How to Check Open Ports in Linux

check open ports in linux

During the troubleshooting of services running on a Linux system, checking open ports is one of the tasks any user or administrator should consider performing. If a service is expected to be running but for some reason it's not, then most likely the port associated with that service is closed and should be opened.

In this tutorial, we will demonstrate how to check open ports in a Linux from the command line.

1) Check open ports using ss command

The Linux ss command gives you detailed insights on open ports and listening sockets. It draws information from the Linux kernel and is more preferred to the netstat command which has been deprecated.

To display listening  TCP connections, run the command

$ ss -tl

Sample output

display listening TCP connections

l - Shows listening sockets

t - Stands for TCP port

To display listening  UDP connections, issue the command

$ ss -lu

Sample output

display listening UDP connections

u - Stands for UDP port

or

To display both tcp and udp, process name

$ ss -lntup

p - List process name that opened sockets

To print out all socket connections, simply use the ss command in its default format

$ ss

Sample output

ss command

2) Check open ports using netstat command

The netstat command is a powerful command tool that is used for checking open TCP and UDP ports alongside other attributes. To check open ports, issue the command:

$ netstat -pnltu

Sample output

check open ports - netstat command

Let's take a closer look at the command options:

p - Displays the Procees ID associated with a service or Program name

n - Displays the numerical number of the port running e.g 3306 for mysqld,  and 22 for sshd.

l -  Shows listening sockets

t - Displays TCP connections

u - Displays UDP connections

3) Check open ports using the lsof command

The lsof command is a network command tool that can also be used to check open ports in a Linux system. To display open ports, issue the command

$ lsof -i

Sample output

check open ports - lsof -i command

If you wish to display open sockets, use the lsof command and pipe the output to grep as shown:

$ lsof -n -P | grep LISTEN

Sample output

display open sockets

To view all TCP connections execute :

$ lsof -i tcp

Sample output

list tcp connections

To display all UDP  connections run the command:

$ lsof -i udp

Sample output

list udp connections

4) Check open ports using the Nmap utility

Nmap is a free and opensource network scanning tool usually used for reconnaissance in ethical hacking for discovering open ports of remote systems. By default, Nmap does not come installed on your system. To install Nmap, issue the command

$ sudo apt install nmap  (For Debian/ Ubuntu)

$ sudo yum install nmap (For RedHat/ CentOS)

$ sudo dnf install nmap (For Fedora)

$ pacman -S nmap (ArchLinux)

To scan for open TCP ports, run the command

$ nmap -sT -O localhost

Sample output

nmap scan open ports

To scan for open UDP ports, run the command:

$ nmap -sU localhost

Sample output

nmap scan udp ports

Wrapping up

Those are the linux commands and tools used for port scanning to check open ports in a Linux system. As always, your feedback is most welcome. If you have other ideas on how to check open ports, do get in touch with us.

Read Also:

Winnie Ondara 11:35 am

Comments

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.

2 Comments

  1. net-tools has been deprecated since 2011, you should NOT RECOMMEND netstat. The replacement from the iproute2 tools is the "ss" command (and other tools). It's literally in the netstat man pages:

    NOTES
    This program is mostly obsolete. Replacement for netstat is ss. Replacement for netstat -r is ip route. Replacement for netstat -i is ip -s link. Replacement for netstat -g is ip maddr.

    1. Thanks, cmdr for your contribution. But note we have not mentioned net-tools anywhere on this tutorial as you've stated. It's true that netstat command has been deprecated, however, it still comes in handy when you want to quickly check if a service is listening on a specific port.