How to check the open port in linux

How to check open ports in Linux using the CLI

I need to list all open ports in Linux cloud server. How do I check open ports in Linux using the CLI? Can you give me the command to check open ports in Linux operating system?

To troubleshoot server problems and to avoid security issue, one needs to find out open TCP and UDP ports. In this tutorial, you will learn the different Linux commands to check open ports in Linux for auditing and securing the server.

Tutorial details
Difficulty level	Easy
Root privileges	Yes
Requirements	Linux command line
Est. reading time	5 minutes

What the hell are a TCP and UDP ports?

A port is nothing but a 16-bit number between 0 to 65535. For example, TCP port number 22 may be forwarded to the OpenSSH server. Therefore, 22 port number is a way to identify the sshd (OpenSSH server) process.

Port numbers

• The Well Known Ports are those from 0 through 1023.
• The Registered Ports are those from 1024 through 49151.
• The Dynamic and Private Ports are those from 49152 through 65535.

A registered port is a network port assigned by the Internet Assigned Numbers Authority (IANA) and stored in /etc/services file. Use the cat command or grep command/egrep command to view port numbers and service mappings:

Display a list of applications and their ports assigned by IANA

Check open ports in Linux

The procedure to monitor and display open ports in Linux is as follows:

1. Open a Linux terminal application
2. Use ss command to display all open TCP and UDP ports in Linux.
3. Another option is to use the netstat command to list all ports in Linux.
4. Apart from ss / netstat one can use the lsof command to list open files and ports on Linux based system.
5. Finally, one can use nmap command to check TCP and UDP ports too.

Let us see all commands and examples in details.

Using netstat to list open ports

• No ads and tracking
• In-depth guides for developers and sysadmins at Opensourceflare✨
• Join my Patreon to support independent content creators and start reading latest guides:
  • How to set up Redis sentinel cluster on Ubuntu or Debian Linux
  • How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)
  • How to set up Mariadb Galera cluster on Ubuntu or Debian Linux
  • A podman tutorial for beginners – part I (run Linux containers without Docker and in daemonless mode)
  • How to protect Linux against rogue USB devices using USBGuard

Join Patreon ➔

• -t : All TCP ports
• -u : All UDP ports
• -l : Display listening server sockets
• -p : Show the PID and name of the program to which each socket belongs
• -n : Don’t resolve names
• | grep LISTEN : Only display open ports by applying grep command filter.

Use ss to list open ports

The ss command is used to dump socket statistics. It allows showing information similar to netstat. It can display more TCP and state information than other tools. The syntax is:
sudo ss -tulpn
Sample outputs:

Listening ports and applications using lsof command

Let us run the following to check open TCP and UDP ports using the lsof command:
sudo lsof -i -P -n | grep LISTEN

Where,

• -i : Look for listing ports
• -P : Inhibits the conversion of port numbers to port names for network files. Inhibiting the conversion may make lsof run a little faster. It is also useful when port name lookup is not working properly.
• -n : Do not use DNS name
• | grep LISTEN : Again only show ports in LISTEN state using the grep command as filter.

nmap command

In addition, to above commands one can use the nmap command which is an open source tool for network exploration and security auditing. We are going to use nmap to find and list open ports in Linux:
$ sudo nmap -sT -O localhost
$ sudo nmap -sU -O 192.168.2.254 ##[ list open UDP ports ]##
$ sudo nmap -sT -O 127.0.0.1 ##[ list open TCP ports ]##
$ sudo nmap -sTU -O 192.168.2.24
Sample outputs:

The open port doesn’t mean anyone from outside can access those ports

So far, you know how to find and list open TCP and UDP ports on Linux. However, those ports can still be blocked by software, cloud, or hardware firewall. Hence, you need to verify that your corporate firewall is not blocking incoming or outgoing access. For instance on Linux server we list or dump firewall rules using the following syntax:
sudo iptables -S
# IPv6
sudo ip6tables -S

Conclusion

In conclusion, finding out open ports is one of the most fundamental duties of a Linux system administrator for security reasons. Therefore, close down all unwanted ports and configure firewall such as UFW and FirewallD to open or block ports as per your requirements. After reading this tutorial, you should have a good understanding of how to check for open ports in Linux. See IANA’s offical list of TCP, UDP and other ports here for more information.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via

Источник

How to check for open ports on Linux

The command netstat is present on all computer OS (Operating Systems) to monitor network connections. The following command uses netstat to show all listening ports using the TCP protocol:

Where:
netstat: calls the program.
-l: lists listening ports.
-t: specifies TCP protocol.

