What Are Ports? How To Check Linux Open Ports?

sohail
sohail

Table of Contents

how to find open ports in linux

​A port is an addressable network location implemented in an operating system to help differentiate traffic destined for different services or applications. A port is always associated with an IP address of a host and the protocol type for the communication.
​Ports are specified by a number ranging from 1 to 65535. There are different categories of ports.

  • 0-1023 – are “Well Known Ports” associated with services considered as critical or essential. They are also referred to as System Ports.
  • 1024-49151 – are Registered Ports or User Ports and as the name indicates, can be reserved by sending a request to the Internet Assigned Numbers Authority (IANA).
  • 49152-65535 – are called Dynamic Ports and are suggested for private use. They also referred to as the Private Ports.

What is ‘Port Listening’?

A service is said to be “listening” on a port when it is binding to a port/protocol/IP address combination in order to wait for requests from clients of the service. Upon receipt of the request, it establishes a one-to-one server client dialog using the same port number.

Why do you need to know your Open Ports?

Paying attention to which ports are listening on your network is important as open ports can be evidence of an intrusion on your network. Knowledge of the Linux open ports and the kind of information being sent out helps you to thwart malicious efforts aimed at your system. Knowing this is an important part of securing your system.
​​
Do you wish to find out open ports or listening on a network? Read on.​There are a number of ways and tools that are available for checking ports which might be listening on your network.

​Let us look at a few ways.

  • By using nmap. Note. Nmap is capable of revealing a lot of information which can make system administrators think that you are of an ill intent. So, therefore, only use nmap on your local systems as done here.

You need to first install nmap with the following command (Ubuntu).

sudo apt-get update
sudo apt-get install nmap
The following command will indicate which ports are listening for TCP connections from the network. 
# sudo nmap -sT -O localhost
The following command will indicate which ports are listening for UDP connections from the network.
# sudo nmap -sU -O localhost
The following command will indicate every TCP and UDP open port –
# sudo nmap -n -PN -sT -sU -p- localhost
  • By using netstat command to find open ports – enter the following command –
# netstat -lntu
Where 
-l = only services which are listening on some port
-n = show port number, don’t try to resolve the service name
-t = enables listing of tcp ports
-u = enables listing of udp ports

  • By using the ss command –  enter the following command to list all open TCP and UDP ports.
# ss -lntu
  • ​​By using the lsof command

To display the list of open ports, enter the following command –

# lsof -i
​​To display all open files, use:
# lsof

Conclusion

​In closing, knowledge about ports is essential for Linux enthusiasts and system administrators in particular. These tools (ss, lsof, netstat and nmap,) are quite flexible and can reveal a great deal about the status of the services running on a machine. You should check up their man pages for more information. You should know that this is just to get you exploring the leaks and exposures on your network. Hope you find this tutorial useful.
Linux TutorialsUncategorizedhow-to