How to Check (Scan) for Open Ports in Linux?

Checking open ports can help you identify any unnecessary or potentially harmful ports that are open on your system to gain access to your system or network. Having unnecessary ports open can impact the performance of your system, as it consumes resources and slows down your system. So to get information regarding such ports and later closing them will help you protect your system.

 By going through this article, you’ll learn various methods to check (scan) for open ports in Linux, and it’ll cover the following.

Let’s study the above methods in detail.

Difference Between Open and Listening ports

An open port actively listens for incoming traffic. It is a port ready to accept incoming connections or data packets.

A listening port is a network port actively waiting for incoming connections or data packets. It is a port that is open and ready to accept inbound traffic.

Method 1: Checking the State of the Port Using the netstat Command

The netstat is a command line utility that allows users to get information about network connections, routing tables, and many other network-related stats. The most frequent use of the netstat command is to check the state of the port, which is done using this syntax.

$ netstat <Options>

The following “a” option will be used with the netstat command to check all open ports and filter the result using the grep command.

$ netstat -a | grep LISTEN

The above image shows all the ports with the state ‘LISTEN’, meaning that the TCP, UDP, or other ports are ready to be used by remote connection(s).

Method 2: Checking the State of the Port Using the nmap Command

The nmap is a great tool widely used to scan the open ports on a host using which you can connect. To use it, you’re required to specify the target host or network. This tool is highly efficient as you can specify a single or a range of ports to check whether they’re open. The syntax of the nmap command is as follows.

$ nmap host-name -p <Port-To-Scan>

And here’s an example of using the nmap to scan “” and the port we’re checking is 80.

$ nmap -p 80

When the above command is executed, the results are displayed where the “STATE” indicates the status of the port, which can be seen in the image.

Method 3: Checking the State of the Port Using the lsof Command

The lsof command is a command line utility used to view open files on the Linux system. It is mainly used to check the state of network ports on a system, and the users must provide a port number as the argument. Here’s the syntax of the lsof command to check the port’s state in Linux.

$ sudo lsof -i <Port-To-Check>

The following example checks the status of all (TCP & UDP) ports using the lsof command.

$ sudo  lsof -i

The lsof is a great tool to view which file has acquired which port and which of the port is available, as seen in the above image.

Method 4: Checking the State of the Port Using the ss Command

The ss command’s output is almost the same as netstat, but it displays all listening ports numerically. To view a list of open ports, the following syntax is used.

$ ss -tulpn | grep <Port-No>

The above image shows that all listening ports are displayed (filtered using the grep command).

Note: It displays all ports (both TCP and UDP), so don’t worry if you find a UDP port that isn’t in the above image.


Users who need to check if the port is opened may find it a bit difficult, although it is not as several command line tools are used, which it can be done. The most widely used tools from the list of many are explained with an example in this article.