3 ways to check open ports in Linux
In this blog post, we will discuss 3 ways to check open ports in Linux. We will be using the command line to do this, so if you are not familiar with that environment, don’t worry! We will walk you through everything.
Checking port status is an important task for system administrators and developers . By knowing which ports are open and which ones are closed, you can better diagnose and fix networking issues.
To check open ports in Linux, we can use three methods: the netstat command, the ss command, and the lsof command. Open the terminal and type in any command above with the right option. It will list all the open ports in Linux.
- The netstat command is a network statistics utility that displays information about network connections, routing tables, and a number of network interface statistics.
- The ss command is a utility for displaying socket statistics. It can be used to report a variety of information, including open sockets.
- The lsof command is a utility for displaying information about files that are open by processes running on the system. The lsof command can be used to find out which ports are being used by which processes.
Each of these commands will give us different information about the open ports on our system. Try running each of them and see what results you get!
Procedure to Check open ports in Linux
- Open the terminal.
- Type netstat -tulpn and press Enter. This will show you a list of all the open ports on your system, as well as the PID and name of the program that is using each port.
- If you want to see more information about a specific port, type netstat -tulpn | grep portnumber and press Enter. Replace portnumber with the actual port number you want to check. The output will show you the PID and name of the program that is using that port.
Check open ports with netstat command in Linux
The easiest way to check open ports in Linux is using netstat command. You will need to open a terminal window. Then, type in the following command:
This will give you a list of all open ports on your system, as well as the programs that are using them.
The “l” flag will show you all the open ports. The ‘p’ flag will show you the program that is using the port, including the process ID (PID) and the user that owns it.
- -t : All TCP ports
- -u : All UDP ports
- -l : Display listening server sockets
- -p : Show the PID and name of the program to which each socket belongs
- -n : Don’t resolve names
- -a: Show both listening and non-listening (for TCP this means established connections) sockets.
From the following example, we can see that ports 111,22,5432,25 are open.
# netstat -utpnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1900/sshd
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 182374/postgres
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2084/master
tcp6 0 0 . 111 . * LISTEN 1/systemd
tcp6 0 0 . 22 . * LISTEN 1900/sshd
tcp6 0 0 . 5432 . * LISTEN 182374/postgres
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 . 111 . * 1/systemd
If you see a socket in the “LISTENING” state, it means that the port is open and waiting for a connection.
If you want to see more information about a specific port, you can use the following command:
For example, if you want to see information about port 22 (the standard SSH port), you would type in:
# netstat -tulpn | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1900/sshd
tcp6 0 0 . 22 . * LISTEN 1900/sshd
This will show you all of the processes that are connected to port 22, as well as their PIDs and owners.
The netstat -a command will show you all of the active sockets on your system, both listening and non-listening. This can be useful for troubleshooting purposes, as it will show you all of the sockets that are currently in use.
From the following example, we can see that there is one more TCP connection. Its state is ESTABLISHED.
# netstat -tulapn | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1900/sshd
tcp 0 80 10.244.13.128:22 10.79.96.124:53559 ESTABLISHED 1296958/sshd:
tcp6 0 0 . 22 . * LISTEN 1900/sshd
When you see a socket in the “ESTABLISHED” state, it means that the connection is established and both sides are actively communicating. This usually indicates that the connection is working properly.
If you see a socket in the “TIME_WAIT” state, it means that the connection has been terminated but the socket is still waiting for some time to expire so that it can be freed up.
Check port status with ss command in Linux
You can also use the ss command to check open ports in Linux. It stands for socket statistics , and it gives a snapshot of all active sockets on the system. The ss command is similar to netstat, but it provides more information about each connection.
To use the ss command, type in the following:
It will show more detailed information about ports than netstat . To use ss, you will need to install the iputils-ss package.
This will give you a list of all active sockets, including the following information: – The socket type ( tcp , udp , raw , etc.) – The local address – The remote address – The state ( LISTENING , ESTABLISHED , etc.)
