The ss command for Linux allows a user to list all listening ports on a Linux system.
This command lists all listening TCP ports.
homer@deusexmachina ~ $ ss -l -t State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 1 127.0.0.1:4101 *:* LISTEN 0 50 *:netbios-ssn *:* LISTEN 0 128 *:sunrpc *:* LISTEN 0 128 127.0.0.1:ipp *:* LISTEN 0 128 *:https *:* LISTEN 0 50 *:microsoft-ds *:* LISTEN 0 50 :::netbios-ssn :::* LISTEN 0 128 :::sunrpc :::* LISTEN 0 128 ::1:ipp :::* LISTEN 0 128 :::https :::* LISTEN 0 50 :::microsoft-ds :::* |
And this is how to list all listening UDP ports.
homer@deusexmachina ~ $ ss -l -u State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 *:bootpc *:* UNCONN 0 0 *:sunrpc *:* UNCONN 0 0 192.168.100.4:ntp *:* UNCONN 0 0 127.0.0.1:ntp *:* UNCONN 0 0 *:ntp *:* UNCONN 0 0 192.168.100.255:netbios-ns *:* UNCONN 0 0 192.168.100.4:netbios-ns *:* UNCONN 0 0 *:netbios-ns *:* UNCONN 0 0 192.168.100.255:netbios-dgm *:* UNCONN 0 0 192.168.100.4:netbios-dgm *:* UNCONN 0 0 *:netbios-dgm *:* UNCONN 0 0 *:12931 *:* UNCONN 0 0 *:913 *:* UNCONN 0 0 *:mdns *:* UNCONN 0 0 *:1900 *:* UNCONN 0 0 *:60439 *:* UNCONN 0 0 :::sunrpc :::* UNCONN 0 0 fe80::fa1a:67ff:fe10:b163:ntp :::* UNCONN 0 0 fe80::7a94:7b57:ntp :::* UNCONN 0 0 2001:470:1f06:1b5::2:ntp :::* UNCONN 0 0 ::1:ntp :::* UNCONN 0 0 :::ntp :::* UNCONN 0 0 :::53609 :::* UNCONN 0 0 :::913 :::* UNCONN 0 0 :::mdns :::* UNCONN 0 0 :::1865 :::* |
The output of the ss command is very much like the familiar netstat command; but this command has greater capabilities.
Type: ss -a
to list listening and non-listening ports.
The ss -i
command will list all internal TCP information. This is therefore a very useful alternative to the traditionally used netstat utility.
Print summary statistics about your network traffic.
ubuntu ~ $ ss -s Total: 115 (kernel 0) TCP: 8 (estab 1, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 0 Transport Total IP IPv6 * 0 - - RAW 0 0 0 UDP 3 2 1 TCP 7 4 3 INET 10 6 4 FRAG 0 0 0 |
Print keepalive information about each network connection. The keepalive signal keeps the network connection open for use.
ubuntu ~ $ ss -tn -o State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 172.31.20.16:22 192.168.10.77:50981 timer:(keepalive,116min,0) |
List all listening IPv4 services on the machine.
ubuntu ~ $ ss -tl4 State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:ssh *:* LISTEN 0 1 *:https *:* LISTEN 0 50 127.0.0.1:mysql *:* |
List all listening ipv4 services that are actually using an established connection.
ubuntu ~ $ ss -t4 state established Recv-Q Send-Q Local Address:Port Peer Address:Port 0 0 172.31.20.16:ssh 192.168.10.77:50981 |