Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!
« previous next »
Pages: [1]   Go Down

Author Topic: How to check open ports in Linux with respective service-process  (Read 1207 times)

0 Members and 1 Guest are viewing this topic.

akhilt

  • Guest
How to check open ports in Linux with respective service-process
« on: June 02, 2018, 10:08:23 am »
How to check open ports in Linux with respective service-process

There are various ways by which we can determine open-listening ports on Linux.

1. Check open ports in Linux using netstat command

In basic form netstat commands display or prints information about network connections and routing table etc. However same command along with the below parameter can be used to check open ports in Linux.

Command:

Code: [Select]
netstat -tulpn | grep LISTEN
Output:

Code: [Select]
[root@server ~]# netstat -tulpn | grep LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      904/sshd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      866/master
tcp6       0      0 :::80                   :::*                    LISTEN      1086/httpd
tcp6       0      0 :::22                   :::*                    LISTEN      904/sshd
tcp6       0      0 ::1:25                  :::*                    LISTEN      866/master

[root@server ~]#
Here in this above output command displays all TCP as well as UDP ports. If in case you want to filter it further, Let's say you want to find out the process or service used by port 80, follow the command:

Code: [Select]
[root@server ~]# netstat -tulpn | grep LISTEN|grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      1086/httpd

[root@server ~]#
In the above command port is being used by httpd service with PID 1086.

2. Check open ports in Linux using lsof utility

lsof utility basically display list of open files. However, with some parameter tweaks we can able to check open ports in Linux also. By default its not installed on system please follow below sets of commands for installation according to the flavour of Linux.

For RHEL and CentOS OS
Code: [Select]
#yum install lsof
For Debian and Ubuntu OS
Code: [Select]
#apt install lsof
Command:

Code: [Select]
#lsof -i -P -n
Output:

Code: [Select]
[root@server ~]# lsof -i -P -n
COMMAND   PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
chronyd   513   chrony    1u  IPv4  14330      0t0  UDP 127.0.0.1:323
chronyd   513   chrony    2u  IPv6  14331      0t0  UDP [::1]:323
dhclient  548     root    6u  IPv4  15326      0t0  UDP *:68
dhclient  548     root   20u  IPv4  15315      0t0  UDP *:41668
dhclient  548     root   21u  IPv6  15316      0t0  UDP *:23435
master    866     root   13u  IPv4  16678      0t0  TCP 127.0.0.1:25 (LISTEN)
master    866     root   14u  IPv6  16679      0t0  TCP [::1]:25 (LISTEN)
sshd      904     root    3u  IPv4  17424      0t0  TCP *:22 (LISTEN)
sshd      904     root    4u  IPv6  17426      0t0  TCP *:22 (LISTEN)
sshd      951     root    3u  IPv4  17884      0t0  TCP 172.31.22.4:22->103.211.42.2:59572 (ESTABLISHED)
sshd      954 ec2-user    3u  IPv4  17884      0t0  TCP 172.31.22.4:22->103.211.42.2:59572 (ESTABLISHED)
httpd    1086     root    4u  IPv6  19036      0t0  TCP *:80 (LISTEN)
httpd    1088   apache    4u  IPv6  19036      0t0  TCP *:80 (LISTEN)
httpd    1089   apache    4u  IPv6  19036      0t0  TCP *:80 (LISTEN)
httpd    1090   apache    4u  IPv6  19036      0t0  TCP *:80 (LISTEN)
httpd    1091   apache    4u  IPv6  19036      0t0  TCP *:80 (LISTEN)
httpd    1092   apache    4u  IPv6  19036      0t0  TCP *:80 (LISTEN)
In case you want to have more details about port 80 you can use below command:

Code: [Select]
[root@server~]# lsof -i :80
COMMAND  PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
httpd   1086   root    4u  IPv6  19036      0t0  TCP *:http (LISTEN)
httpd   1088 apache    4u  IPv6  19036      0t0  TCP *:http (LISTEN)
httpd   1089 apache    4u  IPv6  19036      0t0  TCP *:http (LISTEN)
httpd   1090 apache    4u  IPv6  19036      0t0  TCP *:http (LISTEN)
httpd   1091 apache    4u  IPv6  19036      0t0  TCP *:http (LISTEN)
httpd   1092 apache    4u  IPv6  19036      0t0  TCP *:http (LISTEN)
3. Check open ports in Linux using nmap

nmap is a port scanning tool used in Linux. It's not installed on Linux systems by default. You need to install it using below command.

Code: [Select]
yum install nmap
Once its installed used below command to check open ports in Linux using below command.

Command:

Code: [Select]
# nmap -sT -O localhost
Output:

Code: [Select]
[root@ip-172-31-22-4 ~]# nmap -sT -O localhost

Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-15 13:59 UTC
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00023s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 997 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
25/tcp open  smtp
80/tcp open  http
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 - 3.9
Network Distance: 0 hops

OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.66 seconds

[root@ip-172-31-22-4 ~]#
In the above output we can able to check open ports very easily.

Thank you!!!
Logged
Pages: [1]   Go Up
« previous next »