How to Check Listening Ports in Linux
To Check Listening Ports in Linux
After configuring the network, checking the ports which are still listening on the network interface is one of the important things in network management and security. This article will help you to check Listening ports in Linux. Following examples help you to find listen port after network configuration.
Checking Listening Ports
Use nmap command with following option to view listening ports for TCP.
[root@node2 Desktop]# nmap -sT -O localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2017-02-25 01:49 IST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0019s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
631/tcp open ipp
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 - 3.9
Network Distance: 0 hops
Use ss command to display all listen tcp and udp port.
[root@node2 Desktop]# ss -lntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp UNCONN 0 0 *:45113 *:*
tcp UNCONN 0 0 *:111 *:*
tcp UNCONN 0 0 *:123 *:*
.
.
.
tcp LISTEN 0 128 :::80 :::*
tcp LISTEN 0 128 :::22 :::*
tcp LISTEN 0 128 ::1:631 :::*
Use netstat command to list all open ports or currently running ports including TCP and UDP in Linux.
[root@node2 Desktop]# netstat -lntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:36393 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
.
.
.
udp6 0 0 :::683 :::*
udp6 0 0 ::1:323 :::*
udp6 0 0 :::54192 :::*
To view a list of different applications and port/protocol combination in single configuration file.
[root@node2 Desktop]# cat /etc/services | less
To view particular listening port in configuration file, run the following command
[root@node2 Desktop]# cat /etc/services | grep 80
http 80/tcp www www-http # WorldWideWeb HTTP
http 80/udp www www-http # HyperText Transfer Protocol
http 80/sctp # HyperText Transfer Protocol
socks 1080/tcp # socks proxy server
.
.
.
nimbusdb 48004/tcp # NimbusDB Connector
nimbusdbctrl 48005/tcp # NimbusDB Control
3gpp-cbsp 48049/tcp # 3GPP Cell Broadcast Service Protocol
Filter the particular listen port details by its service name using netstat.
[root@node2 Desktop]# netstat -anp | grep httpd
tcp6 0 0 :::80 :::* LISTEN 13560/httpd
unix 3 [ ] STREAM CONNECTED 69292 13560/httpd
Filter the particular listen port details by its port name using lsof.
[root@node2 Desktop]# lsof -i | grep 22
rpc.statd 2350 rpcuser 7u IPv4 22736 0t0 UDP *:43289
rpc.statd 2350 rpcuser 8u IPv4 22740 0t0 TCP *:36393 (LISTEN)
rpc.statd 2350 rpcuser 9u IPv6 22744 0t0 UDP *:54192
rpc.statd 2350 rpcuser 11u IPv6 22748 0t0 TCP *:35835 (LISTEN)
master 2404 root 13u IPv4 22844 0t0 TCP localhost:smtp (LISTEN)
master 2404 root 14u IPv6 22845 0t0 TCP localhost:smtp (LISTEN)
Also filter the listening port details by ss commands.
[root@node2 Desktop]# ss -lnt | grep 80
LISTEN 0 128 :::80 :::*
Comments ( 0 )
No comments available