Find Out What Ports Are Listening / Open On My Linux & FreeBSD Server

How do I find open ports on Linux or FreeBSD Unix server?

There are different commands on both Linux and UNIX server to see what TCP/UDP ports are listening or open on your server. You can use netstat command, which prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships, etc. Another (and suggested) option is to use the lsof command, which lists open files, and ports on Linux, FreeBSD, Solaris and other Unixish systems.

netstat command to find open ports

The syntax is:
# netstat --listen
OR
# netstat -l
Sample outputs from my Debian 8.x Linux server:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 localhost:953           *:*                     LISTEN     
tcp        0      0 localhost:6010          *:*                     LISTEN     
tcp        0      0 localhost:4700          *:*                     LISTEN     
tcp        0      0 *:nfs                   *:*                     LISTEN     
tcp        0      0 *:afpovertcp            *:*                     LISTEN     
tcp        0      0 localhost:mysql         *:*                     LISTEN     
tcp        0      0 *:51084                 *:*                     LISTEN     
tcp        0      0 *:40495                 *:*                     LISTEN     
tcp        0      0 *:sunrpc                *:*                     LISTEN     
tcp        0      0 *:http                  *:*                     LISTEN     
tcp6       0      0 [::]:41864              [::]:*                  LISTEN     
tcp6       0      0 [::]:37833              [::]:*                  LISTEN     
tcp6       0      0 [::]:35658              [::]:*                  LISTEN     
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN     
tcp6       0      0 [::]:http               [::]:*                  LISTEN     
tcp6       0      0 [::]:domain             [::]:*                  LISTEN     
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
udp        0      0 *:59997                 *:*                                
udp        0      0 *:37610                 *:*                                
udp        0      0 *:755                   *:*                                
udp        0      0 nas01.nixcraft.n:domain *:*                                
udp        0      0 localhost:domain        *:*                                
udp        0      0 *:54469                 *:*                                
udp        0      0 *:mdns                  *:*                                
udp6       0      0 [::]:34235              [::]:*                             
udp6       0      0 [::]:36451              [::]:*                             
udp6       0      0 [::]:sunrpc             [::]:*                             
udp6       0      0 [::]:58606              [::]:*                             
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     16912    /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     11796    /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     11799    /var/run/avahi-daemon/socket
unix  2      [ ACC ]     STREAM     LISTENING     18844    @/tmp/dbus-FStDtp4tGA

To display open ports and established TCP connections, enter:
$ netstat -vatn
To display only open UDP ports try the following command:
$ netstat -vaun
If you want to see FQDN (full dns hostname), try removing the -n flag:
$ netstat -vat
FreeBSD/OS X Unix user try the following command:
$ netstat -na | grep -i LISTEN $ netstat -f inet -na | grep -i LISTEN
Sample outputs:

tcp6       0      0  ::1.52698              *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49153        *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49152        *.*                    LISTEN     
tcp4       0      0  *.22                   *.*                    LISTEN     
tcp6       0      0  *.22                   *.*                    LISTEN

lsof Command Examples

To display the list of open ports, enter:
# lsof -i
To display all open files, use:
# lsof
To display all open IPv4 network files in use by the process whose PID is 9255, use:
# lsof -i 4 -a -p 9255
Another example:
# lsof -iTCP -sTCP:LISTEN
Sample outputs:

COMMAND    PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
rpcbind   1004     root    8u  IPv4  14248      0t0  TCP *:sunrpc (LISTEN)
rpcbind   1004     root   11u  IPv6  14251      0t0  TCP *:sunrpc (LISTEN)
rpc.statd 1013    statd    9u  IPv4  14331      0t0  TCP *:51084 (LISTEN)
rpc.statd 1013    statd   11u  IPv6  14335      0t0  TCP *:54585 (LISTEN)
sshd      1031     root    3u  IPv4  15629      0t0  TCP *:ssh (LISTEN)
sshd      1031     root    4u  IPv6  15631      0t0  TCP *:ssh (LISTEN)
named     1034     bind   20u  IPv6  13184      0t0  TCP *:domain (LISTEN)
named     1034     bind   21u  IPv4  13188      0t0  TCP localhost:domain (LISTEN)
named     1034     bind   22u  IPv4  13190      0t0  TCP nas01.nixcraft.net.in:domain (LISTEN)
named     1034     bind   23u  IPv4  14835      0t0  TCP localhost:953 (LISTEN)
named     1034     bind   24u  IPv6  15643      0t0  TCP ip6-localhost:953 (LISTEN)
mysqld    1654    mysql   10u  IPv4  16911      0t0  TCP localhost:mysql (LISTEN)
lighttpd  1679 www-data    4u  IPv4  18535      0t0  TCP *:http (LISTEN)
lighttpd  1679 www-data    5u  IPv6  18536      0t0  TCP *:http (LISTEN)
afpd      1709     root    6u  IPv4  18703      0t0  TCP *:afpovertcp (LISTEN)
cnid_meta 1710     root    5u  IPv4  16316      0t0  TCP localhost:4700 (LISTEN)
rpc.mount 1739     root    9u  IPv4  16332      0t0  TCP *:52053 (LISTEN)
rpc.mount 1739     root   11u  IPv6  16336      0t0  TCP *:41859 (LISTEN)
rpc.mount 1739     root   13u  IPv4  16340      0t0  TCP *:40495 (LISTEN)
rpc.mount 1739     root   15u  IPv6  16344      0t0  TCP *:35658 (LISTEN)
rpc.mount 1739     root   17u  IPv4  16348      0t0  TCP *:60881 (LISTEN)
rpc.mount 1739     root   19u  IPv6  16352      0t0  TCP *:37833 (LISTEN)
sshd      1975    vivek   11u  IPv6  19711      0t0  TCP ip6-localhost:6010 (LISTEN)
sshd      1975    vivek   12u  IPv4  19712      0t0  TCP localhost:6010 (LISTEN)