The output is human friendly, well ordered in columns showing the protocol, received and sent packets, local and remote IP addresses and the port state.

If you change the TCP protocol for UDP the result, at least on Linux, will display only open ports without specifying the state because contrary to the TCP protocol, the UDP protocol is stateless.

You can avoid specifying protocols and use only the option -l or –listen to get information on all ports listening independently of the protocol:

The option above will display information for TCP, UDP and Unix socket protocols.

All examples above show how to print information on listening ports without established connections. The following command shows how to display listening ports and established connections:

Where:
netstat: calls the program
-v: verbosity
-a: shows active connections.
-t: shows tcp connections
-n: shows ports in numerical value

Let’s say you identified a suspicious process in your system and you want to check associated ports to it. You can use the command lsof used to list open files associated to processes.

In the next example I will check the process 19327:

Where:
lsof: calls the program
-i: lists files interacting with internet, the option 4 instructs to print only IPv4, the option 6 is available for IPv6.
-a: instructs the output to be ANDed.
-p: specifies the PID number of the process you want to check.

As you see the process is associated with the listening smtp port.

How to check for open ports on linux remotely

If you want to detect ports on a remote system the most widely used tool is Nmap (Network Mapper). The following example shows a single port scan against Linuxhint.com:

The output is ordered in 3 columns showing the port, the port state and the service listening behind the port.

By default nmap scans the most common 1000 ports only. If you want nmap to scan all ports run:

At the Related Articles section of this tutorial you can find additional tutorials on Nmap to scan ports and targets with many additional options.

Removing services on Debian 10 buster

Additionally to firewall rules to keep your ports blocked removing unnecessary services is recommended. Under Debian 10 Buster this can be achieved with apt.
The following example shows how to remove the Apache 2 service using apt:

If requested press Y to end the removal.

How to close open ports on Linux using UFW

If you find open ports you don’t need to be open the easiest solution is to close it using UFW (Uncomplicated Firewall)
There are two ways to block a port, by using the option deny and with the option reject, the difference is the reject instruction will inform the second side the connection was rejected.

To block the port 22 using the rule deny just run:

To block the port 22 using the rule reject just run:

On the Related Articles section at the end of this tutorial you can find a good tutorial on Uncomplicated Firewall.

How to close open ports on Linux using iptables

While UFW is the easiest way to manage ports, it is a frontend for Iptables.
The following example shows how to reject connections to the port 22 using iptables:

The rule above instructs to reject all tcp incoming (INPUT) connections to destination port (dport) 22. Being rejected the source will be informed the connection was rejected.

The following rule just drops all packets without informing the source the connection was rejected:

I hope you found this brief tutorial useful. Keep following LinuxHint for additional updates and tips on Linux and Networking.

Related articles:

About the author

David Adams

David Adams is a System Admin and writer that is focused on open source technologies, security software, and computer systems.

Источник

How to check opened/closed ports on my computer?

How to check the opened/closed ports on my computer?

I used netstat -a on command line.

• Does the port status «LISTENING» indicate that the port is open?
• Is any port, that is not shown in the output, closed?

8 Answers 8

There’s a few parameters to netstat that are useful for this :

• -l or —listening shows only the sockets currently listening for incoming connection.
• -a or —all shows all sockets currently in use.
• -t or —tcp shows the tcp sockets.
• -u or —udp shows the udp sockets.
• -n or —numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.

You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:

In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)

** They can also be connecting/disconnecting from the peer.

You can use this command:

If it shows some process its used. Its closed(not used) if there is no output.

Another alternative command line easy to use to find out which process is using a port:

I added the next function in my .bash_profile,

and now run «pslisten 5060» to see who is grabing my SIP port.

It’s work with Apple Mac OS X too.

Is the port status «LISTENING» indicated that the port is opened?

Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.

Any port that are not shown in the output indicated that it’s closed?

Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)

All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss .

