It is important to know the open ports on your system, this is useful to detect an intrusion, or during troubleshooting or to detect a problem, for example if you have a problem with apache, it may be necessary to check s it listens well on ports 80/443.
This guide shows you how to check ports and see applications using those ports using netstat, nmap, and lsof on Linux system.
lsof command :
To check open ports with lsof, you can use the command :
#lsof -i -P -n
Take the output below as an example:
smtpd 25362 root 8u IPv4 0xffff80000045a000 0t0 TCP 12.58.125.39:25 (LISTEN)
– smtp : application name
– 25362 : ID du process smtpd
– 12.58.125.39 : is the interface’s IP address that smtpd is listening on.
– 25 : snmpd port
netstat command
You can check the open ports with the below netstat commands :
# netstat -tulpn
You can combine the command with grep to filter:
# netstat -tulpn | grep LISTEN
To see other useful netstat commands, check this article.
nmap command
Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing.
# nmap -sU -O 192.168.15.4 #Pour voir les ports UDP ouverts # nmap -sT -O 192.168.15.4 #Pour voir les ports TCP ouverts
It is possible to combine the two commands into one to display open UDP/TCP ports:
# nmap -sTU -O 192.168.2.13
nmap is a powerful command that has several useful options, you can discover them by checking this article.
Protocole du routage
nmap : les 12 commandes que vous devez connaître
Nslookup : 8 commandes les plus utilisés
Le fonctionnement du routeur
Fail2Ban : How to protect Linux services