Главная » Linux

Monitoring ports on linux

На чтение 10 мин Просмотров 1 Опубликовано
Содержание
  1. How to check for open ports on your Ubuntu server
  2. Prerequisites
  3. The difference between addresses
  4. Check for open ports using nmap
  5. Check for open ports using lsof
  6. Check for open ports using netstat
  7. Check open ports using ss
  8. Conclusion
  9. Get Started For
  10. 4 Ways to Find Out What Ports Are Listening in Linux
  11. 1. Using Netstat Command
  12. 2. Using ss Command
  13. 3. Using Nmap Command
  14. 4. Using lsof Command
  15. How to Watch TCP and UDP Ports in Real-time
  16. List All Open Ports in Linux
  17. Watch TCP and UDP Open Ports in Real-Time

How to check for open ports on your Ubuntu server

This guide explains different methods to check for open ports on your Webdock server. An open port is a port on which some process or application is running and it can accept data. In this guide we will use different tools to find out which ports are open.

An open port is defined as a port which has a service listening and accepting connections. You may find that you have services listening on ports which despite this are not accessible from the internet. This is what your firewall does: Block access to ports which you haven’t explicitly allowed access to. For a guide on managing your firewall, take a look at our UFW guide here.

Prerequisites

The difference between addresses

It matters whether a service is listening to a port on 127.0.0.1 (localhost) or if it is listening on 0.0.0.0 — typically what this means is that a service listening on localhost is only accessible from the host machine itself and not the wider internet. If you see a service listening on all interfaces (*) or 0.0.0.0 then the service is accessible from the internet — unless actively firewalled, which you will need to check for in Iptables or by running «ufw status» if you use UFW to manage your firewall.

Check for open ports using nmap

Network mapper or nmap is an open source tool used to scan networks and find open ports on a host. The following command will scan all the ports on the host.

Starting Nmap 7.80 ( https://nmap.org ) at 2021-06-12 06:03 UTC Nmap scan report for localhost (127.0.0.1) Host is up (0.0000090s latency). Not shown: 995 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 80/tcp open http 443/tcp open https 3306/tcp open mysql Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds

In order to check a specific port whether it is open or not, use the -p option to specify the port.

Starting Nmap 7.80 ( https://nmap.org ) at 2021-06-12 06:04 UTC Nmap scan report for localhost (127.0.0.1) Host is up (0.000054s latency). PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds

Be careful using nmap as if you accidentally start scanning the entire network, you risk that your IP address will be banned.

Читайте также:  Hetman partition recovery linux

Check for open ports using lsof

The lsof (list open files) command, as name suggests, is used to list all the open files in linux. These files may be network sockets, disk files or devices opened by different processes. Use the lsof command along with the -nP options to list all open sockets.

$ sudo lsof -nP | grep LISTEN
. snip. redis-ser 511 513 redis-ser redis 6u IPv4 662257788 0t0 TCP 127.0.0.1:6379 (LISTEN) redis-ser 511 513 redis-ser redis 7u IPv6 662257789 0t0 TCP [::1]:6379 (LISTEN) redis-ser 511 515 redis-ser redis 6u IPv4 662257788 0t0 TCP 127.0.0.1:6379 (LISTEN) redis-ser 511 515 redis-ser redis 7u IPv6 662257789 0t0 TCP [::1]:6379 (LISTEN) redis-ser 511 517 redis-ser redis 6u IPv4 662257788 0t0 TCP 127.0.0.1:6379 (LISTEN) redis-ser 511 517 redis-ser redis 7u IPv6 662257789 0t0 TCP [::1]:6379 (LISTEN) . snip.

List only the TCP open sockets.

. snip. pure-ftpd 303 root 4u IPv4 662259745 0t0 TCP *:ftp (LISTEN) pure-ftpd 303 root 5u IPv6 662259746 0t0 TCP *:ftp (LISTEN) sshd 304 root 3u IPv4 662258731 0t0 TCP *:ssh (LISTEN) sshd 304 root 4u IPv6 662258733 0t0 TCP *:ssh (LISTEN) ..snip.

For UDP open sockets, use the following command.

systemd-r 254 systemd-resolve 12u IPv4 662203276 0t0 UDP localhost:domain

Check for open ports using netstat

The netstat (network statistic) command can be used to monitor and scan networks. Get a list of all tcp and udp open ports using the netstat command.

. snip. tcp 0 0 localhost:27017 0.0.0.0:* LISTEN tcp 0 0 localhost:mysql 0.0.0.0:* LISTEN tcp 0 0 localhost:6379 0.0.0.0:* LISTEN tcp 0 0 localhost:11211 0.0.0.0:* LISTEN . snip.
. snip. tcp 0 0 localhost:27017 0.0.0.0:* LISTEN tcp 0 0 localhost:mysql 0.0.0.0:* LISTEN tcp 0 0 localhost:6379 0.0.0.0:* LISTEN tcp 0 0 localhost:11211 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN tcp6 0 0 [::]:ftp [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN . snip.
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 localhost:domain 0.0.0.0:*

Check open ports using ss

The ss command is used to list detailed information of the network sockets. It provides more detailed information than the netstat command. List all the listening ports on a linux system.

Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process nl UNCONN 0 0 rtnl:systemd/1 * nl UNCONN 0 0 rtnl:kernel * nl UNCONN 0 0 rtnl:systemd-resolve/254 * nl UNCONN 0 0 rtnl:systemd-resolve/254 * nl UNCONN 0 0 rtnl:systemd/1 * . snip.

To list only TCP listening ports, use the -lt flag.