Источник

5 ways to check if a Port is open on a remote Linux PC

Knowing open ports from a Linux machine allows system administrators to connect to a remote computer, which can fix problems with the system and the cloud server. First, we will show you the TCP and UDP ports and how they are different before we start to find the open ports.

T here is an ample number of ways to check for any open ports on a remote Linux PC. Knowing open ports on a Linux machine helps system administrators to connect to the remote PC for troubleshooting system and cloud server issues.

TCP and UDP ports

TCP stands for Transmission Control Protocol. In this method, the computers get connected directly until the data transfer is taking place. Therefore, with this method, the data transfer is guaranteed and is reliable but puts a higher load on the server as it has to monitor the connection and the data transfer too.

UDP stands for User Datagram Protocol. Using this method, the data is sent in the form of little packages into the network with the hope that it reaches the final destination. It means the two computers are not connected directly to each other. This method does not provide any guarantee that the data you send will ever reach its destination. Load on the server is less, and so this method is used commonly by the system administrators first to try something that’s not so important.

Now that you know the types are ports on a Linux system, let’s get started with ways of finding the ones that are open.

Best ways to check if a Port is open on a Linux PC

There are multiple ways you can do it. However, the most reliable way to do this is by using the following commands:

• nc: netcat command
• nmap: network mapper tool
• telnet: telnet command
• echo > /dev/tcp/..
• netstat – tuplen

Let’s go through each method one by one.

1. netcat command

netcat is a simple Unix utility that can be used to write and read data using UDP and TCP protocol across network connections.

The primary reason for its design is to provide a back-end tool that works with the scripts and programs. It is also an exploration and network debugging tool that offers tons of features.

To use it, you need to install it in your distro using the respective installation commands.

By doing so, you can do the following operations with it.

• send UDP packets
• listen to arbitrary UDP and TCP ports
• Use IPv4 and IPv6 to do port scanning

Moreover, it also has three modes

The syntax of the command is as follows.

Let’s try to use it on a remote computer.

Showing nc command succeeding in connecting to an open port

As you can see, the connection succeeded. This means that port 22 is open. If the connection fails, then you will get an error message of “failed: Connection refused”

In the above command, we also used different options. Let’s list them below.

• z: zero-I/O mode which is used for scanning
• v: for verbose output
• w10: timeout wait seconds

2. nmap command

Nmap command is popular network security, auditing, and exploration command. Nmap stands for Network Mapper.

It also has a way to check for open ports. To do so, it utilizes a novel approach to using IP packets. It can also be used to learn about the services the host is providing. Other vital aspects that it can detect include operating system version, packet firewalls/filters, and so on! It is a useful tool.

Let’s see the nmap syntax below.

As you can see, its syntax matches that of the nc command. Let’s run it to get a better understanding.

Running nmap command to check open port

If the port is closed, then it will show status is closed.

nmap command shows closed status for 103 port on 192.168.0.2

3. telnet command

The next command that we will go through is the telnet command. It is an old interactive communication command.

It is specially created for the remote computer interaction, and that’s why we are going to use it to check for open ports on a remote computer. The command is available on both Windows and Linux systems, but on a Windows system, it needs to be enabled before use. It runs over a TCP/IP network. Also, it connects over a remote computer or network equipment over port 23.

One more thing that you need to know is that it is not a secure protocol and must be used with SSH if you want to be encrypted and secure.

To install telnet in RHEL 7 or CentOS 7, you need to use the following command.

For Ubuntu, use the following command

The syntax of the command is as below.

Shows telnet command in action with a successful connection

If the connection fails, then the port is not open, and you will get the following output.

Shows connection refused using the telnet command

4. echo > /dev/tcp/…

There is another way to check for open ports. In Linux, everything is a file, including the host status and its port availability. This can come handy in cases where no commands are working on the remote host.

The syntax of the command is as below

Port is “open” output

5. netstat -tuplen

The last command that we are going to discuss is the netstat command. It is a network utility TCP/IP command. It is used to print connections, interface statistics, multicast membership, and other network-related tasks.

The syntax of the command is as below.

It will output the whole list of the IP addresses. The entries that have “Listen” in the “State” column are the open ports.

Shows the output of netstat-tuplen

Conclusion

This leads us to the end of our five ways to check if a Port is open on a remote Linux PC. So, which way are you going to use to connect to your remote Linux PC? Comment below and let us know.

Источник