A Note About FreeBSD Users

You can use the sockstat command lists open Internet or UNIX domain sockets, enter:
$ sockstat $ sockstat -l $ sockstat -4 -l $ sockstat -6 -l
Sample outputs:

Official Linux Foundation Certifications and Training - 15% Off

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Your support makes a big difference:

I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft takes a lot of my time and hard work to produce. If everyone who reads nixCraft, who likes it, helps fund it, my future would be more secure. You can donate as little as $1 to support nixCraft:

13 comment

I used lsof command in freebsd 5 i am not getting any output for checking tcp/udp ports which are listening or open on my server

doru001 says:
January 4, 2011 at 1:29 pm
sudo?
nixCraft says:
January 5, 2011 at 7:06 am
Yes, you must be root and use sockstat command.

What is the equivalent port for com9 on linux?How do i find out com port equivalents in linux?Thanks

on FreeBSD you can also use sockstat to list open sockets

correction :- should be
netstat -l, –listening :- to get list the listening sockets.

BR.
ruwinda.

lsof -i (to get an idea of ports out there)

netstat -a | grep
example: netstat -a | grep 4449

If nothing is returned like below the port is free
$ netstat -a | grep 4449
$

Hello There.

My name is Jacob and I’m running a hosting business. I have 2 dedicated servers at the moment and they’re both Linux Debian 6.0. I have some troubles with my dedicated IP’s. Some server on my dedicated server is having the port 0000 or 0. It takes all the dedicated IP’s and I don’t know how to find where its located or how to close it. I know the pid and I can see it’s running some where but the location I cant see. Please help me. It’s a big problem I’ve been trying to figure out.

there are some command to find out the all open port…bt there have any command to find out all the port,which are listing or not?that means have any command to show list of all ports?????

NublaII says:
August 1, 2014 at 2:35 pm
Try this:
open tcp, udp, listening, program, numeric, ipv4
netstat -tulpn4

how do i find out what ports are listeningopen/off on my linuxfreebsd server?how do i find the port,which are not listening.i just want to see list of all port.

how i send the list to local email?

Thanks, nice tips

vinod says:
June 22, 2007 at 9:43 am
I used lsof command in freebsd 5 i am not getting any output for checking tcp/udp ports which are listening or open on my server
1. doru001 says:
  January 4, 2011 at 1:29 pm
  sudo?
2. nixCraft says:
  January 5, 2011 at 7:06 am
  Yes, you must be root and use sockstat command.
ramakrishna says:
June 5, 2008 at 11:27 am
What is the equivalent port for com9 on linux?How do i find out com port equivalents in linux?Thanks
Rudi says:
August 4, 2008 at 1:27 pm
on FreeBSD you can also use sockstat to list open sockets
Ruwinda Fernando says:
June 29, 2009 at 8:58 am
correction :- should be
netstat -l, –listening :- to get list the listening sockets.
BR.
ruwinda.
Jon says:
November 17, 2010 at 10:58 pm
lsof -i (to get an idea of ports out there)
netstat -a | grep
example: netstat -a | grep 4449
If nothing is returned like below the port is free
$ netstat -a | grep 4449
$
Jacob says:
April 1, 2012 at 3:11 pm
Hello There.
My name is Jacob and I’m running a hosting business. I have 2 dedicated servers at the moment and they’re both Linux Debian 6.0. I have some troubles with my dedicated IP’s. Some server on my dedicated server is having the port 0000 or 0. It takes all the dedicated IP’s and I don’t know how to find where its located or how to close it. I know the pid and I can see it’s running some where but the location I cant see. Please help me. It’s a big problem I’ve been trying to figure out.
sovan says:
December 9, 2012 at 9:51 am
there are some command to find out the all open port…bt there have any command to find out all the port,which are listing or not?that means have any command to show list of all ports?????
1. NublaII says:
  August 1, 2014 at 2:35 pm
  Try this:
  open tcp, udp, listening, program, numeric, ipv4
  netstat -tulpn4
sovan says:
December 9, 2012 at 10:00 am
how do i find out what ports are listeningopen/off on my linuxfreebsd server?how do i find the port,which are not listening.i just want to see list of all port.
maram says:
April 29, 2016 at 1:35 pm
how i send the list to local email?
Binh Thanh Nguyen says:
December 5, 2017 at 11:19 am
Thanks, nice tips

Have a question? Post it on our forum!