How can I check port usage on a Linux system?

The best way to monitor Linux system network services and diagnose problems that may arise is by checking the ports. The following knowledgebase will help you learn different ways of determining the ports in use and the application or service they are linked to.

Understanding Ports in Linux

In networking, a port can be explained as a node that enables communication between systems. Each port is given a unique number and uses a distinct protocol like TCP or UDP for communication. There are two kinds of ports: listen ports, which can be connected to, and non-listen ports, which cannot be connected to.

Common Commands to Check Port Usage

1. Using netstat

The netstat command is a traditional tool for monitoring network connections and port usage. To check for listening ports, you can use:

sudo netstat -tulpa

• -t: Show TCP ports.

• -u: Show UDP ports.

• -l: Display only listening sockets.

• -p: Show the process ID and name using the port.

• -n: Display numerical addresses instead of resolving hostnames.

This command will provide a list of all open ports along with the corresponding applications.

2. Using ss

The ss command is a modern replacement for Netstat, offering more detailed information and faster performance. To check listening ports, use:

sudo ss -tulpa

Recall that the options are the same as in Netstat, and the result will be the display of processes bound to specific ports.

3. Using of

Also, the lsof (List Open Files) option is noteworthy as it helps to specify which files and ports are opened by the particular processes. To list all listening TCP ports, execute:

sudo lsof -nP -TCP -sTCP: LISTEN

• -n: Do not convert port numbers to names.

• -P: Do not resolve hostnames.

• -TCP: Show only TCP connections.

• -TCP:LISTEN: The filter is to show only listening sockets.

To scan a particular port, for instance, port 80, you can type:

sudo lsof -nP -i:80

4. Using fuser

The fuser command can be used to identify processes using a specific port. For instance, to check which process is using port 22, run:

sudo fuser -v -n tcp 22

This command will display the specified port's user, process ID, and access type.

5. Using Nmap

While Nmap is mainly focused on basic networking, one of the operations that can be performed with its help is the identification of the open ports of the local or remote system. To check for opened ports in the localhost, use:

sudo nmap -sTU -O localhost

This command will show the TCP and UDP ports, which are currently open, and the services on them.

Conclusion

It is essential to check whether a port is being used in a Linux system to solve network problems and verify a service's status. Some commands that will help you monitor and manage network connections include netstat, ss, lsof, fuser, and nmap. It also helps identify and diagnose problems associated with specific ports and increases security measures in the ports related to particular applications. It is a recommended good practice to periodically scan for the usage of ports to keep the Linux environment healthy and less susceptible to attacks.

Was this answer helpful? 3 6