How to check open ports in Linux: On local & remote hosts; nc, telnet, nmap, netstat commands.

In this article, we will look how to check for open ports on a remote Linux server.

The most commonly used commands for this purpose is telnet, nc, and nmap command.

Lets have a look at these commands one by one.

You can view how to use nc command in a loop to test the connectivity on multiple hosts here:
http://ngelinux.com/how-to-test-a-port-connectivity-in-linux-on-multiple-hosts/

 

Check for open port on a remote host

1. Telnet command
Telnet(TErminaL over NETwork) command provides a user interface to interact with the other system via Telnet protocol.

# telnet server-name port-number

telnet host1.ngelinux.com 22
Trying 10.78.22.1...
Connected to host1.ngelinux.com.
Escape character is '^]'.
Connection closed by foreign host.

 

2. Netcat command(nc command)
Netcat is a program for reading and writing to network connections via TCP or UDP protocol. Any network connection(or port open/close) related tasks are driven by netcat utility.

$ nc -vz web-host1.rtl.ngelinux.com 22
found 0 associations
found 1 connections:
     1:	flags=82<CONNECTED,PREFERRED>
	outif ppp0
	src 17.168.57.250 port 57952
	dst 10.75.16.9 port 22
	rank info not available
	TCP aux info available

Connection to web-host1.rtl.ngelinux.com port 22 [tcp/ssh] succeeded!
$ 

 

3. NMAP Command
NMAP(Network MAPper) is a tool which can do the complete host scanning and is helpful to explore the complete network and performing security audit.
It is a very powerful command, and hence risky too hence it is usually not found on production hosts.

[root@nglinux ~]# # nmap server2.ngelinux.com

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2018-11-09 13:12 IST
Interesting ports on server2.ngelinux.com (192.168.0.87):
Not shown: 1674 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
957/tcp  open  unknown
3306/tcp open  mysql
8888/tcp open  sun-answerbook

Nmap finished: 1 IP address (1 host up) scanned in 0.415 seconds
You have new mail in /var/spool/mail/root

 

Here we have seen how to verify the open port on a remote host, however to verify on a local system we can use any of the following utlities.

Check for a open port on a local system.

We can use above commands for local system as well like below:
a. telnet localhost 22
b. nc -vx localhost 22
c. nmap localhost

Alongwith above commands, we have few more utilities available on a local system to check for open port.

1. LSOF command :- LSOF command is used to get list of open files

[root@nglinux ~]# lsof -n -P | grep -i LISTEN
cupsd     1626      root    6u     IPv6      12367      0t0        TCP [::1]:631 (LISTEN)
cupsd     1626      root    7u     IPv4      12368      0t0        TCP 127.0.0.1:631 (LISTEN)
sshd      1773      root    3u     IPv4      13040      0t0        TCP *:22 (LISTEN)
sshd      1773      root    4u     IPv6      13051      0t0        TCP *:22 (LISTEN)
mysqld    2065     mysql   10u     IPv4      13376      0t0        TCP *:3306 (LISTEN)
httpd     2131      root    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2178    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2179    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2180    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2181    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2182    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2183    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2184    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)
httpd     2185    apache    4u     IPv6      13469      0t0        TCP *:80 (LISTEN)

 

2. netstat command
Another useful command is netstat, which is generally used to get the complete network statistics including routing table, etc.
This command is very useful as its available on most of the Unix boxes.

[root@nglinux ~]# netstat -autnp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      2065/mysqld         
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1773/sshd           
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      1626/cupsd          
tcp        0      0 172.21.49.220:22            172.21.49.169:49922         ESTABLISHED 3919/sshd           
tcp        0      0 :::80                       :::*                        LISTEN      2131/httpd          
tcp        0      0 :::22                       :::*                        LISTEN      1773/sshd           
tcp        0      0 ::1:631                     :::*                        LISTEN      1626/cupsd          
udp        0      0 0.0.0.0:847                 0.0.0.0:*                               1468/portreserve    
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               1626/cupsd          
udp        0      0 0.0.0.0:647                 0.0.0.0:*                               1468/portreserve    
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               1651/dhclient       

 

Leave a Reply

Your email address will not be published.