How to Check Open Ports in Linux

Introduction

Network ports are standardized number identifiers that allow devices to use one IP address to handle multiple network requests simultaneously. Since there are 65535 port numbers, keeping a record of which ports are in use can be challenging.

This article will teach you how to check for open listening ports on a Linux system using five popular networking tools.

Prerequisites

• A Linux distribution installed on a computer.
• Administrative access to the command line.

What Is a Listening Port?

Applications and services use listening ports to listen for incoming network requests. Each listening port is tied to an IP address and a communication protocol such as TCP or UDP.

Depending on the network setup, listening ports can be open or closed.

• Open ports accept outside connections using the correct protocol.
• Closed ports do not accept all the connections. They communicate with a predetermined outside service or application while a firewall blocks other attempted connections.

One listening port tied can host only one service. For instance, if there is a web server on the system that already uses port 80, any other installed web server will have to use a different, non-default port number.

How to Check Open Ports in Linux?

Linux users can check open ports using multiple available networking tools. Each tool displays the same results, but the output format and the amount of information vary.

The following sections provide instructions for checking open ports using lsof, netstat, ss, Nmap, and netcat utilities.

Check Ports via lsof Command

The lsof command allows users to list the programs that utilize listening ports and daemons that maintain active network connections.

Use the lsof command to:

• Display a list of ports in use:

sudo lsof -nP -iTCP -sTCP:LISTEN

The command outputs a list of the connections that use the TCP protocol.

• Check a specific port number with this syntax:

sudo lsof -nP -i:[port-number]

For example, to check if port 5054 is in use, type:

sudo lsof -nP -i:5054

If the port is free, the command shows no output. If an application is using the port, the output shows its details:

• Specify the protocol you wish to scan by adding it to the -i option.

For example, to check if the UDP port 53 is open, type:

sudo lsof -nP -iUDP:53

The output shows if an application already uses the port.

Check Ports via netstat Command

The netstat command provides a network activity overview and statistics. Use the command below to display the listening ports on the system with netstat:

sudo netstat -tunpl

The command uses five command arguments:

• -t – Queries the command for TCP ports.
• -u – Queries for UDP ports.
• -n – Avoids DNS lookup and shows only IP addresses to speed up the process.
• -p – Displays the process ID and the name of the program using the port.
• -l – Outputs listening ports.

Identify the listening ports/sockets by checking the State column and looking for the label LISTENING.

Check Ports via ss Command

The ss command is a faster and easier-to-use version of the obsolete netstat command. It uses the same options as netstat, but provides more statistics in the output.

The following command scans TCP and UDP ports for listening sockets and displays them in a list:

sudo ss -tunl

The listening ports/sockets are marked as LISTEN in the State column.

Check Ports via nmap Command

The Nmap utility allows users to scan for open ports on local and remote systems. Execute the command below to scan for all open TCP and UDP ports on the local system:

sudo nmap -n -PN -sT -sU -p- localhost  

The following are the nmap options used in the example.

• -n – Skips DNS resolution.
• -PN – Skips the discovery phase.
• -sT and -sU – Tell netstat to scan TCP and UDP ports, respectively.
• -p- – Scans all the ports.

The output lists the open ports alongside the services that use them.

sudo nmap -p U:1-1023 localhost

Check Ports via nc Command

The nc command in Linux allows users to control the netcat utility. netcat can scan the ports on local and remote systems and provide information on whether the ports are open, closed, or filtered by a firewall.

Scan all the ports on the local system by typing:

nc -z -v localhost 1-65535

The -z flag enables the zero-I/O mode used for scanning, while the -v option tells netcat to produce verbose output.

When the command is executed, netcat attempts to connect to all the ports and reports on the success for each port. Scanning many ports at once produces an extensive output.

To show only the ports where the connection succeeded, i.e., the open ports, use the 2>$1 expression to redirect the output. Then, pipe the expression to the grep command and search for the word succeeded.

nc -z -v localhost 1-65535 2>&1 | grep succeeded

By default, netcat scans TCP ports. To check UDP ports, add the -u option:

nc -z -v -u localhost 1-65535 2>&1 | grep succeeded

Conclusion

After reading this article, you should know how to use the five popular Linux utilities to check for open ports. Knowing which ports are open on your system may help you detect an intrusion or troubleshoot network-related issues.