Networking

Open ports in Linux

Part of the network diagnosis is to check the services with open ports on Linux.

How to Check Open Ports on Linux

To check open ports with netstat, the “-tunl” options can be used:

-t for TCP
-u for UDP
-n to not resolve names
-l for open doors (listen)

In this example, netstat lists the open TCP/UDP ports:

$ sudo netstat -tunlp
Activate Internet connections (servers only)
Proto Local Address State PID/Program name
TCP 127.0.0. 53:53 LISTEN 24813/systemd-resol
TCP 0.0.0. 0:22 LISTEN 9857/sshd
tcp6::22 LISTEN 9857/sshd
UDP 127.0.0. 53:53 24813/systemd-resol

The ss command can also show open ports with the identical option:

ss -tunnel

NetID Local Address:Port Peer Address:Port
dp 127.0.0.53% lo:53 0.0.0.0: * (“systemd-resolve”, pid=355)
dp 0.0.0. 0:68 0.0.0.0: * (“dhclient”, pid=17984)
dp 0.0.0. 0:5353 0.0.0.0: * (“avahi-daemon”, pid=27533)
tcp 0.0.0. 0:22 0.0.0.0: * (“sshd”, pid=14825)

lsof command on Linux

Since everything in Linux is a file, network connections can also be viewed as an “open file”. The “lsof” command can be used in this context to view files that correspond to Internet addresses.

The lsof “-i” option filters open files from the type of Internet addresses. It is necessary to run lsof as root:

$ sudo lsof -i
COMMAND PID USER FD TYPE NODE NAME
sshd 9857 root 3u IPv4 TCP *:ssh (LISTEN)
sshd 9857 root 4u IPv6 TCP *:ssh (LISTEN)
systemd-r 24813 systemd-resolve 12u IPv4 UDP localhost:domain
systemd-r 24813 systemd-resolve 13u IPv4 TCP localhost:domain (LISTEN)

fuser command on Linux

The “fuser” command can also be used to display information about a particular open port. It identifies the processes through the files or sockets, returning the PID of the processes:

$ sudo fuser 22/TCP
22/TCP: 9857 24313 2440

To find out which process is using a particular file:

$ fuser -v /bin/bash
USER PID ACCESS COMMAND
/usr/bin/bash: ec2-user 16092… and. bash

The netstat, ss, lsof, and fuser commands are used to view the local machine’s open ports.

There is a tool called nmap that can also discover the open ports of both the local machine and the remote machines.

Learn much more about Linux in our books.

Did you like it? Share

Uirá Endy Ribeiro

Uirá Endy Ribeiro is a Software Developer and Cloud Computing Architect with a 23-year career. He has master's degrees in computer science and fifteen IT certifications and is the author of 11 books recognized in the IT world market. He is also Director at Universidade Salgado de Oliveira and Director of the Linux Professional Institute - LPI Director's Board.
Uirá Endy Ribeiro

Uirá Endy Ribeiro is a Software Developer and Cloud Computing Architect with a 23-year career. He has master's degrees in computer science and fifteen IT certifications and is the author of 11 books recognized in the IT world market. He is also Director at Universidade Salgado de Oliveira and Director of the Linux Professional Institute - LPI Director's Board.

Leave a Comment
Share
Published by
Uirá Endy Ribeiro
2 years ago

Recent Posts

Sudo command on Linux (privilege scale) [Basic Guide]

The sudo command on Linux executes a given command as if it were another user.…

2 years ago

SS command on Linux (investigate the network) [Basic Guide]

The ss command on Linux is extremely useful for investigating sockets, providing various information about…

2 years ago

Free Linux command (memory usage) [Basic Guide]

Free Linux command shows the amount of total memory in use and available, as well…

2 years ago

Linux while command (loop – while) [Basic Guide]

The shell has structures for testing conditions and executing certain program sequences several times (loop),…

2 years ago

Linux fstab file (disk mount setup) [Basic Guide]

The /etc/fstab file stores the configuration of which devices should be mounted and what is…

2 years ago

Netcat command on Linux (Swiss network knife) [Basic Guide]

The Netcat Command in Linux or nc is a utility used to do “almost anything”…

2 years ago

This website uses cookies.