Check whether a remote server port is open on Linux sonic0002 2017-12-23 11:45:20 31,445 0 As a system administrator or network engineer or application developer, there is a need to check whether a port on remote server is open so that you can tell whether the service under check is running or not. H ow do I find open ports on Linux or FreeBSD Unix server? There are different commands on both Linux and UNIX server to see what TCP/UDP ports are listening or open on your server. You can use netstat command, which prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships, etc.
When you are troubleshooting networking issues in Linux or are looking for ways to improve the security of your Linux machine, you will need to know if and which ports are open. In this article we will look at different ways to list or display open ports in Linux.
What is a Port?
A port is a 16-bit number (0 to 65535) to help identify a given application or process on a Linux (Unix) operating system. Port differentiates one application from another on a Linux system.
Below are the different categories of ports:
- 0 – 1023 – Referred to as Well Known Ports
- 1024 – 49151 –Referred to as Registered Ports
- 49152 – 65535 – Referred to as Dynamic Ports
Using the following command, a list of applications and ports is displayed on your terminal:
TCP: TCP stands for Transmission Control Protocol. It is the most commonly-used protocol on the Internet. TCP is not just one-way communication, rather it sends packets back to acknowledge it’s received your packets.
UDP: Also known as User Datagram Protocol. It is an alternative communications protocol to TCP. The UDP protocol works similar to TCP. However, it ignores all error-checking stuff. UDP is necessary when speed is desirable and error correction is not needed.
SOCKETS: Socket allows communication from two different processes on the same or different machines.
Let’s look at different ways to list an open port in Linux.
1. Netstat
In this method we will use the command
netstat -atu
to check for open ports in Linux.We used the
-a
, -t
and -u
flags for netstat.- -a: shows all sockets
- -t: shows TCP connections
- -u: shows UDP connections
You can also add the
-p
flag to show related PID of the process or program name.To display only UDP ports, you can use the following command:
Also, you can use the following command to search for TCP ports:
2. lsof
Instead of using netstat, we can use the
lsof
command to display open ports in Linux:The following command can also help to display open sockets:
Also, you can use the command below to list all TCP connections:
Moreover, you can use the following command for UDP connections:
3. Network Mapped Command
In this method we will use
nmap
to detect the open port on your system. We can use the following command to show tcp port connections:Finally, to show udp port connections, we can use the following command:
Conclusion
When it comes to the security of your Linux PC, the first thing to do is to close all unnecessary ports to prevent external access. With the methods listed above, you will be able to easily check for open ports on a Linux system and determine which ports should be closed or remain open.
Is this article useful?
Ebooks
A port is an addressable network location implemented in an operating system to help differentiate traffic destined for different services or applications. A port is always associated with an IP address of a host and the protocol type for the communication.
Ports are specified by a number ranging from 1 to 65535. There are different categories of ports.- 0-1023 – are “Well Known Ports” associated with services considered as critical or essential. They are also referred to as System Ports.
- 1024-49151 – are Registered Ports or User Ports and as the name indicates, can be reserved by sending a request to the Internet Assigned Numbers Authority (IANA).
- 49152-65535 – are called Dynamic Ports and are suggested for private use. They also referred to as the Private Ports.
A service is said to be “listening” on a port when it is binding to a port/protocol/IP address combination in order to wait for requests from clients of the service. Upon receipt of the request, it establishes a one-to-one server client dialog using the same port number.
Paying attention to which ports are listening on your network is important as open ports can be evidence of an intrusion on your network. Knowledge of the Linux open ports and the kind of information being sent out helps you to thwart malicious efforts aimed at your system. Knowing this is an important part of securing your system.
Do you wish to find out open ports or listening on a network? Read on.There are a number of ways and tools that are available for checking ports which might be listening on your network.
Let us look at a few ways.
- By using nmap. Note. Nmap is capable of revealing a lot of information which can make system administrators think that you are of an ill intent. So, therefore, only use nmap on your local systems as done here.
You need to first install nmap with the following command (Ubuntu).
The following command will indicate which ports are listening for TCP connections from the network.
The following command will indicate which ports are listening for UDP connections from the network.
The following command will indicate every TCP and UDP open port –
- By using netstat command to find open ports – enter the following command –
-l = only services which are listening on some port
-n = show port number, don’t try to resolve the service name
-t = enables listing of tcp ports
-u = enables listing of udp ports
- By using the ss command – enter the following command to list all open TCP and UDP ports.
- By using the lsof command
To display the list of open ports, enter the following command –
To display all open files, use:
Conclusion
In closing, knowledge about ports is essential for Linux enthusiasts and system administrators in particular. These tools (ss, lsof, netstat and nmap,) are quite flexible and can reveal a great deal about the status of the services running on a machine. You should check up their man pages for more information. You should know that this is just to get you exploring the leaks and exposures on your network. Hope you find this tutorial useful.