≡ Menu

Find Out What Ports Are Listening / Open On My Linux & FreeBSD Server

How do I find open ports on Linux or FreeBSD Unix server?

There are different commands on both Linux and UNIX server to see what TCP/UDP ports are listening or open on your server. You can use netstat command, which prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships, etc. Another (and suggested) option is to use the lsof command, which lists open files, and ports on Linux, FreeBSD, Solaris and other Unixish systems.

netstat command to find open ports

The syntax is:
# netstat --listen
OR
# netstat -l
Sample outputs from my Debian 8.x Linux server:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 localhost:953           *:*                     LISTEN     
tcp        0      0 localhost:6010          *:*                     LISTEN     
tcp        0      0 localhost:4700          *:*                     LISTEN     
tcp        0      0 *:nfs                   *:*                     LISTEN     
tcp        0      0 *:afpovertcp            *:*                     LISTEN     
tcp        0      0 localhost:mysql         *:*                     LISTEN     
tcp        0      0 *:51084                 *:*                     LISTEN     
tcp        0      0 *:40495                 *:*                     LISTEN     
tcp        0      0 *:sunrpc                *:*                     LISTEN     
tcp        0      0 *:http                  *:*                     LISTEN     
tcp6       0      0 [::]:41864              [::]:*                  LISTEN     
tcp6       0      0 [::]:37833              [::]:*                  LISTEN     
tcp6       0      0 [::]:35658              [::]:*                  LISTEN     
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN     
tcp6       0      0 [::]:http               [::]:*                  LISTEN     
tcp6       0      0 [::]:domain             [::]:*                  LISTEN     
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
udp        0      0 *:59997                 *:*                                
udp        0      0 *:37610                 *:*                                
udp        0      0 *:755                   *:*                                
udp        0      0 nas01.nixcraft.n:domain *:*                                
udp        0      0 localhost:domain        *:*                                
udp        0      0 *:54469                 *:*                                
udp        0      0 *:mdns                  *:*                                
udp6       0      0 [::]:34235              [::]:*                             
udp6       0      0 [::]:36451              [::]:*                             
udp6       0      0 [::]:sunrpc             [::]:*                             
udp6       0      0 [::]:58606              [::]:*                             
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     16912    /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     11796    /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     11799    /var/run/avahi-daemon/socket
unix  2      [ ACC ]     STREAM     LISTENING     18844    @/tmp/dbus-FStDtp4tGA

To display open ports and established TCP connections, enter:
$ netstat -vatn
To display only open UDP ports try the following command:
$ netstat -vaun
If you want to see FQDN (full dns hostname), try removing the -n flag:
$ netstat -vat
FreeBSD/OS X Unix user try the following command:
$ netstat -na | grep -i LISTEN
$ netstat -f inet -na | grep -i LISTEN

Sample outputs:

tcp6       0      0  ::1.52698              *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49153        *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49152        *.*                    LISTEN     
tcp4       0      0  *.22                   *.*                    LISTEN     
tcp6       0      0  *.22                   *.*                    LISTEN     

lsof Command Examples

To display the list of open ports, enter:
# lsof -i
To display all open files, use:
# lsof
To display all open IPv4 network files in use by the process whose PID is 9255, use:
# lsof -i 4 -a -p 9255
Another example:
# lsof -iTCP -sTCP:LISTEN
Sample outputs:

COMMAND    PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
rpcbind   1004     root    8u  IPv4  14248      0t0  TCP *:sunrpc (LISTEN)
rpcbind   1004     root   11u  IPv6  14251      0t0  TCP *:sunrpc (LISTEN)
rpc.statd 1013    statd    9u  IPv4  14331      0t0  TCP *:51084 (LISTEN)
rpc.statd 1013    statd   11u  IPv6  14335      0t0  TCP *:54585 (LISTEN)
sshd      1031     root    3u  IPv4  15629      0t0  TCP *:ssh (LISTEN)
sshd      1031     root    4u  IPv6  15631      0t0  TCP *:ssh (LISTEN)
named     1034     bind   20u  IPv6  13184      0t0  TCP *:domain (LISTEN)
named     1034     bind   21u  IPv4  13188      0t0  TCP localhost:domain (LISTEN)
named     1034     bind   22u  IPv4  13190      0t0  TCP nas01.nixcraft.net.in:domain (LISTEN)
named     1034     bind   23u  IPv4  14835      0t0  TCP localhost:953 (LISTEN)
named     1034     bind   24u  IPv6  15643      0t0  TCP ip6-localhost:953 (LISTEN)
mysqld    1654    mysql   10u  IPv4  16911      0t0  TCP localhost:mysql (LISTEN)
lighttpd  1679 www-data    4u  IPv4  18535      0t0  TCP *:http (LISTEN)
lighttpd  1679 www-data    5u  IPv6  18536      0t0  TCP *:http (LISTEN)
afpd      1709     root    6u  IPv4  18703      0t0  TCP *:afpovertcp (LISTEN)
cnid_meta 1710     root    5u  IPv4  16316      0t0  TCP localhost:4700 (LISTEN)
rpc.mount 1739     root    9u  IPv4  16332      0t0  TCP *:52053 (LISTEN)
rpc.mount 1739     root   11u  IPv6  16336      0t0  TCP *:41859 (LISTEN)
rpc.mount 1739     root   13u  IPv4  16340      0t0  TCP *:40495 (LISTEN)
rpc.mount 1739     root   15u  IPv6  16344      0t0  TCP *:35658 (LISTEN)
rpc.mount 1739     root   17u  IPv4  16348      0t0  TCP *:60881 (LISTEN)
rpc.mount 1739     root   19u  IPv6  16352      0t0  TCP *:37833 (LISTEN)
sshd      1975    vivek   11u  IPv6  19711      0t0  TCP ip6-localhost:6010 (LISTEN)
sshd      1975    vivek   12u  IPv4  19712      0t0  TCP localhost:6010 (LISTEN)

A Note About FreeBSD Users

You can use the sockstat command lists open Internet or UNIX domain sockets, enter:
$ sockstat
$ sockstat -l
$ sockstat -4 -l
$ sockstat -6 -l

Sample outputs:

Fig.01: sockstat command on FreeBSD

Fig.01: sockstat command on FreeBSD

Sysadmin because even developers need heroes!!!

Share this tutorial on:
{ 12 comments… add one }
  • vinod June 22, 2007, 9:43 am

    I used lsof command in freebsd 5 i am not getting any output for checking tcp/udp ports which are listening or open on my server

    • doru001 January 4, 2011, 1:29 pm

      sudo?

    • nixCraft January 5, 2011, 7:06 am

      Yes, you must be root and use sockstat command.

  • ramakrishna June 5, 2008, 11:27 am

    What is the equivalent port for com9 on linux?How do i find out com port equivalents in linux?Thanks

  • Rudi August 4, 2008, 1:27 pm

    on FreeBSD you can also use sockstat to list open sockets

  • Ruwinda Fernando June 29, 2009, 8:58 am

    correction :- should be
    netstat -l, –listening :- to get list the listening sockets.

    BR.
    ruwinda.

  • Jon November 17, 2010, 10:58 pm

    lsof -i (to get an idea of ports out there)

    netstat -a | grep
    example: netstat -a | grep 4449

    If nothing is returned like below the port is free
    $ netstat -a | grep 4449
    $

  • Jacob April 1, 2012, 3:11 pm

    Hello There.

    My name is Jacob and I’m running a hosting business. I have 2 dedicated servers at the moment and they’re both Linux Debian 6.0. I have some troubles with my dedicated IP’s. Some server on my dedicated server is having the port 0000 or 0. It takes all the dedicated IP’s and I don’t know how to find where its located or how to close it. I know the pid and I can see it’s running some where but the location I cant see. Please help me. It’s a big problem I’ve been trying to figure out.

  • sovan December 9, 2012, 9:51 am

    there are some command to find out the all open port…bt there have any command to find out all the port,which are listing or not?that means have any command to show list of all ports?????

    • NublaII August 1, 2014, 2:35 pm

      Try this:
      open tcp, udp, listening, program, numeric, ipv4
      netstat -tulpn4

  • sovan December 9, 2012, 10:00 am

    how do i find out what ports are listeningopen/off on my linuxfreebsd server?how do i find the port,which are not listening.i just want to see list of all port.

  • maram April 29, 2016, 1:35 pm

    how i send the list to local email?

Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">


   Tagged with: , , , , , , , , , ,