How to check opened/closed ports on my computer?Checking active portsHow can I see what ports are open on my machine?Are my ports opened?How can I access the files on my Ubuntu laptop from my phone if I am tethering?How to find the running network services and the port and userPort is open but service is stoppedMissing sshd process name from netstat resultsAccess nodejs application port from external IPNormal Netstat?Port is not openHow to auto ban an IP when he access some ports?Open ports - NetstatWhat does `netstat -antupe` mean?has netstat been replaced with a new tool?
Do I have a twin with permutated remainders?
Stopping power of mountain vs road bike
What is a clear way to write a bar that has an extra beat?
1960's book about a plague that kills all white people
Is it unprofessional to ask if a job posting on GlassDoor is real?
Fully-Firstable Anagram Sets
Why does Kotter return in Welcome Back Kotter?
Assassin's bullet with mercury
I would say: "You are another teacher", but she is a woman and I am a man
Why does Arabsat 6A need a Falcon Heavy to launch
Why do bosons tend to occupy the same state?
How can I prevent hyper evolved versions of regular creatures from wiping out their cousins?
In a spin, are both wings stalled?
90's TV series where a boy goes to another dimension through portal near power lines
Should I tell management that I intend to leave due to bad software development practices?
Can a rocket refuel on Mars from water?
Watching something be written to a file live with tail
Why is Collection not simply treated as Collection<?>
A reference to a well-known characterization of scattered compact spaces
How can I make my BBEG immortal short of making them a Lich or Vampire?
Could gravitational lensing be used to protect a spaceship from a laser?
Alternative to sending password over mail?
What mechanic is there to disable a threat instead of killing it?
Infinite Abelian subgroup of infinite non Abelian group example
How to check opened/closed ports on my computer?
Checking active portsHow can I see what ports are open on my machine?Are my ports opened?How can I access the files on my Ubuntu laptop from my phone if I am tethering?How to find the running network services and the port and userPort is open but service is stoppedMissing sshd process name from netstat resultsAccess nodejs application port from external IPNormal Netstat?Port is not openHow to auto ban an IP when he access some ports?Open ports - NetstatWhat does `netstat -antupe` mean?has netstat been replaced with a new tool?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
How to check the opened/closed ports on my computer?
I used netstat -a
on command line.
- Does the port status "LISTENING" indicate that the port is open?
- Is any port, that is not shown in the output, closed?
netstat
add a comment |
How to check the opened/closed ports on my computer?
I used netstat -a
on command line.
- Does the port status "LISTENING" indicate that the port is open?
- Is any port, that is not shown in the output, closed?
netstat
Check this post on AskUbuntu!.
– Justgivemeaname
Oct 17 '14 at 12:46
2
@Justgivemeaname:nmap
is a tool to check for open ports on another host. If you can runnetstat
on a machine, it's much faster and reliable to use it.
– David Foerster
Oct 17 '14 at 14:20
@DavidFoerster: Didn't know aboutnetstat
, so I learned that. It says in the link that it should be used from another host, though. Thanks!
– Justgivemeaname
Oct 17 '14 at 14:38
3
Possible duplicate of How can I see what ports are open on my machine?
– Dan Dascalescu
Jan 17 '17 at 20:32
add a comment |
How to check the opened/closed ports on my computer?
I used netstat -a
on command line.
- Does the port status "LISTENING" indicate that the port is open?
- Is any port, that is not shown in the output, closed?
netstat
How to check the opened/closed ports on my computer?
I used netstat -a
on command line.
- Does the port status "LISTENING" indicate that the port is open?
- Is any port, that is not shown in the output, closed?
netstat
netstat
edited Oct 11 '18 at 16:08
abu_bua
4,15981630
4,15981630
asked Oct 17 '14 at 12:43
RouterRouter
901396
901396
Check this post on AskUbuntu!.
– Justgivemeaname
Oct 17 '14 at 12:46
2
@Justgivemeaname:nmap
is a tool to check for open ports on another host. If you can runnetstat
on a machine, it's much faster and reliable to use it.
