LabEx
Log InJoin For Free

How to check if a port is open in Linux

LinuxLinuxBeginner
Practice Now

Introduction

In this lab, you will learn essential techniques for checking the status of network ports on a Linux system. Understanding which ports are open is fundamental for network administration, troubleshooting, and security analysis.

You will begin by using the netstat command with specific options to list all open TCP and UDP ports that are in a listening state. Next, you will confirm the port status using the more modern ss command, which provides similar network statistics. Finally, you will utilize the nc (netcat) command to actively test connectivity to a specific port, verifying if it is reachable and open from a client perspective. By completing these steps, you will gain practical skills in identifying and verifying open ports on your Linux environment.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL linux(("Linux")) -.-> linux/RemoteAccessandNetworkingGroup(["Remote Access and Networking"]) linux/RemoteAccessandNetworkingGroup -.-> linux/nc("Networking Utility") linux/RemoteAccessandNetworkingGroup -.-> linux/netstat("Network Monitoring") subgraph Lab Skills linux/nc -.-> lab-558746{{"How to check if a port is open in Linux"}} linux/netstat -.-> lab-558746{{"How to check if a port is open in Linux"}} end

List open ports with netstat -tuln

In this step, you will learn how to list open ports on your Linux system using the netstat command. Understanding which ports are open is crucial for network troubleshooting and security.

The netstat command (network statistics) is a command-line tool that displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

We will use the following options with netstat:

  • -t: Display TCP connections.
  • -u: Display UDP connections.
  • -l: Display listening sockets (open ports).
  • -n: Display numerical addresses instead of resolving hostnames and service names.

Open your terminal if it's not already open. You can find the Xfce Terminal icon on the left side of your desktop.

Now, type the following command and press Enter:

netstat -tuln

You will see output similar to this:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
udp        0      0 127.0.0.53:53           0.0.0.0:*
udp        0      0 0.0.0.0:68              0.0.0.0:*

Let's break down the output:

  • Proto: The protocol of the socket (e.g., tcp, udp).
  • Local Address: The local IP address and port number. The format is IP_Address:Port. 0.0.0.0 means the service is listening on all available IPv4 interfaces, and ::: means it's listening on all available IPv6 interfaces.
  • Foreign Address: The remote IP address and port number. 0.0.0.0:* or :::* indicates that the socket is not connected to a specific remote address (it's listening).
  • State: The state of the socket. LISTEN means the port is open and waiting for incoming connections.

In the example output, you can see that port 53 (DNS) and port 22 (SSH) are in a LISTEN state for both IPv4 and IPv6.

This command is very useful for quickly checking which services are running and accessible on your system.

Click Continue to proceed to the next step.

Confirm port status using ss -tuln

In the previous step, you used netstat to list open ports. Now, let's use a more modern and often faster tool called ss (socket statistics) to achieve the same goal. ss is designed to replace netstat and provides more detailed information about sockets.

We will use similar options with ss as we did with netstat:

  • -t: Display TCP sockets.
  • -u: Display UDP sockets.
  • -l: Display listening sockets (open ports).
  • -n: Display numerical addresses instead of resolving hostnames and service names.

Open your terminal if it's not already open.

Type the following command and press Enter:

ss -tuln

You will see output similar to this:

Netid  State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
udp    UNCONN     0      0      127.0.0.53%lo:53                 0.0.0.0:*
udp    UNCONN     0      0      0.0.0.0:68                       0.0.0.0:*
tcp    LISTEN     0      128    127.0.0.53%lo:53                 0.0.0.0:*
tcp    LISTEN     0      128    0.0.0.0:22                       0.0.0.0:*
tcp    LISTEN     0      128    [::]:22                          [::]:*

The output is similar to netstat, showing the protocol (Netid), state (State), local address and port (Local Address:Port), and peer address and port (Peer Address:Port).

You can see the same ports (53 and 22) listed as LISTEN, confirming the results from netstat.

While the output format is slightly different, ss provides similar information about listening ports and is generally preferred in modern Linux systems due to its performance and additional features (which we won't cover in this introductory lab).

Using both netstat and ss can be helpful for cross-referencing information and becoming familiar with different tools available in Linux.

Click Continue to move on to the next step.

Test port connectivity with nc -zv

In the previous steps, you learned how to list open ports using netstat and ss. Now, let's use the nc command (netcat) to test if you can actually connect to a specific port. nc is a versatile networking utility that can read from and write to network connections using TCP or UDP.

We will use nc with the following options:

  • -z: Specifies that nc should just scan for listening daemons, without sending any data to them. This is useful for checking if a port is open.
  • -v: Enables verbose output, showing more details about the connection attempt.

We will test the connectivity to port 22 (SSH), which we saw was listening in the previous steps. We will test connecting to the local machine, which can be referred to by the IP address 127.0.0.1 or the hostname localhost.

Open your terminal if it's not already open.

Type the following command and press Enter:

nc -zv 127.0.0.1 22

You should see output similar to this:

Connection to 127.0.0.1 22 port [tcp/ssh] succeeded!

This output confirms that nc was able to successfully connect to port 22 on your local machine.

Now, let's try testing a port that is likely not open, for example, port 80 (HTTP), as there is no web server running by default in this environment.

Type the following command and press Enter:

nc -zv 127.0.0.1 80

You will likely see output indicating a connection refused or timeout, similar to this:

nc: connect to 127.0.0.1 port 80 (tcp) failed: Connection refused

This output shows that nc was unable to connect to port 80, which is expected since no service is listening on that port.

Using nc -zv is a quick and easy way to verify if a specific port is reachable and open from your current location.

Click Continue to complete this lab.

Summary

In this lab, you learned how to check if a port is open in Linux using command-line tools. You started by using the netstat -tuln command to list all open TCP and UDP ports that are in a listening state, understanding the output format including protocol, local address, foreign address, and state.

Next, you confirmed the port status using the ss -tuln command, which provides similar information to netstat but is often considered a more modern and faster alternative. Finally, you learned how to test connectivity to a specific port using the nc -zv command, which attempts to establish a connection and reports whether the port is open and reachable. These steps provide essential skills for network troubleshooting and security analysis on Linux systems.

Related Linux Courses
Quick Start with Linux

Quick Start with Linux

LinuxShell
Beginner
Linux for Noobs

Linux for Noobs

LinuxShell
Intermediate
Practice Linux Commands

Practice Linux Commands

LinuxShell
Beginner