During the troubleshooting of services running on a Linux system, checking open ports is one of the tasks any user or administrator should consider performing. If a service is expected to be running but for some reason it’s not, then most likely the port associated with that service is closed and should be opened.
1) Check open ports using ss command
The Linux ss command gives you detailed insights on open ports and listening sockets. It draws information from the Linux kernel and is more preferred to the netstat command which has been deprecated.
To display listening TCP connections, run the command
$ ss -tl
Sample output
ss – socket statistics
l – Shows listening sockets
t – Stands for TCP port
To display listening UDP connections, issue the command
$ ss -lu
Sample output
u – Stands for UDP port
or
To display both tcp and udp, process name
$ ss -lntup
p – List process name that opened sockets
To print out all socket connections, simply use the ss command in its default format
$ ss
Sample output
2) Check open ports using netstat command
The netstat command is a powerful command tool that is used for checking open TCP and UDP ports alongside other attributes. To check open ports, issue the command:
$ netstat -pnltu
Sample output
Let’s take a closer look at the command options:
p – Displays the Procees ID associated with a service or Program name
n – Displays the numerical number of the port running e.g 3306 for mysqld, and 22 for sshd.
l – Shows listening sockets
t – Displays TCP connections
u – Displays UDP connections
3) Check open ports using the lsof command
The lsof command is a network command tool that can also be used to check open ports in a Linux system. To display open ports, issue the command
$ lsof -i
Sample output
If you wish to display open sockets, use the
lsof command and pipe the output to grep as shown:$ lsof -n -P | grep LISTEN
Sample output
To view all TCP connections execute :
$ lsof -i tcp
Sample output
To display all UDP connections run the command:
$ lsof -i udp
Sample output
4) Check open ports using the Nmap utility
Nmap is a free and opensource network scanning tool usually used for reconnaissance in ethical hacking for discovering open ports of remote systems. By default, Nmap does not come installed on your system. To install Nmap, issue the command
$ sudo apt install nmap (For Debian/ Ubuntu) $ sudo yum install nmap (For RedHat/ CentOS) $ sudo dnf install nmap (For Fedora) $ pacman -S nmap (ArchLinux)
To scan for open TCP ports, run the command
$ nmap -sT -O localhost
Sample output
To scan for open UDP ports, run the command:
$ nmap -sU localhost
Sample output
No comments:
Post a Comment