6 0 0 [::]:http [::]:* LISTEN 10997/apache2 tcp6 0 0 [::]:ssh [::]:* LISTEN 2145/sshd: /usr/sbi

To learn how to install netstat, interpret its output, and view common command line options, see our Inspecting Network Information with netstat guide.

Using ss

Another way to have Linux check ports is via the ss tool. ss was created to improve upon netstat and provides more functionality. It allows you to monitor TCP, UDP, and UNIX sockets. A socket enables programs to communicate with each other across a network and is comprised of an IP address and a port number.

Читайте также:  Find linux исключить файлы

Running the ss with no options displays TCP, UDP, and UNIX sockets. Similar to netstat, this unrestricted list can get quite big on busy machines, so it is useful to restrict the ss command’s output by using command-line options. For example, to view all listening and non-listening TCP sockets issue the following command:

The output resembles the following:

State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 4096 0.0.0.0:http-alt 0.0.0.0:* LISTEN 0 4096 127.0.0.53%lo:domain 0.0.0.0:* LISTEN 0 128 0.0.0.0:ssh 0.0.0.0:* LISTEN 0 70 127.0.0.1:33060 0.0.0.0:* LISTEN 0 151 127.0.0.1:mysql 0.0.0.0:* ESTAB 0 0 192.0.2.0:ssh 192.0.2.1:51617 TIME-WAIT 0 0 192.0.2.0:ssh 192.0.2.2:60630 TIME-WAIT 0 0 192.0.2.0:ssh 192.0.2.3:51312 TIME-WAIT 0 0 127.0.0.1:http-alt 127.0.0.1:52456 TIME-WAIT 0 0 192.0.2.0:ssh 192.0.2.4:44364 ESTAB 0 0 192.0.2.0:ssh 192.0.2.5:51718 LISTEN 0 511 *:http *:* LISTEN 0 128 [::]:ssh [::]:*

Using just the -l parameter tells ss to list all Linux’s listening ports, which are omitted by default, making it easier to check for listening ports in Linux.

To take a deeper dive into the ss tool, read our Learning to Use the ss Tool to its Full Potential guide. This guide provides commands specific to each protocol, commands to view general statistics about a system’s current connections, and ways to filter your output.

Using lsof

Since everything on a Linux system can be considered a file, the lsof tool can report on many aspects of a system, including open network interfaces and network connections. By default, it will list open ports in Linux. The lsof tool is preinstalled on many Linux distributions, so you may consider using it before a tool you need to install.

While one of the most frequent uses of lsof is determining which program listens to a given TCP port, one unique feature of the lsof tool is repeat mode*. This mode allows you to run the lsof command continuously on a timed interval. When inspecting your system to find information about which ports are in use, lsof can return information about which user and processes are using a specific port. For example, when working with a local development environment you may want to find which localhost ports are currently in use. Use the following command to retrieve this information:

The output returns a similar response:

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME Adobe\x20 932 jdoe 14u IPv4 0x3dab8c45775e6b5b 0t0 TCP localhost:15292 (LISTEN) Code\x20H 38254 jdoe 81u IPv4 0x3dab8c45922118fb 0t0 TCP localhost:49336 (LISTEN) VBoxHeadl 49798 jdoe 15u IPv4 0x3dab8c45a01fcf1b 0t0 TCP localhost:rockwell-csp2 (LISTEN) Google 55001 jdoe 37u IPv4 0x3dab8c457579acbb 0t0 TCP localhost:51706->localhost:bmc_patroldb (ESTABLISHED) hugo 57981 jdoe 8041u IPv4 0x3dab8c45a423853b 0t0 TCP localhost:bmc_patroldb (LISTEN) hugo 57981 jdoe 8042u IPv4 0x3dab8c45a3a8e2db 0t0 TCP localhost:bmc_patroldb->localhost:51706 (ESTABLISHED)

lsof is a powerful diagnostic tool capable of a significant number of ways that you can combine its command line options to troubleshoot various issues. To learn more about the lsof command read our How to List Open Files with lsof guide. This guide provides information about command-line options, the anatomy of the lsof output, and filtering your output with regular expressions.

This page was originally published on Thursday, February 25, 2021.

Источник

Оцените статью
© 2023 Posetke
Adblock
detector