Skip to Content

How to check Open Ports in Ubuntu

There are a few different ways to check open ports in Ubuntu. In this blog post, we will discuss three of them: lsof, netstat, and ss. Each of these commands has its own advantages and disadvantages, so let’s take a look at them each one by one.

ss -tlpn
lsof -iTCP -sTCP:LISTEN -nP
netstat -tlpn | grep LISTEN

understanding TCP port UDP port in Ubuntu

In order to better understand how to check open ports in Ubuntu, it is first necessary to understand what a TCP port and UDP port are.

TCP (Transmission Control Protocol) is a connection-oriented protocol that is typically used for transmitting data over a network. A TCP port is simply a number that represents a specific connection point for communication. When data is transmitted over a network using TCP, it is first sent to a specific TCP port on the receiving side. The receiving side then uses that port number to route the data to the correct application or process.

When a port is in the “listen” state, it means that the server is actively listening for connections on that port. This means that the server is ready to accept incoming data connections from other devices.

UDP (User Datagram Protocol) is a connectionless protocol that is typically used for transmitting data over a network. When data is transmitted over a network using UDP, it does not establish a connection with the receiving side before sending data. Instead, it simply sends the data to the specified UDP port on the receiving computer. The receiving computer then uses that port number to route the data to the correct application or process.

Check open port with ss command in Ubuntu

The best way to check open port in Ubuntu is using ss command. It is a utility that can be used to display information about socket connections. Open the terminal and type sudo ss -tlpn. It will list all the open ports in the output.

ss -tlpn
Let’s see one example.

ss -tlpn
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=450,fd=13))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=375562,fd=3))
tcp LISTEN 0 100 127.0.0.1:25 0.0.0.0:* users:(("master",pid=1727,fd=13))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=375562,fd=4))

From the above example, we can see that port 53 22 and 25 are open on this system.

The ss command can be used to show both TCP and UDP socket connections. To view only TCP socket connections, use the -t option. To view only UDP socket connections, use the -u option.

The ss command can be used to show socket connections in a number of different formats. The most common format is the “listen” format, which displays all the sockets that are in the “listen” state. The “established” format displays all the sockets that have established a connection with another socket. The “all” format displays all sockets, regardless of their state.

  • To view all TCP sockets in the “listen” state, use the following command: ss -lt
  • To view what process is listening on a specific port number: The ss -p option can be used to display the process ID (PID) of the process that is listening on a specific port number.

Check open port with lsof command in Ubuntu

Lsof is a command that lists all open files. This includes network connections, so it is perfect for our needs. To use lsof, simply type “lsof -i” into the terminal. This will list all Internet sockets (the -i stands for Internet). You can also specify a port number after the -i to only list sockets on that port. For example, “lsof -i :80” will only show you information about port 80.

To list all the open port, we can use the following command.

lsof -iTCP -sTCP:LISTEN -nP
Here is one example on my system.

lsof -iTCP -sTCP:LISTEN -nP
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 450 systemd-resolve 13u IPv4 19871 0t0 TCP 127.0.0.53:53 (LISTEN)
master 1727 root 13u IPv4 26259 0t0 TCP 127.0.0.1:25 (LISTEN)
sshd 375562 root 3u IPv4 42383582 0t0 TCP *:22 (LISTEN)
sshd 375562 root 4u IPv6 42383584 0t0 TCP *:22 (LISTEN)

lsof -i -P -n | grep LISTEN

  • -i: This option specifies which sockets to list information about. You can either list all sockets (-i), sockets on a specific port (-i :port).
  • -P: This option inhibits the conversion of port numbers to port names. It is useful when port name lookup is not working properly.
  • -n: This option tells lsof not to use DNS name lookups.
  • | grep LISTEN : Again only show ports in LISTEN state using the grep command as a filter.

Check open port with netstat command in Ubuntu

Netstat is a command that shows network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. It can be used to find open ports as well. To use netstat, simply type “netstat -tulpn” into the terminal.

The -t option tells netstat to show only TCP sockets, the -u option tells it to show only UDP sockets, the -l option tells it to show only listening sockets, the -p option tells it to show the PID and process name for each socket, and finally the -n option tells it to show numerical addresses instead of trying to resolve them to hostnames.

netstat -tulpn | grep LISTEN

If netstat, lsof or ss aren’t installed on your system by default, most package managers will have them available. For instance, on Debian systems they can be installed by running “apt install net-tools”. Once installed, they should be available on the command line.

That’s all for this blog post! We hope you found it helpful. If you have any questions or comments, feel free to leave them in the comments section below. And don’t forget to share this blog post with your friends if you found it helpful!