This will give you a list of all open ports on your system.
Example:
# ss -tulpn
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
tcp LISTEN 0 128 0.0.0.0:111 0.0.0.0:* users:((«rpcbind»,pid=96374,fd=4),(«systemd»,pid=1,fd=58))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:((«sshd»,pid=1900,fd=5))
tcp LISTEN 0 4096 0.0.0.0:5432 0.0.0.0:* users:((«postgres»,pid=182374,fd=6))
tcp LISTEN 0 100 127.0.0.1:25 0.0.0.0:* users:((«master»,pid=2084,fd=16))
tcp LISTEN 0 128 [::]:111 [::]:* users:((«rpcbind»,pid=96374,fd=6),(«systemd»,pid=1,fd=60))
tcp LISTEN 0 128 [::]:22 [::]:* users:((«sshd»,pid=1900,fd=7))
tcp LISTEN 0 4096 [::]:5432 [::]:* users:((«postgres»,pid=182374,fd=7))
You can also use the following command to see information about a specific port:
For example, if you want to see information about port 22 (the standard SSH port), you would type in:
Example:
# ss -tulpn | grep «22»
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:((«sshd»,pid=1900,fd=5))
tcp LISTEN 0 128 [::]:22 [::]:* users:((«sshd»,pid=1900,fd=7))
Check open ports with lsof command in Linux
we will cover the lsof command. The lsof command is a powerful tool that can be used to show a variety of information about open files on your system. To use it to check port status, type in the following:
lsof -i TCP -sTCP:LISTEN -n -P
This will give you a list of all open ports on your system, as well as the programs that are using them.
- -i TCP -sTCP:LISTEN: Look for listing ports
- -P : Inhibits the conversion of port numbers to port names for network files. Inhibiting the conversion may make lsof run a little faster. It is also useful when port name lookup is not working properly.
- -n : Do not use DNS name
# lsof -i TCP -sTCP:LISTEN -n -P
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd 1 root 58u IPv4 13485027 0t0 TCP *:111 (LISTEN)
systemd 1 root 60u IPv6 13485029 0t0 TCP *:111 (LISTEN)
sshd 1900 root 5u IPv4 15494 0t0 TCP *:22 (LISTEN)
sshd 1900 root 7u IPv6 15496 0t0 TCP *:22 (LISTEN)
master 2084 root 16u IPv4 33300 0t0 TCP 127.0.0.1:25 (LISTEN)
rpcbind 96374 rpc 4u IPv4 13485027 0t0 TCP *:111 (LISTEN)
rpcbind 96374 rpc 6u IPv6 13485029 0t0 TCP *:111 (LISTEN)
postgres 182374 postgres 6u IPv4 14699999 0t0 TCP *:5432 (LISTEN)
postgres 182374 postgres 7u IPv6 14700000 0t0 TCP *:5432 (LISTEN)
You can also use the following command to see information about a specific port:
This will show you all of the processes that are connected to port 22.
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1900 root 5u IPv4 15494 0t0 TCP *:22 (LISTEN)
sshd 1900 root 7u IPv6 15496 0t0 TCP *:22 (LISTEN)
sshd 1296958 root 5u IPv4 20115240 0t0 TCP 10.244.13.128:22->10.79.96.124:53559 (ESTABLISHED)
sshd 1296964 howtouselinux 5u IPv4 20115240 0t0 TCP 10.244.13.128:22->10.79.96.124:53559 (ESTABLISHED)
There you have it! Three ways to check port status in Linux. Which one is your favorite? Let us know in the comments below.
David is a Cloud & DevOps Enthusiast. He has years of experience as a Linux engineer. He had working experience in AMD, EMC. He likes Linux, Python, bash, and more. He is a technical blogger and a Software Engineer. He enjoys sharing his learning and contributing to open-source.
howtouselinux.com is dedicated to providing comprehensive information on using Linux.
