How to Check port is Listening or currently Use in Linux

Last week, we had a problem with our System through which I could not share my screen remotely from my network computer. Then we check the port status, and the port was closed.

So,I thought today many other Linux Folks also facing this kind of issue in everyday.

In this guide, We will show you how to check the port status in Linux and the method to close the unwanted port.

What is Port?

A port is like an endpoint from which you can access a specific location or an application. The Internet Protocol suite uses it to communicate through User Diagram Protocol UDP or Transport Layer Protocol TCP.

A port number is a 16-bit unsigned integer that ranges from 0 to 65535.

In short, a port is like a door number of your friend’s house. When you know the friend’s house door number, you can only get inside your friend’s house.

How to check active or Listening Port Status

Before that, first, understand what is an active or Listening port? From the above instance, you know what is a port? Now understand what is Listening to port? Listening port is like communication between end-to endpoint using TCP or UDP protocol and every machine is assigned with a unique IP address.

To clear concept:- When I need to visit one of my friend’s houses I should know his apartment address (IP address) Unique for everyone and the flat number like (port number).

If my friend don’t open the door or not received my call for any reason then the security guard (Firewall) will not allow me to get inside his apartment and my connection get dropped.

I think so explanation make clear what is port and listening port.

There are many through which you can check the port status like Nmap, netstat, ss, or lsof, and We will take an example of each command.

Check Open Ports with nmap command

Nmap is the all in one network tool which can list you all the port which is active on your system or remote system with many features.

To check the port status in your Ubuntu or Debian pass the following command into your Linux Terminals

$ sudo nmap -sT -p- 172.27.244.158

When you pass this command, It will show you details like Port number, state, and type of service

Now we explain to you the flags or parameter that we used above in the above command

  • -sT:- It will show only the TCP ports
  • -p:- This will make sure to scan all the port 65535 number
  • 172.27.244.158:- We have passed the IP address, you can even pass the domain name or server name.

From the output, we are getting the information like port number 22,80 are open and the rest ports are closed.

This was for TCP port when you want to check for the UDP port use flag -sU

$ sudo nmap -sU -p- 10.10.8.8

This was not only single way to audit port status nmap has many other flags which give your more details to check read manual page.

A few days back, we have written a complete guide on Nmap. Please check that if you want to know more about Nmap.

Check Listening Ports with lsof command

lsof command is a powerful utility through which we can check the port status. lsof Command stands for list open files.

A lsof command provide the details of the open process, such as sockets like TCP and UDP like a running background file not only the socket you can get information about directories, devices, etc.

To check the port status using lsof in your Ubuntu or Debian pass the following command into your Linux Terminals

$ sudo lsof -i -P -n

Now we explain to you the flags or parameter that we used above in the above command

  • -i It is used to select IPv4 and IPv6 files
  • -P :- It is used show the numerical address instead of hostname
  • -n :- This flag will ensure that port number should show on screen.

To filter which port is listening we will use grep command along pipe line

$ sudo lsof -i -P -n | grep LISTEN
systemd-r  521 systemd-resolve   13u  IPv4  21271      0t0  TCP 127.0.0.53:53 (LISTEN)
cupsd      557            root    6u  IPv6  25013      0t0  TCP [::1]:631 (LISTEN)
cupsd      557            root    7u  IPv4  25014      0t0  TCP 127.0.0.1:631 (LISTEN)

The output we receive has the following information like service name, process ID (PID), user, type of protocols and the port the number which is LISTEN.

If you want to check for the specific port status you need to provide a port number like the below command.

$ sudo lsof -i:22

If the process is not running at that moment you will not receive any output, You can use the -V verbose parameter along with the above command to get detail of processing.

Check Listening Ports with ss command

Earlier, we use the netstat command to check the port status, but not now some of the Linux distributions deprecated netstat so we have to use the ss command.

Some of the features of netstat is missing but ss is faster compare to netstat and ss use the netlink API.

To get the active port status to pass the following command in your terminal windows.

$ sudo ss -tulnp

Now we explain to you the flags or parameter that we used above in the above command

  • -t :- This flag used to show TCP sockets
  • -u :- It is used show the UDP sockets
  • -n:- It will make sure not to convert numerical address to hostname
  • -l :- This will list all the listening ports.
  • -p :- It will show the process ID(PID)

This command will list the the following informations

  • Netid :- This will show you which type of sockets is TCP or UDP
  • State :- Whether the port is Listening or not.
  • Recv-Q :- Show the number of received packets.
  • Send-Q :- Show the number of sent packets.
  • Local Address:Port :- It will list the local IP address along with the port number.
  • Peer Address:Port :- Information about remote address along with the port number.
  • Process :- This will show the process information.

The above command list all the port status but if you want for only LISTEN port use grep command like the below command.

$ sudo ss -tulnp | grep LISTEN
tcp     LISTEN   0        4096       127.0.0.53%lo:53             0.0.0.0:*      users:(("systemd-resolve",pid=521,fd=13))                                      
tcp     LISTEN   0        5              127.0.0.1:631            0.0.0.0:*      users:(("cupsd",pid=557,fd=7))                                                 
tcp     LISTEN   0        5                  [::1]:631               [::]:*      users:(("cupsd",pid=557,fd=6))    

That’s all for today if you know some other command through which we can check Listening port status please let us know in our comment section.

Leave a Reply