How to check ports in use in Linux

tux_question

Know which ports are in use on a system is a basic task for any administrator. From configuring interfaces to intrusion protection and going through any troubleshooting we can imagine, we must be able to check if a port is providing some kind of service in our environment.

Imagine the situation in which you have installed the CUPS printing service in your system and you do not know if the service has started correctly and raised its corresponding port 631 or its optional 515. In this guide we will show you three basic commands to detect the ports used by a system and what is its status.

Next we will review 3 basic commands that are especially useful in the administration of any system. Is about lsof, netstat and nmap, utilities that we will run from the terminal console and with root privileges.

Lsof command

The command lsof is the most basic of how many we lend you and, being a native of Linux, the base that every user should know. To know the ports open in the system through this command, you must enter a sequence like the following, which it will show you various information where we will highlight: the name of the application (for example, sshd), the socket of the program (in this case the IP address 10.86.128.138 associated with port 22 that is LISTENING) and the identifier of the process (which would be 85379).

$ sudo lsof -i -P -n
$ sudo lsof -i -P -n | grep LISTEN

lsof-outputs
Netstat command

The command netstat varies slightly in its syntax with respect to the previous one but presents some parameters much easier to memorize thanks to a simple mnemonic word. From now on do not forget the word slut, which refers to the following characteristics:

How to resize Linux partition
Related article:
Resize Ubuntu partitions
  • p: Shows the connections for the specified protocol which can be TCP or UDP.
  • u: List all UDP ports.
  • t: List all TCP ports.
  • o: Displays the timer.
  • n: Shows the port number.
  • a: Displays all active connections in the system.

Thus, entering the command and filtering it with a pipe we can get information about a certain port.

$ netstat -putona | grep numero-de-puerto

netstat_slut

Nmap command

Nmap It is a utility that we allows to perform a multitude of scans in our system and one of them, the one of open ports in the equipment. To execute it we must introduce a sequence of the type nmap -sX -OY, taking X the value T or U for TCP or UDP connection respectively and the value Y the IP address of our machine (or localhost for short). Take a look at the following example.

</pre>
$ sudo nmap -sU -O localhost
$ sudo nmap -sT -O 192.168.0.1
<pre>

With these three applications you already have enough tools to determine the open ports of your machine. Do you use the same tools or do you know any other way to verify the open ports of a system?


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

5 comments, leave yours

Leave a Comment

Your email address will not be published.

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Pierre said

    I do not understand anything. Normal, I'm not a specialist, but it's interesting 🙂

  2.   pilgrim lily said

    Hello, good day, how can I see the data that is arriving through a port?
    I have a device that by gprs sends me strings to port 10005 of my ubuntu and I need by terminal to see the strings that are coming to me, can you please support me? Thank you. slds

  3.   Puldar Sand said

    With the command netstat -putona I observe that the address 127.0.0.1 appears in two protocols tcp and upd, in both cases port 53. Is this normal or correct? Coincidentally I have problems with the dnsmasq and zimbra desktop that does not lift in ubuntu 16.04.

    In trying to start zimbra it shows me: Page 127.0.0.1 has rejected the connection.

    I appreciate your help in joining this community.

  4.   J.Jeimison said

    Very good.

    Just add: With ls you can know the path of the process and there are also other commands such as ss or fuser with which we can see which process is using a port.

    Seen here: https://www.sysadmit.com/2018/06/linux-que-proceso-usa-un-puerto.html

  5.   George V. said

    Excellent, well summarized and explained, I do not forget about PUTONA hehe. ;-D