– David Foerster
Oct 17 '14 at 14:20
@DavidFoerster: Didn't know aboutnetstat
, so I learned that. It says in the link that it should be used from another host, though. Thanks!
– Justgivemeaname
Oct 17 '14 at 14:38
3
Possible duplicate of How can I see what ports are open on my machine?
– Dan Dascalescu
Jan 17 '17 at 20:32
add a comment |
Check this post on AskUbuntu!.
– Justgivemeaname
Oct 17 '14 at 12:46
2
@Justgivemeaname:nmap
is a tool to check for open ports on another host. If you can runnetstat
on a machine, it's much faster and reliable to use it.
– David Foerster
Oct 17 '14 at 14:20
@DavidFoerster: Didn't know aboutnetstat
, so I learned that. It says in the link that it should be used from another host, though. Thanks!
– Justgivemeaname
Oct 17 '14 at 14:38
3
Possible duplicate of How can I see what ports are open on my machine?
– Dan Dascalescu
Jan 17 '17 at 20:32
Check this post on AskUbuntu!.
– Justgivemeaname
Oct 17 '14 at 12:46
Check this post on AskUbuntu!.
– Justgivemeaname
Oct 17 '14 at 12:46
2
2
@Justgivemeaname:
nmap
is a tool to check for open ports on another host. If you can run netstat
on a machine, it's much faster and reliable to use it.– David Foerster
Oct 17 '14 at 14:20
@Justgivemeaname:
nmap
is a tool to check for open ports on another host. If you can run netstat
on a machine, it's much faster and reliable to use it.– David Foerster
Oct 17 '14 at 14:20
@DavidFoerster: Didn't know about
netstat
, so I learned that. It says in the link that it should be used from another host, though. Thanks!– Justgivemeaname
Oct 17 '14 at 14:38
@DavidFoerster: Didn't know about
netstat
, so I learned that. It says in the link that it should be used from another host, though. Thanks!– Justgivemeaname
Oct 17 '14 at 14:38
3
3
Possible duplicate of How can I see what ports are open on my machine?
– Dan Dascalescu
Jan 17 '17 at 20:32
Possible duplicate of How can I see what ports are open on my machine?
– Dan Dascalescu
Jan 17 '17 at 20:32
add a comment |
8 Answers
8
active
oldest
votes
There's a few parameters to netstat
that are useful for this :
-l
or--listening
shows only the sockets currently listening for incoming connection.-a
or--all
shows all sockets currently in use.-t
or--tcp
shows the tcp sockets.-u
or--udp
shows the udp sockets.-n
or--numeric
shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)
** They can also be connecting/disconnecting from the peer.
add a comment |
You can use this command:
netstat -tulnp | grep <port no>
If it shows some process its used. Its closed(not used) if there is no output.
add a comment |
Another alternative command line easy to use to find out which process is using a port:
lsof -n -i4TCP:$PORT | grep LISTEN
I added the next function in my .bash_profile,
function pslisten grep LISTEN`
and now run "pslisten 5060" to see who is grabing my SIP port.
It's work with Apple Mac OS X too.
add a comment |
Is the port status "LISTENING" indicated that the port is opened?
Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.
Any port that are not shown in the output indicated that it's closed?
Yes. Remember netstat -a
will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)
All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss
.
Thanks. you wrote that-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does-a
not show?
– Tim
Aug 21 '18 at 19:28
I don't think the-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the-a
option both active and passive sockets are shown.
– Egon Olieux
Sep 22 '18 at 8:28
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
add a comment |
Or this might help by using watch, then play around with what you want to see.
sudo watch -d -n0 "netstat -atnp | grep ESTA"
sudo watch -d -n0 "netstat -tulnp | grep ESTA"
1
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
add a comment |
Another option is ss. It's much easier to use....
