Knowing the ports that are in use is very important, and is considered one of the fundamental tasks of system and network administrators. For this, today you will know: How to check ports in use in Ubunu Linux?
Check the firewall on Linux
The first thing you should do before knowing whether or not you have an open port is to check the state of the firewall in the operating system.
You should also know that, in all Linux servers there are regulations and policies that allow accepting all packages, and making some modifications. You can even add new tables, chains, or some rules.
- Now, the process begins by placing the following command in the Linux terminal: iptables -L.
- Immediately, the chains and rules of the table named as ''filter'', if you are using iptables. In the case of Nftables place: nft list ruleset.
An important aspect that you should take into account is that it is recommended that all ports in Linux remain closed. Thus, you have the possibility that they are approved or not according to the firewall.
View the status of TCP and UDP connections
Seeing the status of any of the connections such as TCP, UDP, ICMP, among others is not complicated. It is best to use the tool ''Netsta'', however, for other users, one of the best is ''H.H'', with which you can obtain different information easily and quickly.
It is a tool that is responsible for verifying all open or closed sockets that exist within the operating system. Best of all, it is pre-installed and you just have to run it.
- Once you run it, you should keep an eye on your screen, because the following should appear.
- There, you can find out the status of the connection, and the number of packets that have been received, or even those that have been sent.
- After this, the ports that are in use with the different programs and services also appear.
- Now, if what you want is to see the status of all the ports, or also known as sockets, you must place the following command: ss-a.
- In case you want to see only the ports that are listening, you must place: ss -1.
- If you want to see all TPC connections, you must use the ''-t'' argument. And, in the case that it is the UDP, place the argument ''-u''.
Check ports with the command
Currently, there are several basic commands that allow you to detect the ports that are being used in a system and in the state that they are.
Check ports with the Isof command
The Isof command is considered to be the most basic so far, and the most incredible thing is that it is created by the Linux operating system.
If you want to know the ports that are open through this command, you should take into account that it will show you important information about the program, such as its name, the IP address to which it is associated, and the identifier of all the process. You must put: $ sudo Isof -i -p -n, or $ sudo Isof -i -p -n | grep LISTEN.
Check ports with the netstat command
The parameters of this type of command are easy to memorize, and it is one of the most used by users. Its characteristics are the following:
- Shows all connections for the specified protocol which can be TCP or UDP.
- The list of all UDP ports.
- The list of TCP ports.
- Show the timers.
- It shows you the port number.
- View all the connections that are active in the system.
This way, you just have to make sure to enter the command, and then filter it so that you can get the information you want about a port.
Check ports with the nmap command
With this command you can do different scans within the system to find out the ports that are open on the computer.
To use it, you only have to place a sequence of the type nmap -sX -OY, taking into account in X the value of T or U, for TCP or UDP connections. While, in the Y value, the IP address of the computer.
Check ports with tools
You have the possibility to check the ports with different tools, however, each one has different characteristics.
Use Netcat to check ports
Netcat is one of the tools that you find in the Linux operating system, and it is very easy to use, besides, you do not have to install any other program. The two parameters that characterize it are the following:
- Z: it is the first parameter that ensures that, when the check is finished, the entire connection is closed, because, otherwise, the program would continue to run, until you manually deactivate it by pressing control + C.
- V: Y, this is the parameter that confirms if the port is open or closed.
For this process, what you should do is place in a terminal: nc -zv {IP} {PORT}.
Is it safe to use NetCat?
It is completely safe, it is even a tool that many users use to hack or spy on and detect security holes, among other things.
What you should keep in mind is that this command must be downloaded from a secure source on the Internet, and it is also recommended to run scans whenever you can on your computer.
Use Nmap to check ports
Nmap is an open source program, generally used for all security audits. The design is created with the purpose that it can be used in large networks, however, it also works perfectly on individual hosts.
Nmap is also the program that is used specifically in order to discover hosts and to check the ports that are open or closed.
You must bear in mind that it is not a program that is pre-installed in the Linux operating system, and therefore it must be installed from the repositories, placing:
- sudo apt install nmap.
- After it opens, if you want to know the port that is open, put: nmap -o {IP} {PORT}.
Dangers of having open ports
Although for many this may be something unimportant, it is not so, these open ports function as doors for information to enter or be sent from your computer.
The dangers of leaving the ports open is that your computer and operating system will be vulnerable to any error or external threat.
