Sometimes we need to see what ports are open locally on a Linux Server. Many tools can be used to do this but what are the best in each situation? I will outline the best options for the commands to list all Listening Open Ports in Linux, below.
Table of Contents
Set-Up
ArchLinux is my favorite distribution, check out my guide to installing BlackArch.
Commands to list local Listening ports
In order to list Open ports in Linux we have to use native tools that should be installed. However, any system with any level of security wont have nmap or netcat installed. So they are not in scope!
netstat
If its installed netstat is one of the oldest and most well known solution.
netstat with root
Discover all Open TCP Listening ports, the attached process and do not map the port number to a service name.
netstat -ntlpShow all Open UDP Listing ports, the attached process, and do not map the port number to a service name.
netstat -nulpEstablished Connections and the process with the connection. Although no option to just show established connections, grep can be used to pull out this information.
netstat -ap |grep ESTnetstat without root
Netstat “-p/–program” option does not work when using a non root account. But the rest of the options are fine.
Show all Open TCP Listening ports but do not map the port number to a service name.
netstat -ntlOpen UDP Listing ports and do not map the port number to a name.
netstat -nulShow Established Connections and the process with the connection. Although no option to just show established connections, grep can be used to pull out this information.
netstat -a |grep ESTShow Established Connections
Although there is no option to just show established connections, grep can be used to pull out this information.
netstat -a |grep ESTss
In more recent Linux distributions you could find “ss” installed when netstat is missing. The options are very similar to netstat.
ss with root
Display all TCP Listening ports and the attached processes.
ss -ltpDisplay all UDP Listening ports and the attached processes.
ss -lupShow all Connections Established and the process using them.
ss -tup |grep ESTss without root
With a non-root account the processes using the ports will not be listed.
Display TCP Listening ports
ss -ltDisplay UDP Listening ports.
ss -luShow all Established Connections
ss -ut |grep ESTlosf
Not the most useful of tools for doing this but if its all you have.
lsof with root access
list all TCP ports open
lsof -i TCPList all UDP port Listening
lsof -i UDPA complete list of established connections.
lsof -ilsof without root access
Unfortunately lsof does not provide any useful network connection information without root access.
Doing it with Python
Sometimes there is nothing available to do this, but if you have python installed you can do a port scan on all internal ip address.
Listing Open Ports with Python.
import ipaddress
import socket
import subprocess
import sys
highport = 1024 #Highest port to scan to, higher = slower
def check_ports(server):
for port in range(1, highport):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = sock.connect_ex((server, int(port)))
if result == 0:
print(f"Port {port}: On {server}: Open")
sock.close()
def check_addrs(ADDRS):
for ip in ADDRS:
check_ports(ip)
def get_ip(ip_addr_proto="ipv4", ignore_local_ips=True):
af_inet = 2
if ip_addr_proto == "ipv6":
af_inet = 30
elif ip_addr_proto == "both":
af_inet = 0
system_ip_list = getaddrinfo(gethostname(), None, af_inet, 1, 0)
ip_list = ['127.0.0.1']
for ip in system_ip_list:
ip = ip[4][0]
try:
ipaddress.ip_address(str(ip))
ip_address_valid = True
except ValueError:
ip_address_valid = False
else:
if ipaddress.ip_address(ip).is_loopback and ignore_local_ips or ipaddress.ip_address(ip).is_link_local and ignore_local_ips:
pass
elif ip_address_valid:
ip_list.append(ip)
return ip_list
check_addrs(get_ip())
Wrap-Up
If you have any suggestions if you think anything is missing from this list of commands to list Open ports in Linux please leave comments below.
Support
I really enjoy making this content and if you would like to support the cost of keeping this site up and running, please make a purchase through one of my affiliate links.
Be First to Comment