The below command will only output a list of current listening sockets.
root@server:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_dgr UNCONN 0 0 * 23353 * 23352
u_dgr UNCONN 0 0 * 568 * 362
u_dgr UNCONN 0 0 * 14836 * 14837
u_dgr UNCONN 0 0 * 20446 * 369
u_dgr UNCONN 0 0 * 22877 * 369
u_dgr UNCONN 0 0 * 504 * 347
u_dgr UNCONN 0 0 * 16298 * 369
u_dgr UNCONN 0 0 * 23343 * 369
u_dgr UNCONN 0 0 * 24125 * 369
u_dgr UNCONN 0 0 * 24617 * 369
u_dgr UNCONN 0 0 * 23352 * 23353
u_dgr UNCONN 0 0 * 23334 * 369
u_dgr UNCONN 0 0 * 17113 * 369
u_dgr UNCONN 0 0 * 16957 * 369
u_dgr UNCONN 0 0 * 14793 * 362
u_dgr UNCONN 0 0 * 23345 * 362
u_dgr UNCONN 0 0 * 24070 * 369
udp UNCONN 0 0 *:sunrpc *:*
udp UNCONN 0 0 *:981 *:*
udp UNCONN 0 0 :::sunrpc :::*
udp UNCONN 0 0 :::981 :::*
tcp LISTEN 0 128 127.0.0.1:85 *:*
tcp LISTEN 0 128 *:ssh *:*
tcp LISTEN 0 128 *:3128 *:*
tcp LISTEN 0 100 127.0.0.1:smtp *:*
tcp LISTEN 0 128 *:8006 *:*
tcp LISTEN 0 128 *:sunrpc *:*
tcp LISTEN 0 128 :::ssh :::*
tcp LISTEN 0 100 ::1:smtp :::*
tcp LISTEN 0 128 :::sunrpc :::*
1
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
add a comment |
Actually there is a better way to see what ports you have open. The issue with netstat
or lsof
is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap
like so:
nmap -sT -O localhost
To see open ports.
add a comment |
Boy do I get tired of bad answers! The Op is probably asking about the state of a port, i.e. whether it is open or closed, in reference to whether that port is exposed to the internet or some other external net. He/she is probably not asking about whether a process is listening to some port or whether a connections is established to that port. Netstat can ONLY show the later information, but to determine if a port is "open or closed" one has to look at the firewall (iptables) rules to determine if a connection on a port will even be allowed to connect to a listening process.
To demonstrate when this distinction can be used to one's advantage, I often run services that are always listening on closed ports. Examples are FTP, SSH, and VPN that I occasionally want to use, and I don't want to leave the service exposed and subjected to login attacks. Using netstat alone would erroneously indicate the associated ports are open, if one believes the above answers that imply listening = open; when in fact my firewall IS blocking those ports. Why do I do this? Because I use a port knocker to dynamically tell my firewall to open the necessary port to allow a connection to the underlying listening service when I or my users need to use those services. Therefore, from an external viewpoint, those ports are normally and usually CLOSED even though there is a service listening on them all the time.
New contributor
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f538208%2fhow-to-check-opened-closed-ports-on-my-computer%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
8 Answers
8
active
oldest
votes
8 Answers
8
active
oldest
votes
active
oldest
votes
active
oldest
votes
There's a few parameters to netstat
that are useful for this :
-l
or--listening
shows only the sockets currently listening for incoming connection.-a
or--all
shows all sockets currently in use.-t
or--tcp
shows the tcp sockets.-u
or--udp
shows the udp sockets.-n
or--numeric
shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)
** They can also be connecting/disconnecting from the peer.
add a comment |
There's a few parameters to netstat
that are useful for this :
-l
or--listening
shows only the sockets currently listening for incoming connection.-a
or--all
shows all sockets currently in use.-t
or--tcp
shows the tcp sockets.-u
or--udp
shows the udp sockets.-n
or--numeric
shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)
** They can also be connecting/disconnecting from the peer.
add a comment |
There's a few parameters to netstat
that are useful for this :
-l
or--listening
shows only the sockets currently listening for incoming connection.-a
or--all
shows all sockets currently in use.-t
or--tcp
shows the tcp sockets.-u
or--udp
shows the udp sockets.-n
or--numeric
shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)
