Ports are like doorways that let apps and programs on your Linux system send and receive data. If you want to see which ports are in use, which ones are open, or just figure out what’s going on with your network, you’ve come to the right place.
In this guide, we’ll walk through multiple ways to check ports in Linux using simple commands. By the end, you’ll feel more comfortable working with ports and knowing what’s happening on your system.
What Are Ports?
Before jumping into the commands, let’s take a moment to understand what ports are:
- Ports are numbers that identify specific programs or apps running on your computer. For example:
- Web server ports are typically use port 80 (HTTP) or port 443 (HTTPS).
- Remote logins through SSH typically use port 22.
- Every port has a number between 0 and 65535, which fall into three main groups:
- 0–1023: Reserved for common protocols like HTTP and FTP.
- 1024–49151: For applications you install.
- 49152–65535: Temporary ports used when apps connect to a service.
With that out of the way, let’s explore how to check what’s happening with your ports.
How to Check Ports in Linux
Linux has a number of tools to help you check open or listening ports. Below, we’ll walk through five common methods and explain what each one does.
1. Using netstat
The netstat command gives you a detailed view of network connections and port usage.
Open a terminal and type:
netstat -tuln
Here’s what each option means:
- -t: Show TCP (Transmission Control Protocol) ports.
- -u: Show UDP (User Datagram Protocol) ports.
- -l: Show only ports that are actively listening.
- -n: Skip translating program names (e.g., “ssh”) into port numbers, which makes it faster.
What You’ll See:
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:68 0.0.0.0:*
Here’s how to read this:
- Proto: Shows whether it’s TCP or UDP.
- Local Address: Your machine’s IP and the port in use.
- Foreign Address: The IP and port of the other machine (or * if it’s open to all).
- State: For TCP, LISTEN means it’s waiting for connections.
Quick Note: netstat is part of the net-tools package, which may not come pre-installed on newer Linux versions. Install it using:
sudo apt install net-tools # On Debian/Ubuntu
sudo yum install net-tools # On RHEL/CentOS
2. Using ss
ss is a newer, faster alternative to netstat. It gives similar information but works better on modern systems.
Run the following command:
ss -tuln
The options are the same as netstat, so you should be able to jump right in.
What You’ll See:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:68 0.0.0.0:*
This output is similar to netstat, but ss tends to be faster, especially if you’re dealing with a lot of connections.
3. Using lsof
lsof (List Open Files) is a handy tool for seeing which files or network connections are being used by processes.
To see which ports are open and what’s using them, run:
sudo lsof -i -P -n
- -i: Filters for network-related files.
- -P: Shows raw port numbers instead of service names.
- -n: Skips translating IP addresses to hostnames for speed.
What You’ll See:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1234 root 3u IPv4 12345 0t0 TCP *:22 (LISTEN)
dhclient 5678 root 6u IPv4 54321 0t0 UDP *:68
- COMMAND: The program using the port.
- PID: The process ID.
- NAME: The port and protocol (e.g., TCP on port 22).
Why It’s Useful:
If you’re troubleshooting and need to find out which process is using a specific port, lsof is your go-to tool.
4. Using nmap
nmap (Network Mapper) is ideal for scanning networks and checking which ports are open.
To scan all ports, run:
sudo nmap -sT -p- localhost
- -sT: Performs a TCP connect scan.
- -p-: Scans all 65,535 ports.
What You’ll See:
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
- PORT: The port number and protocol (TCP or UDP).
- STATE: Tells you if the port is open, closed, or filtered (blocked by a firewall).
- SERVICE: The common name of the service using the port.
Why nmap is Useful:
nmap is great if you want a complete view of all open ports on your system or need to scan another machine.
5. Using nc (Netcat)
Netcat is a simple but powerful tool for checking if a specific port is open.
To check if port 22 is open, type:
nc -zv localhost 22
- -z: Just scan for open ports without sending data.
- -v: Show detailed output.
What You’ll See:
Connection to localhost 22 port [tcp/ssh] succeeded!
Why It’s Useful:
If you just need to quickly check whether a specific port is open, nc does the job without much fuss.
Making Sense of the Results
When you check ports, here’s what the results usually mean:
- Listening/Open Ports: These ports are ready to accept connections. For example, a web server will listen on port 80 or 443.
- Closed Ports: These ports aren’t in use, so they won’t accept connections.
- Filtered Ports: These ports are blocked by a firewall or security rule, so they appear invisible.
Common Scenarios
When checking ports, you may come across the following scenarios:
- You see a port open you didn’t expect: This might mean a program is running that you don’t need or recognize. It’s a good idea to investigate further.
- A port you need is closed: The program might not be running, or a firewall could be blocking it.
Securing Your System
Checking ports is just the first step. Here are a few ways to tidy things up:
Stop Unnecessary programs:
If a program is running on a port you don’t need, turn it off:
sudo systemctl stop
sudo systemctl disable
Use a Firewall:
Limit access to ports using a tool like ufw (Uncomplicated Firewall):
sudo ufw allow 22 # Allow SSH
sudo ufw deny 80 # Block HTTP
Regularly Monitor Ports:
Make it a habit to check open ports now and then, especially if you’re running a server.
Wrapping Up
Checking ports in Linux doesn’t have to be complicated. Whether you use netstat, ss, lsof, nmap, or nc, each tool gives you a slightly different view of what’s going on. Pick the one that works best for your needs and don’t be afraid to explore. The more you practice, the easier it gets!