Discovering and Displaying Open Ports on Linux.
Explore More; Unveiling the Essence of Disk Partitioning in Linux
Enhance Linux server security by actively identifying open TCP and UDP ports on popular distributions like CentOS, Ubuntu, RHEL, and Debian. Administrators can employ essential commands such as ss
, lsof
, netstat
, nmap
, and netcat
. Use these commands to reveal a comprehensive list of active ports, empowering administrators to address security vulnerabilities and safeguard data. Whether it’s checking the status of connections with ss
, examining open files with lsof
, or inspecting network statistics with netstat
, these commands provide valuable insights. The versatile nmap
aids in network exploration, while netcat
facilitates connection testing. Effectively utilizing these commands ensures a proactive approach to server security, fostering a robust defense against potential threats.
Check open ports in Linux
- Launch a Linux terminal.
- Type
ss
to display all open TCP and UDP ports. - Another option is to use the
nmap
lsof
netstat
netcat
1. ss command
The ss command in Linux actively presents listening ports and their associated networks. By employing specific parameters, the ss command dynamically identifies and exhibits Linux listening ports. Users can leverage the ss command with its intuitive syntax to gain insights into the network status, revealing both open ports and their corresponding connections. This versatile command not only showcases the listening ports but also provides a comprehensive view of the network activities, contributing to a more proactive and informed approach in managing server connections and ensuring robust system security.
sudo ss -tulpn
If you want your output to be organized and provide more relevant but concise information, you should run thess
command with the-ltn
flag:
sudo ss -ltn
Output:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*LISTEN 0 5 127.0.0.1:631 0.0.0.0:* LISTEN 0 70 127.0.0.1:33060 0.0.0.0:*LISTEN 0 151 127.0.0.1:3306 0.0.0.0:* LISTEN 0 5
In the sample output that you see, ports number 80, 3306, and 33060 are ports that HTTP and MySQL services use, and most Linux users are familiar with these ports.
Other connections on the server are in listening status on the designated ports. If this information is not enough for you and you need to know which open ports belong to which processes, you can run the -p option along with the ss command:
sudo ss -ltnp
Output:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:((“systemd-resolve”,pid=530,fd=13)) LISTEN 0 5 127.0.0.1:631 0.0.0.0:* users:((“cupsd”,pid=572,fd=7)) LISTEN 0 70 127.0.0.1:33060 0.0.0.0:* users:((“mysqld”,pid=2320,fd=32)) LISTEN 0 151 127.0.0.1:3306 0.0.0.0:* users:((“mysqld”,pid=2320,fd=34)) LISTEN 0 5
In the output of this command, it is determined which ports belong to mysqld, systemd-resolve, cupsd, and apache2 processes.
You can also use other options along with the ss command, such as:
- -l option: show listening ports
- -lt option: show listening TCP ports
- -tul option: Access a list of TCP and UDP listening ports
- -n option: to access the listening port of the specified service
It should be noted that you can also use the following command to get more detailed information about the ports that are listening for incoming connections:
ss -tuln | grep LISTEN
2.nmap command
Explore the capabilities of Nmap, an open-source network scanning and security auditing program. With this tool, actively search the network and pinpoint open ports on a remote local host. In a previous article, we delved into the detailed usage of the Nmap command for scanning open ports. In this article, we reiterate its significance.
To conduct a local host port scan using the Nmap command, input the IP address of the remote system or designate your own system as the LocalHost. Consider the following example to gain insight into actively scanning open ports and enhancing your network security.
sudo nmap -sT -O localhost sudo nmap -sU -O 192.168.2.254 ##[ list open UDP ports ]## sudo nmap -sT -O 127.0.0.1 ##[ list open TCP ports ]## sudo nmap -sTU -O 192.168.2.24
Sample output:
Starting Nmap 7.70 ( https://nmap.org ) at 2023-03-09 23:49 IST Nmap scan report for localhost (127.0.0.1) Host is up (0.00024s latency). Other addresses for localhost (not scanned): ::1 Not shown: 998 closed ports PORT STATE SERVICE 22/tcp open ssh 631/tcp open ipp Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 OS details: Linux 2.6.32 Network Distance: 0 hops OS detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 2.31 seconds
3.lsof command
Utilize the lsof command to discover processes initiated by users and access open TCP and UDP ports on your system. By executing the lsof command, actively investigate running processes and their associated ports.
Expand your exploration by employing various options tailored for specific purposes. Run the lsof command with different options to achieve diverse objectives, enhancing your ability to inspect and manage processes and network connections effectively.
- -i option: If you don’t have access to the IP address, this command will help you to view information about all network files.
- -p option: If you have a problem searching for the port name, you can use this option because it prevents the conversion of the port number of the network files into the port name.
- -n option: This option is useful when you don’t want to use the DNS name and it prevents the network number from converting the hostname of the network files.
- | grep LISTEN: organizes the output to show ports in LISTEN state.