** They can also be connecting/disconnecting from the peer.
There's a few parameters to netstat
that are useful for this :
-l
or--listening
shows only the sockets currently listening for incoming connection.-a
or--all
shows all sockets currently in use.-t
or--tcp
shows the tcp sockets.-u
or--udp
shows the udp sockets.-n
or--numeric
shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)
** They can also be connecting/disconnecting from the peer.
edited Jan 30 at 17:14
answered Oct 17 '14 at 13:53
kbenoitkbenoit
1,9971814
1,9971814
add a comment |
add a comment |
You can use this command:
netstat -tulnp | grep <port no>
If it shows some process its used. Its closed(not used) if there is no output.
add a comment |
You can use this command:
netstat -tulnp | grep <port no>
If it shows some process its used. Its closed(not used) if there is no output.
add a comment |
You can use this command:
netstat -tulnp | grep <port no>
If it shows some process its used. Its closed(not used) if there is no output.
You can use this command:
netstat -tulnp | grep <port no>
If it shows some process its used. Its closed(not used) if there is no output.
edited Sep 16 '15 at 12:29
Community♦
1
1
answered Oct 17 '14 at 12:45
kashminderkashminder
1,100815
1,100815
add a comment |
add a comment |
Another alternative command line easy to use to find out which process is using a port:
lsof -n -i4TCP:$PORT | grep LISTEN
I added the next function in my .bash_profile,
function pslisten grep LISTEN`
and now run "pslisten 5060" to see who is grabing my SIP port.
It's work with Apple Mac OS X too.
add a comment |
Another alternative command line easy to use to find out which process is using a port:
lsof -n -i4TCP:$PORT | grep LISTEN
I added the next function in my .bash_profile,
function pslisten grep LISTEN`
and now run "pslisten 5060" to see who is grabing my SIP port.
It's work with Apple Mac OS X too.
add a comment |
Another alternative command line easy to use to find out which process is using a port:
lsof -n -i4TCP:$PORT | grep LISTEN
I added the next function in my .bash_profile,
function pslisten grep LISTEN`
and now run "pslisten 5060" to see who is grabing my SIP port.
It's work with Apple Mac OS X too.
Another alternative command line easy to use to find out which process is using a port:
lsof -n -i4TCP:$PORT | grep LISTEN
I added the next function in my .bash_profile,
function pslisten grep LISTEN`
and now run "pslisten 5060" to see who is grabing my SIP port.
It's work with Apple Mac OS X too.
answered Mar 13 '15 at 7:22
Fernando SantucciFernando Santucci
8551714
8551714
add a comment |
add a comment |
Is the port status "LISTENING" indicated that the port is opened?
Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.
Any port that are not shown in the output indicated that it's closed?
Yes. Remember netstat -a
will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)
All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss
.
Thanks. you wrote that-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does-a
not show?
– Tim
Aug 21 '18 at 19:28
I don't think the-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the-a
option both active and passive sockets are shown.
– Egon Olieux
Sep 22 '18 at 8:28
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
add a comment |
Is the port status "LISTENING" indicated that the port is opened?
Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.
Any port that are not shown in the output indicated that it's closed?
Yes. Remember netstat -a
will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)
All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss
.
Thanks. you wrote that-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does-a
not show?
– Tim
Aug 21 '18 at 19:28
I don't think the-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the-a
option both active and passive sockets are shown.
– Egon Olieux
Sep 22 '18 at 8:28
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
add a comment |
Is the port status "LISTENING" indicated that the port is opened?
Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.
Any port that are not shown in the output indicated that it's closed?
Yes. Remember netstat -a
will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)
All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss
.
Is the port status "LISTENING" indicated that the port is opened?
Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.
Any port that are not shown in the output indicated that it's closed?
