Ask Ubuntu Asked on October 31, 2021
I would like to see what ports are open on my machine, e.g. what ports my machine is listening on. E.g. port 80 if I have installed a web server, and so on.
Is there any command for this?
assuming u wanna check port 3000:
netstat -na | grep 3000
Answered by Marek Kamiński on October 31, 2021
In latest Linux distro, most probably you won't find netstat
command anymore.
$ netstat
Command 'netstat' not found, but can be installed with:
sudo apt install net-tools
$
However, if you want to use it, go ahead and install it with sudo apt install net-tools
command.
Fyi, netstat is obsolete (refer to the man page), so you should use ss
intead of netstat
.
This program is obsolete. Replacement for netstat is ss.
Replacement for netstat -r is ip route. Replacement for netstat -i is ip -s link. Replacement for netstat -g is ip maddr.
E.g.
$ ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 127.0.1.1:53 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 128 ::1:631 :::*
Description
ss = another utility to investigate sockets
-l, --listening Display only listening sockets (these are omitted by default).
-n, --numeric Do not try to resolve service names.
-t, --tcp Display TCP sockets.
Answered by user1069309 on October 31, 2021
ss: Print: network connections routing tables interface statistics masquerade connections multicast memberships
Install:
sudo apt install net-tools
Example:
~$ ss -ntlp | grep LISTEN
>
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 50 [::ffff:127.0.0.1]:9614 *:*
Answered by Abolfazl Zohoorian on October 31, 2021
If you are looking for continuous monitoring of ports for server machines or local I think you can also use graphical version of nmap i.e Zenmap for more detailed version
Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner.
Supports available (Linux, Windows, Mac OS X, BSD, etc.)
Have a look to this tool view:
Answered by Vishal G on October 31, 2021
To list open ports use the netstat
command.
For example:
$ sudo netstat -tulpn | grep LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 5452/dnsmasq
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1037/cupsd
tcp6 0 0 ::1:631 :::* LISTEN 1037/cupsd
In the above example three services are bound to the loopback address.
IPv4 services bound to the loopback address "127.0.0.1" are only available on the local machine. The equivalent loopback address for IPv6 is "::1". The IPv4 address "0.0.0.0" means "any IP address", which would mean that other machines could potentially connect to any of the locally configured network interfaces on the specific port.
Another method is to use the lsof
command:
$ sudo lsof -nP -i | grep LISTEN
cupsd 1037 root 9u IPv6 11276 0t0 TCP [::1]:631 (LISTEN)
cupsd 1037 root 10u IPv4 11277 0t0 TCP 127.0.0.1:631 (LISTEN)
dnsmasq 5452 nobody 5u IPv4 212707 0t0 TCP 127.0.0.1:53 (LISTEN)
For more details see man netstat
or man lsof
.
Answered by inetpro on October 31, 2021
I've always used this:
sudo netstat -ntlp
If the netstat
command is not available, install it with:
sudo apt install net-tools
Answered by SiLeNCeD on October 31, 2021
This is enough to show that there is a process listening on IP address 0.0.0.0
(needed so it will reply to any request) on port 80 (standard web server port number). In my case this shows it is the web server lighttpd
$ sudo netstat -ntlp | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2495/lighttpd
If you later want to make sure that the only thing you allow through your firewall is port 80 I often use ShieldsUp from www.grc.com to perform a firewall test.
Answered by rstonehouse on October 31, 2021
sudo iptables -L
will list the port rules for your pc.
Note that if you are using ufw or shorewall firewalls the output maybe be hard to read.
In that case rather use sudo ufw status
for example.
This is not very useful on its own as even if a port is open access will still be denied if there is no process listening on that port.
Answered by Ciaran Liedeman on October 31, 2021
Other good ways to find out what ports are listenting and what your firewall rules are:
sudo netstat -tulpn
sudo ufw status
Answered by nathwill on October 31, 2021
Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing.
Use nmap 192.168.1.33
for internal PC or nmap external IP address
.
More information man nmap
.
Zenmap is the official GUI frontend.
Answered by hhlp on October 31, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP