When working with a Linux system, sometimes you encounter networking issues or you have to configure the firewall.
In these situations, maybe you need to check whether specific ports are opened or not? There are commands to determine if a port is in use on Linux or Unix-like server.
Here at LinuxAPT, as part of our Server Management Services, we regularly help our Customers to perform Linux related queries.
In this context, we shall look into methods to figure out what ports are opened on your Ubuntu 20.04 Linux system.
An open port is a TCP or UDP network port that accepts incoming packets from outside.
For example, if an SSH server is installed on your Linux system, it will listen on port 22.
In case this port is open on the firewall, the users from remote systems will be able to establish an SSH connection to your system.
We say that port 22 is an open port.
Bearing in mind that we should expose only the necessary ports for the applications can run properly.
Other unnecessary ports should be closed for avoiding security risks.
Nmap stands for Network Mapper. It is a useful and powerful utility that used to scan hosts and services on a network.
Other than the host ports scanning feature, nmap can also discover the MAC addresses, operating systems, kernel versions, and so on.
By default, nmap is not pre-installed on Ubuntu 20.04. You can install it by running the following commands:
$ sudo apt update
$ sudo apt install nmap
Verify that nmap is successfully installed:
$ nmap -version
Now, it's time to use nmap to check the opening ports on your system.
Let's run the command:
$ sudo nmap -sT -p- 10.120.0.1
-sT -p- indicates that nmap will scan for all TCP ports.
10.120.0.1 is your internal IP address of your host.
If you want to scan for UDP ports, running nmap with -sU option:
$ sudo nmap -sU -p- 10.120.0.1
Netcat is a powerful command line tool that performs the networking operation. It uses TCP and UDP protocols for reading and writing data across networks.
Necat can be used for scanning and redirecting network ports as well.
If you want to check open ports in the range 20-25 on a Ubuntu 20.04 machine that has IP 10.120.0.1, run the following command:
$ netcat -z -v 10.120.0.1 20-50
-z indicates that netcat scan only for open ports
-v sends verbose information to the terminal
In case you want to show only the open ports, you can run:
$ netcat -z -v 10.120.0.1 20-80 2>&1 | grep succeeded
To scan for ports in UDP, let's use -u option as follows:
$ netcat -z -v -u 10.120.0.1 20-80 2>&1 | grep succeeded
This article covers some common tools that can be used to check the open ports on a Linux system. It is important you verify which ports are listening on the server's network interfaces. You need to pay attention to open ports to detect an intrusion.
Apart from an intrusion, for troubleshooting purposes, it may be necessary to check if a port is already in use by a different application on your servers.
For example, you may install Apache and Nginx server on the same system. So it is necessary to know if Apache or Nginx is using TCP port # 80/443.
To check the listening ports and applications on Ubuntu Linux:
1. Open a terminal application i.e. shell prompt.
2. Run any one of the following command on Linux to see open ports:
$ sudo lsof -i -P -n | grep LISTEN
$ sudo netstat -tulpn | grep LISTEN
$ sudo ss -tulpn | grep LISTEN
$ sudo lsof -i:22 ## see a specific port such as 22 ##
$ sudo nmap -sTU -O IP-address-Here
For the latest version of Linux use the ss command. For example, ss -tulw
What is the netstat command ?
You can check the listening ports and applications with netstat as follows.
Run netstat command along with grep command to filter out port in LISTEN state:
$ netstat -tulpn | grep LISTEN
The netstat command deprecated for some time on Linux. Therefore, you need to use the ss command as follows:
$ sudo ss -tulw
$ sudo ss -tulwn
$ sudo ss -tulwn | grep LISTEN