Yes. Remember netstat -a
will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)
All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss
.
edited Sep 24 '18 at 20:19
answered Oct 17 '14 at 13:53
heemaylheemayl
67.8k11142214
67.8k11142214
Thanks. you wrote that-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does-a
not show?
– Tim
Aug 21 '18 at 19:28
I don't think the-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the-a
option both active and passive sockets are shown.
– Egon Olieux
Sep 22 '18 at 8:28
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
add a comment |
Thanks. you wrote that-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does-a
not show?
– Tim
Aug 21 '18 at 19:28
I don't think the-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the-a
option both active and passive sockets are shown.
– Egon Olieux
Sep 22 '18 at 8:28
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
Thanks. you wrote that
-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a
not show?– Tim
Aug 21 '18 at 19:28
Thanks. you wrote that
-a
means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a
not show?– Tim
Aug 21 '18 at 19:28
I don't think the
-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a
option both active and passive sockets are shown.– Egon Olieux
Sep 22 '18 at 8:28
I don't think the
-a
option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a
option both active and passive sockets are shown.– Egon Olieux
Sep 22 '18 at 8:28
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@EgonOlieux Thanks. I stand corrected; edited the answer.
– heemayl
Sep 24 '18 at 20:20
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
@heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.
– Egon Olieux
Sep 25 '18 at 20:37
add a comment |
Or this might help by using watch, then play around with what you want to see.
sudo watch -d -n0 "netstat -atnp | grep ESTA"
sudo watch -d -n0 "netstat -tulnp | grep ESTA"
1
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
add a comment |
Or this might help by using watch, then play around with what you want to see.
sudo watch -d -n0 "netstat -atnp | grep ESTA"
sudo watch -d -n0 "netstat -tulnp | grep ESTA"
1
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
add a comment |
Or this might help by using watch, then play around with what you want to see.
sudo watch -d -n0 "netstat -atnp | grep ESTA"
sudo watch -d -n0 "netstat -tulnp | grep ESTA"
Or this might help by using watch, then play around with what you want to see.
sudo watch -d -n0 "netstat -atnp | grep ESTA"
sudo watch -d -n0 "netstat -tulnp | grep ESTA"
edited Jul 23 '17 at 21:54
answered Jan 4 '17 at 11:57
Ian CroasdellIan Croasdell
292
292
1
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
add a comment |
1
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
1
1
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
-a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp
– ModerateJavaScriptDev
Jul 2 '17 at 23:31
add a comment |
Another option is ss. It's much easier to use....
The below command will only output a list of current listening sockets.
root@server:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_dgr UNCONN 0 0 * 23353 * 23352
u_dgr UNCONN 0 0 * 568 * 362
u_dgr UNCONN 0 0 * 14836 * 14837
u_dgr UNCONN 0 0 * 20446 * 369
u_dgr UNCONN 0 0 * 22877 * 369
u_dgr UNCONN 0 0 * 504 * 347
u_dgr UNCONN 0 0 * 16298 * 369
u_dgr UNCONN 0 0 * 23343 * 369
u_dgr UNCONN 0 0 * 24125 * 369
u_dgr UNCONN 0 0 * 24617 * 369
u_dgr UNCONN 0 0 * 23352 * 23353
u_dgr UNCONN 0 0 * 23334 * 369
u_dgr UNCONN 0 0 * 17113 * 369
u_dgr UNCONN 0 0 * 16957 * 369
u_dgr UNCONN 0 0 * 14793 * 362
u_dgr UNCONN 0 0 * 23345 * 362
u_dgr UNCONN 0 0 * 24070 * 369
udp UNCONN 0 0 *:sunrpc *:*
udp UNCONN 0 0 *:981 *:*
udp UNCONN 0 0 :::sunrpc :::*
udp UNCONN 0 0 :::981 :::*
tcp LISTEN 0 128 127.0.0.1:85 *:*
tcp LISTEN 0 128 *:ssh *:*
tcp LISTEN 0 128 *:3128 *:*
tcp LISTEN 0 100 127.0.0.1:smtp *:*
tcp LISTEN 0 128 *:8006 *:*
tcp LISTEN 0 128 *:sunrpc *:*
tcp LISTEN 0 128 :::ssh :::*
tcp LISTEN 0 100 ::1:smtp :::*
tcp LISTEN 0 128 :::sunrpc :::*
1
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
add a comment |
Another option is ss. It's much easier to use....
