How to check opened/closed ports on my computer?
Solution 1:
There's a few parameters to netstat that are useful for this :
-
-lor--listeningshows only the sockets currently listening for incoming connection. -
-aor--allshows all sockets currently in use. -
-tor--tcpshows the tcp sockets. -
-uor--udpshows the udp sockets. -
-nor--numericshows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)
** They can also be connecting/disconnecting from the peer.
Solution 2:
You can use this command:
netstat -tulnp | grep <port no>
If it shows some process its used. Its closed(not used) if there is no output.
Solution 3:
Another alternative command line easy to use to find out which process is using a port:
lsof -n -i4TCP:$PORT | grep LISTEN
I added the next function in my .bash_profile,
function pslisten {
echo `lsof -n -i4TCP:$1 | grep LISTEN`
}
and now run "pslisten 5060" to see who is grabing my SIP port.
It's work with Apple Mac OS X too.
Solution 4:
Is the port status "LISTENING" indicated that the port is opened?
Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.
Any port that are not shown in the output indicated that it's closed?
Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)
All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.
Solution 5:
Another option is ss. It's much easier to use....
The below command will only output a list of current listening sockets.
root@server:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_dgr UNCONN 0 0 * 23353 * 23352
u_dgr UNCONN 0 0 * 568 * 362
u_dgr UNCONN 0 0 * 14836 * 14837
u_dgr UNCONN 0 0 * 20446 * 369
u_dgr UNCONN 0 0 * 22877 * 369
u_dgr UNCONN 0 0 * 504 * 347
u_dgr UNCONN 0 0 * 16298 * 369
u_dgr UNCONN 0 0 * 23343 * 369
u_dgr UNCONN 0 0 * 24125 * 369
u_dgr UNCONN 0 0 * 24617 * 369
u_dgr UNCONN 0 0 * 23352 * 23353
u_dgr UNCONN 0 0 * 23334 * 369
u_dgr UNCONN 0 0 * 17113 * 369
u_dgr UNCONN 0 0 * 16957 * 369
u_dgr UNCONN 0 0 * 14793 * 362
u_dgr UNCONN 0 0 * 23345 * 362
u_dgr UNCONN 0 0 * 24070 * 369
udp UNCONN 0 0 *:sunrpc *:*
udp UNCONN 0 0 *:981 *:*
udp UNCONN 0 0 :::sunrpc :::*
udp UNCONN 0 0 :::981 :::*
tcp LISTEN 0 128 127.0.0.1:85 *:*
tcp LISTEN 0 128 *:ssh *:*
tcp LISTEN 0 128 *:3128 *:*
tcp LISTEN 0 100 127.0.0.1:smtp *:*
tcp LISTEN 0 128 *:8006 *:*
tcp LISTEN 0 128 *:sunrpc *:*
tcp LISTEN 0 128 :::ssh :::*
tcp LISTEN 0 100 ::1:smtp :::*
tcp LISTEN 0 128 :::sunrpc :::*