. snip. LISTEN 0 128 0.0.0.0:ssh 0.0.0.0:* LISTEN 0 511 0.0.0.0:https 0.0.0.0:* LISTEN 0 4096 127.0.0.1:27017 0.0.0.0:* LISTEN 0 70 127.0.0.1:mysql 0.0.0.0:* LISTEN 0 511 127.0.0.1:6379 0.0.0.0:* . snip.

For UDP listening ports, use the -lu flag.

State Recv-Q Send-Q Local Address:Port Peer Address:Port Process UNCONN 0 0 127.0.0.53%lo:domain 0.0.0.0:*

Conclusion

There are different tools available to monitor open ports on your server. In this guide we discussed how we can check for open ports on Webdock server using different command line tools like nmap, ss, netstat and lsof.

  • Related
    • Server Security Checklist
    • How to work with your firewall (UFW — Uncomplicated Firewall)
    • SSH Security Configuration Settings
    • How to configure Fail2Ban for common services
    • How to Secure Nginx with Naxsi Firewall on Ubuntu 18.04 VPS
    • How to Secure Nginx with Naxsi Firewall on Ubuntu 20.04 VPS
    • How to configure Security Headers in Nginx and Apache
    • How to enable Encryption for MariaDB
    • How to Scan Your Webdock Server for Malware and Virus
    • How To Use Our Free BotGuard Bot Protection

    If you need any help regarding this article or if you have any questions regarding hosting in general, please be in touch.

    Webdock is a world-class hosting provider aimed at professionals and semi-professionals with the goal of providing an absolutely awesome and rock-solid hosting experience.

    We use cookies. Please see our Privacy Policy. OK

    Get Started For

    • 24 hour free trial
    • Free Control Panel
    • Epic Support
    • Free Snapshots
    • Free Bot Protection
    • Free SSL
    Rated Excellent on Trustpilot

    • Need Help
    • Become An Affiliate
    • Sign Up To Newsletter

    Источник

    4 Ways to Find Out What Ports Are Listening in Linux

    The state of a port is either open, filtered, closed, or unfiltered. A port is said to be open if an application on the target machine is listening for connections/packets on that port.

    In this article, we will explain four ways to check open ports and also will show you how to find which application is listening on what port in Linux.

    1. Using Netstat Command

    Netstat is a widely used tool for querying information about the Linux networking subsystem. You can use it to print all open ports like this:

    The flag -l tells netstat to print all listening sockets, -t shows all TCP connections, -u displays all UDP connections and -p enables printing of application/program name listening on the port.

    Check Open Ports Using Netstat Command

    To print numeric values rather than service names, add the -n flag.

    Show Numeric Values

    You can also use grep command to find out which application is listening on a particular port, for example.

    $ sudo netstat -lntup | grep "nginx"

    Find Port of Running Application

    Alternatively, you can specify the port and find the application bound to, as shown.

    $ sudo netstat -lntup | grep ":80"

    Find Application Using a Port Number

    2. Using ss Command

    ss command is another useful tool for displaying information about sockets. It’s output looks similar to that of netstat. The following command will show all listening ports for TCP and UDP connections in numeric value.

    Find Open Ports Using ss Command

    3. Using Nmap Command

    Nmap is a powerful and popular network exploration tool and port scanner. To install nmap on your system, use your default package manager as shown.

    $ sudo apt install nmap [On Debian/Ubuntu] $ sudo yum install nmap [On CentOS/RHEL] $ sudo dnf install nmap [On Fedora 22+]

    To scan all open/listening ports in your Linux system, run the following command (which should take a long time to complete).

    $ sudo nmap -n -PN -sT -sU -p- localhost

    4. Using lsof Command

    The final tool we will cover for querying open ports is lsof command, which is used to list open files in Linux. Since everything is a file in Unix/Linux, an open file may be a stream or a network file.

    To list all Internet and network files, use the -i option. Note that this command shows a mix of service names and numeric ports.

    List Open Network Files Using lsof Command

    To find which application is listening on a particular port, run lsof in this form.

    Find Application Using Port

    That’s all! In this article, we have explained four ways to check open ports in Linux. We also showed how to check which processes are bound upon particular ports. You can share your thoughts or ask any questions via the feedback form below.

    Источник

    How to Watch TCP and UDP Ports in Real-time

    In software terms, especially at the operating system level, a port is a logical construct that identifies a specific process/application or a type of network service and each network service running on a Linux system uses a particular protocol (the most common being the TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)) and a port number for communicating with other processes or services.

    In this short article, we will show you how to list and monitor or watch running TCP and UDP ports in real-time with a socket summary on a Linux system.

    List All Open Ports in Linux

    It is also crucial to mention that netstat command has been deprecated and instead ss command has taken its place in showing more detailed network statistics.

    $ sudo netstat -tulpn OR $ sudo ss -tulpn

    List Open Ports in Linux

    From the output of the above command, the State column shows whether a port is in a listening state (LISTEN) or not.

    In the above command, the flag:

    • -t – enables listing of TCP ports.
    • -u – enables listing of UDP ports.
    • -l – prints only listening sockets.
    • -n – shows the port number.
    • -p – show process/program name.

    Watch TCP and UDP Open Ports in Real-Time

    However, to watch TCP and UDP ports in real-time, you can run the netstat or ss tool with the watch utility as shown.

    $ sudo watch netstat -tulpn OR $ sudo watch ss -tulpn

    Watch Open Ports in Real Time in Linux

    You will also find the following articles useful:

    That’s all for now! If you have any questions or thoughts to share about this topic, reach us via the comment section below.

    Источник

Оцените статью
© 2023 Posetke
Adblock
detector