The below command will only output a list of current listening sockets.
root@server:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_dgr UNCONN 0 0 * 23353 * 23352
u_dgr UNCONN 0 0 * 568 * 362
u_dgr UNCONN 0 0 * 14836 * 14837
u_dgr UNCONN 0 0 * 20446 * 369
u_dgr UNCONN 0 0 * 22877 * 369
u_dgr UNCONN 0 0 * 504 * 347
u_dgr UNCONN 0 0 * 16298 * 369
u_dgr UNCONN 0 0 * 23343 * 369
u_dgr UNCONN 0 0 * 24125 * 369
u_dgr UNCONN 0 0 * 24617 * 369
u_dgr UNCONN 0 0 * 23352 * 23353
u_dgr UNCONN 0 0 * 23334 * 369
u_dgr UNCONN 0 0 * 17113 * 369
u_dgr UNCONN 0 0 * 16957 * 369
u_dgr UNCONN 0 0 * 14793 * 362
u_dgr UNCONN 0 0 * 23345 * 362
u_dgr UNCONN 0 0 * 24070 * 369
udp UNCONN 0 0 *:sunrpc *:*
udp UNCONN 0 0 *:981 *:*
udp UNCONN 0 0 :::sunrpc :::*
udp UNCONN 0 0 :::981 :::*
tcp LISTEN 0 128 127.0.0.1:85 *:*
tcp LISTEN 0 128 *:ssh *:*
tcp LISTEN 0 128 *:3128 *:*
tcp LISTEN 0 100 127.0.0.1:smtp *:*
tcp LISTEN 0 128 *:8006 *:*
tcp LISTEN 0 128 *:sunrpc *:*
tcp LISTEN 0 128 :::ssh :::*
tcp LISTEN 0 100 ::1:smtp :::*
tcp LISTEN 0 128 :::sunrpc :::*
1
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
add a comment |
Another option is ss. It's much easier to use....
The below command will only output a list of current listening sockets.
root@server:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_dgr UNCONN 0 0 * 23353 * 23352
u_dgr UNCONN 0 0 * 568 * 362
u_dgr UNCONN 0 0 * 14836 * 14837
u_dgr UNCONN 0 0 * 20446 * 369
u_dgr UNCONN 0 0 * 22877 * 369
u_dgr UNCONN 0 0 * 504 * 347
u_dgr UNCONN 0 0 * 16298 * 369
u_dgr UNCONN 0 0 * 23343 * 369
u_dgr UNCONN 0 0 * 24125 * 369
u_dgr UNCONN 0 0 * 24617 * 369
u_dgr UNCONN 0 0 * 23352 * 23353
u_dgr UNCONN 0 0 * 23334 * 369
u_dgr UNCONN 0 0 * 17113 * 369
u_dgr UNCONN 0 0 * 16957 * 369
u_dgr UNCONN 0 0 * 14793 * 362
u_dgr UNCONN 0 0 * 23345 * 362
u_dgr UNCONN 0 0 * 24070 * 369
udp UNCONN 0 0 *:sunrpc *:*
udp UNCONN 0 0 *:981 *:*
udp UNCONN 0 0 :::sunrpc :::*
udp UNCONN 0 0 :::981 :::*
tcp LISTEN 0 128 127.0.0.1:85 *:*
tcp LISTEN 0 128 *:ssh *:*
tcp LISTEN 0 128 *:3128 *:*
tcp LISTEN 0 100 127.0.0.1:smtp *:*
tcp LISTEN 0 128 *:8006 *:*
tcp LISTEN 0 128 *:sunrpc *:*
tcp LISTEN 0 128 :::ssh :::*
tcp LISTEN 0 100 ::1:smtp :::*
tcp LISTEN 0 128 :::sunrpc :::*
Another option is ss. It's much easier to use....