We hope you find our site helpful and informative.
How to Find Out List of All Open Ports in Linux
In this article, we will briefly talk about ports in computer networking and move to how you can list all open ports in Linux.
In computer networking, and more definitely in software terms, a port is a logical entity which acts as a endpoint of communication to identify a given application or process on an Linux operating system. It is a 16-bit number (0 to 65535) which differentiates one application from another on end systems.
The two most popular Internet transport protocols, Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) and other less known protocols use port numbers for communication sessions (source and destination port numbers in conjunction with the source and destination IP addresses).
In addition, a combination of an IP address, port and protocol such as TCP/UDP is known as a socket, and every service must have a unique socket.
Below are the different categories of ports:
- 0-1023 – the Well Known Ports, also referred to as System Ports.
- 1024-49151 – the Registered Ports, also known as User Ports.
- 49152-65535 – the Dynamic Ports, also referred to as the Private Ports.
You can view a list of different applications and port/protocol combination in /etc/services file in Linux using cat command:
$ cat /etc/services OR $ cat /etc/services | less
# /etc/services: # $Id: services,v 1.48 2009/11/11 14:32:31 ovasik Exp $ # # Network services, Internet style # IANA services version: last updated 2009-11-10 # # Note that it is presently the policy of IANA to assign a single well-known # port number for both TCP and UDP; hence, most entries here have two entries # even if the protocol doesn't support UDP operations. # Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports # are included, only the more common ones. # # The latest IANA port assignments can be gotten from # http://www.iana.org/assignments/port-numbers # The Well Known Ports are those from 0 through 1023. # The Registered Ports are those from 1024 through 49151 # The Dynamic and/or Private Ports are those from 49152 through 65535 # # Each line describes one service, and is of the form: # # service-name port/protocol [aliases . ] [# comment] tcpmux 1/tcp # TCP port service multiplexer tcpmux 1/udp # TCP port service multiplexer rje 5/tcp # Remote Job Entry rje 5/udp # Remote Job Entry echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users systat 11/udp users daytime 13/tcp daytime 13/udp qotd 17/tcp quote qotd 17/udp quote msp 18/tcp # message send protocol msp 18/udp # message send protocol chargen 19/tcp ttytst source chargen 19/udp ttytst source ftp-data 20/tcp ftp-data 20/udp # 21 is registered to ftp, but also used by fsp ftp 21/tcp ftp 21/udp fsp fspd ssh 22/tcp # The Secure Shell (SSH) Protocol ssh 22/udp # The Secure Shell (SSH) Protocol telnet 23/tcp telnet 23/udp
To list all open ports or currently running ports including TCP and UDP in Linux, we will use netstat, is a powerful tool for monitoring network connections and statistics.
$ netstat -lntu Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN tcp 0 0 . 22 . * LISTEN tcp 0 0 . 80 . * LISTEN tcp 0 0 . 25 . * LISTEN udp 0 0 0.0.0.0:68 0.0.0.0:*
- -l – prints only listening sockets
- -n – shows port number
- -t – enables listing of tcp ports
- -u – enables listing of udp ports
You can also use ss command, a well known useful utility for examining sockets in a Linux system. Run the command below to list all your open TCP and UCP ports:
$ ss -lntu Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 *:68 *:* tcp LISTEN 0 128 . 22 . * tcp LISTEN 0 128 *:22 *:* tcp LISTEN 0 50 *:3306 *:* tcp LISTEN 0 128 . 80 ::* tcp LISTEN 0 100 . 25 . * tcp LISTEN 0 100 *:25
Make it a point to read through the man pages of the commands above for more usage information.
In summary, understanding the concept of ports in computer networking is very vital for system and network administrators. You can as well go through this netstat guide with simple, precise and well explained examples.
Last but not least, get in touch with us by sharing other methods for listing open ports in Linux or asking a question via the response form below.