In the next article we are going to take a look at how we can find the listening ports on our Ubuntu system. Knowing which ports are in use in a system is a basic task for any administrator, both when configuring interfaces and when protecting against intrusions, the following lines can be useful.
If you are an administrator, you will know that the servers created for public access will have services that will listen on the assigned ports to carry out communication. This situation causes ports that are not in use to remain open or listening in some cases, which may cause others to seek to exploit the situation.
We can identify network ports by their number, the associated IP address and the type of communication protocol (TCP or UDP). In our Ubuntu system we will be able to find some default commands that we can use to scan our computer for open ports.
The steps that we are going to see next, will show some commands to find the listening ports. To identify them in Ubuntu, you just have to follow one of the following steps:
Find the open ports (listening ports) in Ubuntu
Using the netstat command
This is a command line tool that can offer us information related to IP addresses, network connections, ports and services that communicate in these ports.
In case you do not have this tool installed in Ubuntu, you will be able to get hold of it by opening a terminal (Ctrl + Alt + T) and using the command:
sudo apt install net-tools
Installation finished, if we want list the ports available on the server, run the following command:
sudo netstat -plnut
After executing the command together with the previous options, we should see something similar to the following on the screen:
The options that we use in the previous command will be the following:
- -p Displays the PID.
- -l Will show only listening ports.
- -n It will show us numeric addresses instead of resolving hosts.
- -u Show UDP ports.
- -t Show TCP ports.
In case of wanting view only a specific service name or port, we can use the command in the terminal netstat with the options we used in the previous command, while also using grep.
sudo netstat -plnt | grep :139
Using the lsof command
This is another known Unix-like operating systems monitoring tool, which is used to display all the disk files that are kept open by processes, including open network sockets and pipes, among other types.
The command lsof is another available utility, which we will be able to run in the Ubuntu terminal and which it will allow us to see the network information. To list all the TCP ports that are listening, we will only have to use the lsof command, accompanied by the following options:
sudo lsof -nP -iTCP -sTCP:LISTEN
Using the ss command
By default netstat is not installed on Ubuntu, but we can find the command available ss which is installed as a replacement for netstat. As with netstat, the command ss used to display network information on Gnu / Linux systems. Both share almost the same command options, so to be able to check the listening ports, all you have to do is open a terminal (Ctrl + Alt + T) and write in it:
sudo ss -plnut
The output of the previous command, as before with the netstat command, should show us something similar to the following screenshot:
In case you dedicate yourself to administering a server or are a webmaster and you want to make sure that only the necessary ports are open on your Ubuntu server, the steps that we have just seen may be useful when looking for listening ports that are not in use and that may pose a risk.