How to Check Open Ports in Linux

July 12, 2023

Introduction

Network ports are standardized number identifiers that allow devices to use one IP address to handle multiple network requests simultaneously. Since there are 65535 port numbers, keeping a record of which ports are in use can be challenging.

This article will teach you how to check for open listening ports on a Linux system using five popular networking tools.

How to check open ports in Linux.

Prerequisites

  • A Linux distribution installed on a computer.
  • Administrative access to the command line.

What Is a Listening Port?

Applications and services use listening ports to listen for incoming network requests. Each listening port is tied to an IP address and a communication protocol such as TCP or UDP.

Depending on the network setup, listening ports can be open or closed.

  • Open ports accept outside connections using the correct protocol.
  • Closed ports do not accept all the connections. They communicate with a predetermined outside service or application while a firewall blocks other attempted connections.

One listening port tied can host only one service. For instance, if there is a web server on the system that already uses port 80, any other installed web server will have to use a different, non-default port number.

How to Check Open Ports in Linux?

Linux users can check open ports using multiple available networking tools. Each tool displays the same results, but the output format and the amount of information vary.

The following sections provide instructions for checking open ports using lsof, netstat, ss, Nmap, and netcat utilities.

Check Ports via lsof Command

The lsof command allows users to list the programs that utilize listening ports and daemons that maintain active network connections.

Use the lsof command to:

  • Display a list of ports in use:
sudo lsof -nP -iTCP -sTCP:LISTEN

The command outputs a list of the connections that use the TCP protocol.

Using the lsof command to check for open ports.
  • Check a specific port number with this syntax:
sudo lsof -nP -i:[port-number]

For example, to check if port 5054 is in use, type:

sudo lsof -nP -i:5054

If the port is free, the command shows no output. If an application is using the port, the output shows its details:

The lsof command showing details for a specific port.
  • Specify the protocol you wish to scan by adding it to the -i option.

For example, to check if the UDP port 53 is open, type:

sudo lsof -nP -iUDP:53

The output shows if an application already uses the port.

The lsof command showing details for a specific protocol and port.

Check Ports via netstat Command

The netstat command provides a network activity overview and statistics. Use the command below to display the listening ports on the system with netstat:

sudo netstat -tunpl

The command uses five command arguments:

  • -t - Queries the command for TCP ports.
  • -u - Queries for UDP ports.
  • -n - Avoids DNS lookup and shows only IP addresses to speed up the process.
  • -p - Displays the process ID and the name of the program using the port.
  • -l - Outputs listening ports.

Identify the listening ports/sockets by checking the State column and looking for the label LISTENING.

Using the netstat command to check for listening ports.

Check Ports via ss Command

The ss command is a faster and easier-to-use version of the obsolete netstat command. It uses the same options as netstat, but provides more statistics in the output.

The following command scans TCP and UDP ports for listening sockets and displays them in a list:

sudo ss -tunl

The listening ports/sockets are marked as LISTEN in the State column.

Checking ports with the ss command.

Check Ports via nmap Command

The Nmap utility allows users to scan for open ports on local and remote systems. Execute the command below to scan for all open TCP and UDP ports on the local system:

sudo nmap -n -PN -sT -sU -p- localhost  

The following are the nmap options used in the example.

  • -n - Skips DNS resolution.
  • -PN - Skips the discovery phase.
  • -sT and -sU - Tell netstat to scan TCP and UDP ports, respectively.
  • -p- - Scans all the ports.

The output lists the open ports alongside the services that use them.

Checking open ports with the nmap command.

Note: If you want to scan a port range, specify it with the -p option. For example, to scan only the UDP ports from 1 to 1023, type:

sudo nmap -p U:1-1023 localhost

Check Ports via nc Command

The nc command in Linux allows users to control the netcat utility. netcat can scan the ports on local and remote systems and provide information on whether the ports are open, closed, or filtered by a firewall.

Note: In CentOS, RHEL, and Debian the natcat command is ncat.

Scan all the ports on the local system by typing:

nc -z -v localhost 1-65535

The -z flag enables the zero-I/O mode used for scanning, while the -v option tells netcat to produce verbose output.

When the command is executed, netcat attempts to connect to all the ports and reports on the success for each port. Scanning many ports at once produces an extensive output.

To show only the ports where the connection succeeded, i.e., the open ports, use the 2>$1 expression to redirect the output. Then, pipe the expression to the grep command and search for the word succeeded.

nc -z -v localhost 1-65535 2>&1 | grep succeeded
Scanning open ports with netcat.

By default, netcat scans TCP ports. To check UDP ports, add the -u option:

nc -z -v -u localhost 1-65535 2>&1 | grep succeeded
Scanning open UDP ports with netcat.

Conclusion

After reading this article, you should know how to use the five popular Linux utilities to check for open ports. Knowing which ports are open on your system may help you detect an intrusion or troubleshoot network-related issues.

Was this article helpful?
YesNo
Marko Aleksic
Marko Aleksić is a Technical Writer at phoenixNAP. His innate curiosity regarding all things IT, combined with over a decade long background in writing, teaching and working in IT-related fields, led him to technical writing, where he has an opportunity to employ his skills and make technology less daunting to everyone.
Next you should read
How to Open a Port in Linux
December 15, 2022

The port number is a virtual concept in computer networking that provides a network identifier for a service or application. This article shows how to open a port in Linux...
Read more
How to Forward Ports With Iptables in Linux
January 12, 2023

Port forwarding is a NAT technique that allows proxy firewalls to redirect communication requests from one IP address and port to another. This tutorial teaches you how to...
Read more
How to Change the SSH Port?
February 13, 2023

Leaving the default port 22 for SSH creates a security issue that makes the server vulnerable to cyber threats such as brute-force attacks. Therefore, changing the default SSH port...
Read more
How to Ping Specific Port Number
September 5, 2024

Port numbers help identify where an Internet or other network message is forwarded when it arrives. Learn how to ping a port in Windows and Linux...
Read more