A port is an addressable network location implemented in an operating system to help differentiate traffic destined for different services or applications. A port is always associated with an IP address of a host and the protocol type for the communication.
Ports are specified by a number ranging from 1 to 65535. There are different categories of ports.
What is meant by ‘Listening’?
A service is said to be “listening” on a port when it is binding to a port/protocol/IP address combination in order to wait for requests from clients of the service. Upon receipt of the request, it establishes a one-to-one server client dialog using the same port number.
Why do you need to know your Open Ports?
Paying attention to which ports are listening on your network is important as open ports can be evidence of an intrusion on your network. Knowledge of the open ports and the kind of information being sent out helps you to thwart malicious efforts aimed at your system. Knowing this is an important part of securing your system.
Do you wish to find out which ports are open or listening on a network? Read on.
There are a number of ways and tools that are available for checking ports which might be listening on your network.
Let us look at a few ways
You need to first install nmap with the following command (Ubuntu).
sudo apt-get update
sudo apt-get install nmap
The following command will indicate which ports are listening for TCP connections from the network.
# sudo nmap -sT -O localhost
The following command will indicate which ports are listening for UDP connections from the network.
# sudo nmap -sU -O localhost
The following command will indicate every TCP and UDP open port -
# sudo nmap -n -PN -sT -sU -p- localhost
# netstat -lntu
-l = only services which are listening on some port
-n = show port number, don't try to resolve the service name
-t = enables listing of tcp ports
-u = enables listing of udp ports
# ss -lntu
# lsof -i
To display all open files, use:
In closing, knowledge about ports is essential for Linux enthusiasts and system administrators in particular. These tools (ss, lsof, netstat and nmap,) are quite flexible and can reveal a great deal about the status of the services running on a machine. You should check up their man pages for more information. You should know that this is just to get you exploring the leaks and exposures on your network. Hope you find this tutorial useful.