In this article, we will briefly talk about ports in computer networking and move to how you can list all open ports in Linux.
In computer networking, and more definitely in software terms, a port is a logical entity which acts as a endpoint of communication to identify a given application or process on an Linux operating system. It is a 16-bit number (0 to 65535) which differentiates one application from another on end systems.
The two most popular Internet transport protocols, Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) and other less known protocols use port numbers for communication sessions (source and destination port numbers in conjunction with the source and destination IP addresses).
In addition, a combination of an IP address, port and protocol such as TCP/UDP is known as a socket, and every service must have a unique socket.
Below are the different categories of ports:
- 0-1023 – the Well Known Ports, also referred to as System Ports.
- 1024-49151 – the Registered Ports, also known as User Ports.
- 49152-65535 – the Dynamic Ports, also referred to as the Private Ports.
You can view a list of different applications and port/protocol combination in /etc/services file in Linux using cat command:
$ cat /etc/services OR $ cat /etc/services | less
# /etc/services: # $Id: services,v 1.48 2009/11/11 14:32:31 ovasik Exp $ # # Network services, Internet style # IANA services version: last updated 2009-11-10 # # Note that it is presently the policy of IANA to assign a single well-known # port number for both TCP and UDP; hence, most entries here have two entries # even if the protocol doesn't support UDP operations. # Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports # are included, only the more common ones. # # The latest IANA port assignments can be gotten from # http://www.iana.org/assignments/port-numbers # The Well Known Ports are those from 0 through 1023. # The Registered Ports are those from 1024 through 49151 # The Dynamic and/or Private Ports are those from 49152 through 65535 # # Each line describes one service, and is of the form: # # service-name port/protocol [aliases ...] [# comment] tcpmux 1/tcp # TCP port service multiplexer tcpmux 1/udp # TCP port service multiplexer rje 5/tcp # Remote Job Entry rje 5/udp # Remote Job Entry echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users systat 11/udp users daytime 13/tcp daytime 13/udp qotd 17/tcp quote qotd 17/udp quote msp 18/tcp # message send protocol msp 18/udp # message send protocol chargen 19/tcp ttytst source chargen 19/udp ttytst source ftp-data 20/tcp ftp-data 20/udp # 21 is registered to ftp, but also used by fsp ftp 21/tcp ftp 21/udp fsp fspd ssh 22/tcp # The Secure Shell (SSH) Protocol ssh 22/udp # The Secure Shell (SSH) Protocol telnet 23/tcp telnet 23/udp
To list all open ports or currently running ports including TCP and UDP in Linux, we will use netstat, is a powerful tool for monitoring network connections and statistics.
$ netstat -lntu Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 :::80 :::* LISTEN tcp 0 0 :::25 :::* LISTEN udp 0 0 0.0.0.0:68 0.0.0.0:*
Where,
-l– prints only listening sockets-n– shows port number-t– enables listing of tcp ports-u– enables listing of udp ports
You can also use ss command, a well known useful utility for examining sockets in a Linux system. Run the command below to list all your open TCP and UCP ports:
$ ss -lntu Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 *:68 *:* tcp LISTEN 0 128 :::22 :::* tcp LISTEN 0 128 *:22 *:* tcp LISTEN 0 50 *:3306 *:* tcp LISTEN 0 128 :::80 ::* tcp LISTEN 0 100 :::25 :::* tcp LISTEN 0 100 *:25
Make it a point to read through the man pages of the commands above for more usage information.
In summary, understanding the concept of ports in computer networking is very vital for system and network administrators. You can as well go through this netstat guide with simple, precise and well explained examples.
Last but not least, get in touch with us by sharing other methods for listing open ports in Linux or asking a question via the response form below.
Awesome post and informative.
Thanks a lot
If you don’t mind I can share some addition info with this post.
If you want to find the port list of oracle application and database in Linux system use the following command.
Else, you can follow this guide to find out Oracle ports: https://docs.oracle.com/cd/B19306_01/install.102/b15660/app_port.htm
Thanks again…
@Reyaz
Thanks for sharing this useful information, we are grateful.
I use `netstat -antlp | grep LISTEN`
I remember “ant” and “lp” options for some reason it sticks in my brain.
@Mike
Thanks for sharing, I use a similar command to find process listening on a port like this:
Where:
Nice article, can I suggest using:
instead of:
The
-poption will show the process/daemon/user/PID who opened the port.Again, nice article!
Chris.
@Chris
Hope you enjoyed it, many thanks for the suggestion; keeps output small enough and clear.
“a port is a logical entity which acts as a endpoint of communication to identify a given application or process on an Linux operating system”. A port does not identify any application or process as the same port can be used by different applications or processes. More correct would be to use the words “is associated with” or “used by” insted. Regards.
@Martins
Many thanks for offering us your useful thoughts, much appreciated.
I guess in most occasions it would be good to add
-pto display also the process which is listening on the respective port@Krankes-kind
Thanks for mentioning that, it’s a useful tip.