The below command will only output a list of current listening sockets.
root@server:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_dgr UNCONN 0 0 * 23353 * 23352
u_dgr UNCONN 0 0 * 568 * 362
u_dgr UNCONN 0 0 * 14836 * 14837
u_dgr UNCONN 0 0 * 20446 * 369
u_dgr UNCONN 0 0 * 22877 * 369
u_dgr UNCONN 0 0 * 504 * 347
u_dgr UNCONN 0 0 * 16298 * 369
u_dgr UNCONN 0 0 * 23343 * 369
u_dgr UNCONN 0 0 * 24125 * 369
u_dgr UNCONN 0 0 * 24617 * 369
u_dgr UNCONN 0 0 * 23352 * 23353
u_dgr UNCONN 0 0 * 23334 * 369
u_dgr UNCONN 0 0 * 17113 * 369
u_dgr UNCONN 0 0 * 16957 * 369
u_dgr UNCONN 0 0 * 14793 * 362
u_dgr UNCONN 0 0 * 23345 * 362
u_dgr UNCONN 0 0 * 24070 * 369
udp UNCONN 0 0 *:sunrpc *:*
udp UNCONN 0 0 *:981 *:*
udp UNCONN 0 0 :::sunrpc :::*
udp UNCONN 0 0 :::981 :::*
tcp LISTEN 0 128 127.0.0.1:85 *:*
tcp LISTEN 0 128 *:ssh *:*
tcp LISTEN 0 128 *:3128 *:*
tcp LISTEN 0 100 127.0.0.1:smtp *:*
tcp LISTEN 0 128 *:8006 *:*
tcp LISTEN 0 128 *:sunrpc *:*
tcp LISTEN 0 128 :::ssh :::*
tcp LISTEN 0 100 ::1:smtp :::*
tcp LISTEN 0 128 :::sunrpc :::*
answered Feb 5 '18 at 3:37
zeezee
1212
1212
1
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
add a comment |
1
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
1
1
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
I did not know about this, thanks zee
– nick fox
Feb 8 '18 at 10:19
add a comment |
Actually there is a better way to see what ports you have open. The issue with netstat
or lsof
is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap
like so:
nmap -sT -O localhost
To see open ports.
add a comment |
Actually there is a better way to see what ports you have open. The issue with netstat
or lsof
is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap
like so:
nmap -sT -O localhost
To see open ports.
add a comment |
Actually there is a better way to see what ports you have open. The issue with netstat
or lsof
is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap
like so:
nmap -sT -O localhost
To see open ports.
Actually there is a better way to see what ports you have open. The issue with netstat
or lsof
is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap
like so:
nmap -sT -O localhost
To see open ports.
answered Feb 27 '18 at 0:45
DeveloperDeveloper
1133
1133
add a comment |
add a comment |
Boy do I get tired of bad answers! The Op is probably asking about the state of a port, i.e. whether it is open or closed, in reference to whether that port is exposed to the internet or some other external net. He/she is probably not asking about whether a process is listening to some port or whether a connections is established to that port. Netstat can ONLY show the later information, but to determine if a port is "open or closed" one has to look at the firewall (iptables) rules to determine if a connection on a port will even be allowed to connect to a listening process.
To demonstrate when this distinction can be used to one's advantage, I often run services that are always listening on closed ports. Examples are FTP, SSH, and VPN that I occasionally want to use, and I don't want to leave the service exposed and subjected to login attacks. Using netstat alone would erroneously indicate the associated ports are open, if one believes the above answers that imply listening = open; when in fact my firewall IS blocking those ports. Why do I do this? Because I use a port knocker to dynamically tell my firewall to open the necessary port to allow a connection to the underlying listening service when I or my users need to use those services. Therefore, from an external viewpoint, those ports are normally and usually CLOSED even though there is a service listening on them all the time.
