This article covers some common tools that can be used to check the open ports on a Linux system. It is important you verify which ports are listening on the server's network interfaces. You need to pay attention to open ports to detect an intrusion.
Apart from an intrusion, for troubleshooting purposes, it may be necessary to check if a port is already in use by a different application on your servers.
For example, you may install Apache and Nginx server on the same system. So it is necessary to know if Apache or Nginx is using TCP port # 80/443.
To check the listening ports and applications on Ubuntu Linux:
1. Open a terminal application i.e. shell prompt.
2. Run any one of the following command on Linux to see open ports:
$ sudo lsof -i -P -n | grep LISTEN
$ sudo netstat -tulpn | grep LISTEN
$ sudo ss -tulpn | grep LISTEN
$ sudo lsof -i:22 ## see a specific port such as 22 ##
$ sudo nmap -sTU -O IP-address-Here
For the latest version of Linux use the ss command. For example, ss -tulw
What is the netstat command ?
You can check the listening ports and applications with netstat as follows.
Run netstat command along with grep command to filter out port in LISTEN state:
$ netstat -tulpn | grep LISTEN
The netstat command deprecated for some time on Linux. Therefore, you need to use the ss command as follows:
$ sudo ss -tulw
$ sudo ss -tulwn
$ sudo ss -tulwn | grep LISTEN