Do you know how to check open ports in Linux? There are a few different ways to do it, and in this blog post we will discuss three of them: lsof, netstat, and ss. Each of these commands has its own advantages and disadvantages, so let’s take a look at them each one by one.
understanding TCP and UDP port in Linux
In order to better understand how to check open ports in Linux, it is first necessary to understand what a TCP port and UDP port are.
TCP (Transmission Control Protocol) is a connection-oriented protocol that is typically used for transmitting data over a network. A TCP port is simply a number that represents a specific connection point for communication. When data is transmitted over a network using TCP, it is first sent to a specific TCP port on the receiving computer. The receiving computer then uses that port number to route the data to the correct application or process.
UDP (User Datagram Protocol) is a connectionless protocol that is typically used for transmitting data over a network. When data is transmitted over a network using UDP, it does not establish a connection with the receiving computer before sending data. Instead, it simply sends the data to the specified UDP port on the receiving computer. The receiving computer then uses that port number to route the data to the correct application or process.
Understanding port status Listen in Linux
When a port is in the “listen” state, it means that the computer is actively listening for connections on that port. This means that the computer is ready to accept incoming data connections from other devices. When a port is not in the “listen” state, it means that the computer is not actively listening for connections on that port.
Check open port with ss command in Linux
The best way to check open port in Linux is using ss command. It is a utility that can be used to display information about socket connections. Open the terminal and type sudo ss -tulpn. It will list all the open ports in the output.
The ss command can be used to show both TCP and UDP socket connections. To view only TCP socket connections, use the -t option. To view only UDP socket connections, use the -u option.
The ss command can be used to show socket connections in a number of different formats. The most common format is the “listen” format, which displays all the sockets that are in the “listen” state. The “established” format displays all the sockets that have established a connection with another socket. The “all” format displays all sockets, regardless of their state.
- To view all TCP sockets in the “listen” state, use the following command: ss -lt
- To view all UDP sockets in the “listen” state, use the following command: ss -lu
- To view what process is listening on a specific port number: The ss -p option can be used to display the process ID (PID) of the process that is listening on a specific port number.
- To view the PID of the process that is listening on port 8080, use the following command: ss -pl 8080
Check open port with lsof command in Linux
Lsof is a command that lists all open files. This includes network connections, so it is perfect for our needs. To use lsof, simply type “lsof -i” into the terminal. This will list all open Internet sockets (the -i stands for Internet). You can also specify a port number after the -i to only list sockets on that port. For example, “lsof -i :80” will only show you information about port 80.
sudo lsof -i -P -n | grep LISTEN
- -i: This option specifies which sockets to list information about. You can either list all sockets (-i), sockets on a specific port (-i :port).
- -P: This option inhibits the conversion of port numbers to port names. It is useful when port name lookup is not working properly.
- -n: This option tells lsof not to use DNS name lookups.
- | grep LISTEN : Again only show ports in LISTEN state using the grep command as a filter.
Check open port with netstat command in Linux
Netstat is a command that shows network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. It is perfect for our needs as well. To use netstat, simply type “netstat -tulpn” into the terminal.
The -t option tells netstat to show only TCP sockets, the -u option tells it to show only UDP sockets, the -l option tells it to show only listening sockets, the -p option tells it to show the PID and process name for each socket, and finally the -n option tells it to show numerical addresses instead of trying to resolve them to hostnames.
sudo netstat -tulpn | grep LISTEN
If netstat, lsof or ss aren’t installed on your system by default, most package managers will have them available. For instance, on Debian systems they can be installed by running “apt install net-tools”. Once installed, they should be available on the command line.
If you need to scan for open ports on a remote system, nmap is a great tool. It can be used to scan for open ports on both local and remote systems. To install nmap on Debian systems, run “apt install nmap”. Once installed, you can use it by running “nmap [ip address]”, where [ip address] is the IP address of the system you want to scan.
That’s all for this blog post! We hope you found it helpful. If you have any questions or comments, feel free to leave them in the comments section below. And don’t forget to share this blog post with your friends if you found it helpful!
gralion torile
Sunday 22nd of January 2023
Hello there, I found your site via Google while looking for a related topic, your website came up, it looks good. I have bookmarked it in my google bookmarks.