New contributor
add a comment |
Boy do I get tired of bad answers! The Op is probably asking about the state of a port, i.e. whether it is open or closed, in reference to whether that port is exposed to the internet or some other external net. He/she is probably not asking about whether a process is listening to some port or whether a connections is established to that port. Netstat can ONLY show the later information, but to determine if a port is "open or closed" one has to look at the firewall (iptables) rules to determine if a connection on a port will even be allowed to connect to a listening process.
To demonstrate when this distinction can be used to one's advantage, I often run services that are always listening on closed ports. Examples are FTP, SSH, and VPN that I occasionally want to use, and I don't want to leave the service exposed and subjected to login attacks. Using netstat alone would erroneously indicate the associated ports are open, if one believes the above answers that imply listening = open; when in fact my firewall IS blocking those ports. Why do I do this? Because I use a port knocker to dynamically tell my firewall to open the necessary port to allow a connection to the underlying listening service when I or my users need to use those services. Therefore, from an external viewpoint, those ports are normally and usually CLOSED even though there is a service listening on them all the time.
New contributor
add a comment |
Boy do I get tired of bad answers! The Op is probably asking about the state of a port, i.e. whether it is open or closed, in reference to whether that port is exposed to the internet or some other external net. He/she is probably not asking about whether a process is listening to some port or whether a connections is established to that port. Netstat can ONLY show the later information, but to determine if a port is "open or closed" one has to look at the firewall (iptables) rules to determine if a connection on a port will even be allowed to connect to a listening process.
To demonstrate when this distinction can be used to one's advantage, I often run services that are always listening on closed ports. Examples are FTP, SSH, and VPN that I occasionally want to use, and I don't want to leave the service exposed and subjected to login attacks. Using netstat alone would erroneously indicate the associated ports are open, if one believes the above answers that imply listening = open; when in fact my firewall IS blocking those ports. Why do I do this? Because I use a port knocker to dynamically tell my firewall to open the necessary port to allow a connection to the underlying listening service when I or my users need to use those services. Therefore, from an external viewpoint, those ports are normally and usually CLOSED even though there is a service listening on them all the time.
New contributor
Boy do I get tired of bad answers! The Op is probably asking about the state of a port, i.e. whether it is open or closed, in reference to whether that port is exposed to the internet or some other external net. He/she is probably not asking about whether a process is listening to some port or whether a connections is established to that port. Netstat can ONLY show the later information, but to determine if a port is "open or closed" one has to look at the firewall (iptables) rules to determine if a connection on a port will even be allowed to connect to a listening process.
To demonstrate when this distinction can be used to one's advantage, I often run services that are always listening on closed ports. Examples are FTP, SSH, and VPN that I occasionally want to use, and I don't want to leave the service exposed and subjected to login attacks. Using netstat alone would erroneously indicate the associated ports are open, if one believes the above answers that imply listening = open; when in fact my firewall IS blocking those ports. Why do I do this? Because I use a port knocker to dynamically tell my firewall to open the necessary port to allow a connection to the underlying listening service when I or my users need to use those services. Therefore, from an external viewpoint, those ports are normally and usually CLOSED even though there is a service listening on them all the time.
New contributor
New contributor
answered 12 mins ago
Marc CMarc C
1
1
New contributor
New contributor
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f538208%2fhow-to-check-opened-closed-ports-on-my-computer%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Check this post on AskUbuntu!.
– Justgivemeaname
Oct 17 '14 at 12:46
2
@Justgivemeaname:
nmap
is a tool to check for open ports on another host. If you can runnetstat
on a machine, it's much faster and reliable to use it.– David Foerster
Oct 17 '14 at 14:20
@DavidFoerster: Didn't know about
netstat
, so I learned that. It says in the link that it should be used from another host, though. Thanks!– Justgivemeaname
Oct 17 '14 at 14:38
3
Possible duplicate of How can I see what ports are open on my machine?
– Dan Dascalescu
Jan 17 '17 at 20:32