There are different commands on both Linux and UNIX server to see what TCP/UDP ports are listening or open on your server. You can use netstat command, which prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships, etc. Another (and suggested) option is to use the lsof command, which lists open files, and ports on Linux, FreeBSD, Solaris and other Unixish systems.
netstat command to find open ports
The syntax is:
# netstat --listen
OR
# netstat -l
Sample outputs from my Debian 8.x Linux server:
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 localhost:953 *:* LISTEN tcp 0 0 localhost:6010 *:* LISTEN tcp 0 0 localhost:4700 *:* LISTEN tcp 0 0 *:nfs *:* LISTEN tcp 0 0 *:afpovertcp *:* LISTEN tcp 0 0 localhost:mysql *:* LISTEN tcp 0 0 *:51084 *:* LISTEN tcp 0 0 *:40495 *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp6 0 0 [::]:41864 [::]:* LISTEN tcp6 0 0 [::]:37833 [::]:* LISTEN tcp6 0 0 [::]:35658 [::]:* LISTEN tcp6 0 0 [::]:sunrpc [::]:* LISTEN tcp6 0 0 [::]:http [::]:* LISTEN tcp6 0 0 [::]:domain [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN udp 0 0 *:59997 *:* udp 0 0 *:37610 *:* udp 0 0 *:755 *:* udp 0 0 nas01.nixcraft.n:domain *:* udp 0 0 localhost:domain *:* udp 0 0 *:54469 *:* udp 0 0 *:mdns *:* udp6 0 0 [::]:34235 [::]:* udp6 0 0 [::]:36451 [::]:* udp6 0 0 [::]:sunrpc [::]:* udp6 0 0 [::]:58606 [::]:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 16912 /var/run/mysqld/mysqld.sock unix 2 [ ACC ] STREAM LISTENING 11796 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 11799 /var/run/avahi-daemon/socket unix 2 [ ACC ] STREAM LISTENING 18844 @/tmp/dbus-FStDtp4tGA
To display open ports and established TCP connections, enter:
$ netstat -vatn
To display only open UDP ports try the following command:
$ netstat -vaun
If you want to see FQDN (full dns hostname), try removing the -n flag:
$ netstat -vat
FreeBSD/OS X Unix user try the following command:
$ netstat -na | grep -i LISTEN
$ netstat -f inet -na | grep -i LISTEN
Sample outputs:
tcp6 0 0 ::1.52698 *.* LISTEN tcp4 0 0 127.0.0.1.49153 *.* LISTEN tcp4 0 0 127.0.0.1.49152 *.* LISTEN tcp4 0 0 *.22 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN
lsof Command Examples
To display the list of open ports, enter:
# lsof -i
To display all open files, use:
# lsof
To display all open IPv4 network files in use by the process whose PID is 9255, use:
# lsof -i 4 -a -p 9255
Another example:
# lsof -iTCP -sTCP:LISTEN
Sample outputs:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME rpcbind 1004 root 8u IPv4 14248 0t0 TCP *:sunrpc (LISTEN) rpcbind 1004 root 11u IPv6 14251 0t0 TCP *:sunrpc (LISTEN) rpc.statd 1013 statd 9u IPv4 14331 0t0 TCP *:51084 (LISTEN) rpc.statd 1013 statd 11u IPv6 14335 0t0 TCP *:54585 (LISTEN) sshd 1031 root 3u IPv4 15629 0t0 TCP *:ssh (LISTEN) sshd 1031 root 4u IPv6 15631 0t0 TCP *:ssh (LISTEN) named 1034 bind 20u IPv6 13184 0t0 TCP *:domain (LISTEN) named 1034 bind 21u IPv4 13188 0t0 TCP localhost:domain (LISTEN) named 1034 bind 22u IPv4 13190 0t0 TCP nas01.nixcraft.net.in:domain (LISTEN) named 1034 bind 23u IPv4 14835 0t0 TCP localhost:953 (LISTEN) named 1034 bind 24u IPv6 15643 0t0 TCP ip6-localhost:953 (LISTEN) mysqld 1654 mysql 10u IPv4 16911 0t0 TCP localhost:mysql (LISTEN) lighttpd 1679 www-data 4u IPv4 18535 0t0 TCP *:http (LISTEN) lighttpd 1679 www-data 5u IPv6 18536 0t0 TCP *:http (LISTEN) afpd 1709 root 6u IPv4 18703 0t0 TCP *:afpovertcp (LISTEN) cnid_meta 1710 root 5u IPv4 16316 0t0 TCP localhost:4700 (LISTEN) rpc.mount 1739 root 9u IPv4 16332 0t0 TCP *:52053 (LISTEN) rpc.mount 1739 root 11u IPv6 16336 0t0 TCP *:41859 (LISTEN) rpc.mount 1739 root 13u IPv4 16340 0t0 TCP *:40495 (LISTEN) rpc.mount 1739 root 15u IPv6 16344 0t0 TCP *:35658 (LISTEN) rpc.mount 1739 root 17u IPv4 16348 0t0 TCP *:60881 (LISTEN) rpc.mount 1739 root 19u IPv6 16352 0t0 TCP *:37833 (LISTEN) sshd 1975 vivek 11u IPv6 19711 0t0 TCP ip6-localhost:6010 (LISTEN) sshd 1975 vivek 12u IPv4 19712 0t0 TCP localhost:6010 (LISTEN)
A Note About FreeBSD Users
You can use the sockstat command lists open Internet or UNIX domain sockets, enter:
$ sockstat
$ sockstat -l
$ sockstat -4 -l
$ sockstat -6 -l
Sample outputs:
Fig.01: sockstat command on FreeBSD
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 13 comments... add one ↓
Category | List of Unix and Linux commands |
---|---|
File Management | cat |
Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
Network Utilities | dig • host • ip • nmap |
OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
Package Manager | apk • apt |
Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
Searching | grep • whereis • which |
User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
I used lsof command in freebsd 5 i am not getting any output for checking tcp/udp ports which are listening or open on my server
sudo?
Yes, you must be root and use sockstat command.
What is the equivalent port for com9 on linux?How do i find out com port equivalents in linux?Thanks
on FreeBSD you can also use sockstat to list open sockets
correction :- should be
netstat -l, –listening :- to get list the listening sockets.
BR.
ruwinda.
lsof -i (to get an idea of ports out there)
netstat -a | grep
example: netstat -a | grep 4449
If nothing is returned like below the port is free
$ netstat -a | grep 4449
$
Hello There.
My name is Jacob and I’m running a hosting business. I have 2 dedicated servers at the moment and they’re both Linux Debian 6.0. I have some troubles with my dedicated IP’s. Some server on my dedicated server is having the port 0000 or 0. It takes all the dedicated IP’s and I don’t know how to find where its located or how to close it. I know the pid and I can see it’s running some where but the location I cant see. Please help me. It’s a big problem I’ve been trying to figure out.
there are some command to find out the all open port…bt there have any command to find out all the port,which are listing or not?that means have any command to show list of all ports?????
Try this:
open tcp, udp, listening, program, numeric, ipv4
netstat -tulpn4
how do i find out what ports are listeningopen/off on my linuxfreebsd server?how do i find the port,which are not listening.i just want to see list of all port.
how i send the list to local email?
Thanks, nice tips