The main syntax of this command is as follows:
sudo lsof -i -P -n
View a precise list of actively listening ports on your Linux system by using the following command. Unlike its counterpart, this command eliminates the drawback of occasionally displaying ports that aren’t genuinely open.
sudo lsof -i -P -n | grep LISTEN
4.netstat command
One of the useful commands for finding open ports is the netstat
command, which displays the open ports in a list format. The basic syntax of this command to list open ports is as follows:
sudo netstat -tulpn | grep LISTEN
Other options for different purposes can be executed with the netstat
command, including the following:
- -t: Display all TCP ports
- -u: Display all UDP ports
- -I: providing listening server sockets
- -P: Show PID and names of sockets programs
- -n: It is executed so that the names are not resolved
- | grep LISTEN: Filter the output to display open ports in LISTEN status using the grep command.
5.netcat command
The netcat command, along with other options, will have different meanings. We will explain how to find open ports through its options below:
- nifty -z: finding listening daemons without sending data to the port
- -v: getting more information and activating verbosity
You can also use the following command to scan open ports:
nc -z -v <IP-ADDRESS> 1-65535 2>&1 | grep -v ‘Connection refused’
Replace the IP-ADDRESS in the above command with the IP Address of the Linux system you want to find open ports.
As a result, by running the previous command, you will see open and accessible ports on your Linux system.
Show open ports linux using Powershell
Explore PowerShell’s network connection testing capability with the built-in cmdlet, Test-NetConnection. While traditionally a Windows-centric command line shell, PowerShell extends its reach to Linux using the TcpClient class. Achieve similar functionality to Linux’s netstat command with PowerShell’s “Get-NetTCPConnection” cmdlet, simplifying access to open TCP ports through various parameters. To obtain a list of listening ports, execute the command:
Get-NetTCPConnection -State Listen
As a result, all listening ports are displayed. In addition, you can run Powershell by running the following command:
Pwsh
Then create a file with your favorite text editor (we prefer the nano editor):
nano Test-Port.ps1
We created a file called Test-port.ps1.
Then add the following commands in the file you just created using the editor of your choice:
created using the editor of your choice:
<#
.SYNOPSIS
This function tests for open TCP/UDP ports.
.DESCRIPTION
This function tests any TCP/UDP port to see if it's open or closed.
.NOTES
.PARAMETER Computername
One or more remote, comma-separated computer names
.PARAMETER Port
One or more comma-separated port numbers you'd like to test.
.PARAMETER TcpTimeout
The number of milliseconds that the function will wait until declaring
the TCP port closed. Default is 1000.
.EXAMPLE
PS> Test-Port -Computername 'LABDC','LABDC2' -Protocol TCP 80,443
This example tests the TCP network ports 80 and 443 on both the LABDC
and LABDC2 servers.
#>
[CmdletBinding()]
[OutputType([System.Management.Automation.PSCustomObject])]
param (
[Parameter(Mandatory)]
[string[]]$ComputerName,
[Parameter(Mandatory)]
[int[]]$Port,
[Parameter()]
[int]$TcpTimeout = 1000
)
begin {
$Protocol = 'TCP'
}
process {
foreach ($Computer in $ComputerName) {
foreach ($Portx in $Port) {
$Output = @{ 'Computername' = $Computer; 'Port' = $Portx; 'Protocol' = $Protocol; 'Result' = '' }
Write-Verbose "$($MyInvocation.MyCommand.Name) - Beginning port test on '$Computer' on port '$Protocol<code>:$Portx'"
$TcpClient = New-Object System.Net.Sockets.TcpClient
$Connect = $TcpClient.BeginConnect($Computer, $Portx, $null, $null)
$Wait = $Connect.AsyncWaitHandle.WaitOne($TcpTimeout, $false)
if (!$Wait -or !($TcpClient.Connected)) {
$TcpClient.Close()
Write-Verbose "$($MyInvocation.MyCommand.Name) - '$Computer' failed port test on port '$Protocol</code>:$Portx'"
$Output.Result = $false
}
else {
$TcpClient.EndConnect($Connect)
$TcpClient.Close()
Write-Verbose "$($MyInvocation.MyCommand.Name) - '$Computer' passed port test on port '$Protocol<code>:$Portx'"
$Output.Result = $true
$TcpClient.Close()
$TcpClient.Dispose()
}
[pscustomobject]$Output
}
}
}
Finally, save your changes to the Test-Port.ps1 scrip and exit the editor.
To check whether the ports you want are open, for example, checking ports 80, 22, and 443, use the following example:
./Test-Port.ps1 -ComputerName localhost –Port 22,80,443
How to check open ports in Linux through UFW Linux firewall
Gain insights into the status of your firewall’s input and output access by employing the following command. Understanding firewall rules is crucial for accurately discerning open and blocked ports, as some may be restricted by the firewall and other software.
Execute the command to ascertain the firewall’s stance on blocking access:
sudo ufw status verbose
Sample OutPut:
Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip
Retrieve a comprehensive list of configured firewall rules on the Linux server by executing the following command. This reveals the intricacies of the firewall settings, shedding light on restrictions such as blocked incoming connections and specific disallowances for MySQL and HTTP connections on ports 80 and 3306.
sudo iptables -S # IPv6 # sudo ip6tables -S
Explore More;Unveiling the 5 Key Steps to Deploy Anaconda on Ubuntu Linux
Stay Connected on Meta , X, Instagram .