Checking open ports can help you identify any unnecessary or potentially harmful ports that are open on your system to gain access to your system or network. Having unnecessary ports open can impact the performance of your system, as it consumes resources and slows down your system. So to get information regarding such ports and later closing them will help you protect your system.
By going through this article, you’ll learn various methods to check (scan) for open ports in Linux, and it’ll cover the following.
- Difference Between Open and Listening ports
- Using the netstat Command
- Using the nmap Command
- Using the lsof Command
- Using the ss Command
Let’s study the above methods in detail.
Difference Between Open and Listening ports
An open port actively listens for incoming traffic. It is a port ready to accept incoming connections or data packets.
A listening port is a network port actively waiting for incoming connections or data packets. It is a port that is open and ready to accept inbound traffic.
Method 1: Checking the State of the Port Using the netstat Command
The netstat is a command line utility that allows users to get information about network connections, routing tables, and many other network-related stats. The most frequent use of the netstat command is to check the state of the port, which is done using this syntax.
$ netstat <Options>
The following “–a” option will be used with the netstat command to check all open ports and filter the result using the grep command.
$ netstat -a | grep LISTEN
The above image shows all the ports with the state ‘LISTEN’, meaning that the TCP, UDP, or other ports are ready to be used by remote connection(s).
Method 2: Checking the State of the Port Using the nmap Command
The nmap is a great tool widely used to scan the open ports on a host using which you can connect. To use it, you’re required to specify the target host or network. This tool is highly efficient as you can specify a single or a range of ports to check whether they’re open. The syntax of the nmap command is as follows.
$ nmap host-name -p <Port-To-Scan>
And here’s an example of using the nmap to scan “nmap.org” and the port we’re checking is 80.
$ nmap scanme.nmap.org -p 80
When the above command is executed, the results are displayed where the “STATE” indicates the status of the port, which can be seen in the image.
Method 3: Checking the State of the Port Using the lsof Command
The lsof command is a command line utility used to view open files on the Linux system. It is mainly used to check the state of network ports on a system, and the users must provide a port number as the argument. Here’s the syntax of the lsof command to check the port’s state in Linux.
$ sudo lsof -i <Port-To-Check>
The following example checks the status of all (TCP & UDP) ports using the lsof command.
$ sudo lsof -i
The lsof is a great tool to view which file has acquired which port and which of the port is available, as seen in the above image.
Method 4: Checking the State of the Port Using the ss Command
The ss command’s output is almost the same as netstat, but it displays all listening ports numerically. To view a list of open ports, the following syntax is used.
$ ss -tulpn | grep <Port-No>
The above image shows that all listening ports are displayed (filtered using the grep command).
Note: It displays all ports (both TCP and UDP), so don’t worry if you find a UDP port that isn’t in the above image.
Users who need to check if the port is opened may find it a bit difficult, although it is not as several command line tools are used, which it can be done. The most widely used tools from the list of many are explained with an example in this article.