Useful networking commands for listing open ports and listening services.

Posted: August 7, 2014. At: 7:39 PM. This was 3 years ago. Post ID: 7610
Page permalink: http://securitronlinux.com/debian-testing/useful-networking-commands-for-listing-open-ports-and-listening-services/

Now, we must convince Congress to stop the FCC. Can you display an alert?

To print a list of all open ports and established TCP connections, type this command.

homer@deusexmachina /etc/asterisk $ netstat  -vatn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 127.0.0.1:4101          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
tcp        0    256 192.168.100.4:443       153.107.97.168:53761    ESTABLISHED
tcp      328      0 192.168.100.4:36294     192.168.100.1:139       ESTABLISHED
tcp6       0      0 :::139                  :::*                    LISTEN
tcp6       0      0 :::111                  :::*                    LISTEN
tcp6       0      0 ::1:631                 :::*                    LISTEN
tcp6       0      0 :::443                  :::*                    LISTEN
tcp6       0      0 :::445                  :::*                    LISTEN

To list all open UDP connections, use this command.

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 0.0.0.0:68              0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
udp        0      0 192.168.100.4:123       0.0.0.0:*
udp        0      0 127.0.0.1:123           0.0.0.0:*
udp        0      0 0.0.0.0:123             0.0.0.0:*
udp        0      0 192.168.100.255:137     0.0.0.0:*
udp        0      0 192.168.100.4:137       0.0.0.0:*
udp        0      0 0.0.0.0:137             0.0.0.0:*
udp        0      0 192.168.100.255:138     0.0.0.0:*
udp        0      0 192.168.100.4:138       0.0.0.0:*
udp        0      0 0.0.0.0:138             0.0.0.0:*
udp        0      0 0.0.0.0:4520            0.0.0.0:*
udp        0      0 0.0.0.0:4569            0.0.0.0:*
udp        0      0 0.0.0.0:5000            0.0.0.0:*
udp        0      0 0.0.0.0:912             0.0.0.0:*
udp        0      0 0.0.0.0:5060            0.0.0.0:*
udp        0      0 0.0.0.0:1900            0.0.0.0:*
udp        0      0 0.0.0.0:11422           0.0.0.0:*
udp6       0      0 :::111                  :::*
udp6       0      0 fe80::fa1a:67ff:fe1:123 :::*
udp6       0      0 fe80::7a94:7b57:123     :::*
udp6       0      0 2001:470:1f06:1b5:::123 :::*
udp6       0      0 ::1:123                 :::*
udp6       0      0 :::123                  :::*
udp6       0      0 :::912                  :::*
udp6       0      0 :::39542                :::*

How to list all listening connections on a Linux box.

netstat --listening

How to list all open ports on a Linux box.

homer@deusexmachina ~ $ lsof -i
COMMAND    PID  USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
gvfsd-smb 5755 homer   11u  IPv4  16578      0t0  TCP 192.168.100.4:36294->192.168.100.1:netbios-ssn (ESTABLISHED)
gvfsd-smb 5755 homer   12u  IPv4  16578      0t0  TCP 192.168.100.4:36294->192.168.100.1:netbios-ssn (ESTABLISHED)

The lsof -i command will list all open ports on your system.

Type: sudo apt-get install sockstat and then you gain a cool FreeBSD command for querying open ports.

This netstat parameter lists the results with the FQDN.

homer@deusexmachina ~ $ netstat  -vat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:4101          *:*                     LISTEN
tcp        0      0 *:netbios-ssn           *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
tcp        0      0 *:cisco-sccp            *:*                     LISTEN
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp        0      0 *:https                 *:*                     LISTEN
tcp        0      0 *:microsoft-ds          *:*                     LISTEN
tcp        0    256 192.168.100.4:https     153.107.97.168:53761    ESTABLISHED
tcp      340      0 192.168.100.4:36294     192.168.100:netbios-ssn ESTABLISHED
tcp6       0      0 [::]:netbios-ssn        [::]:*                  LISTEN
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
tcp6       0      0 [::]:https              [::]:*                  LISTEN
tcp6       0      0 [::]:microsoft-ds       [::]:*                  LISTEN

Show an established SSH connection on your server.

ubuntu ~ $ ss | grep ssh
tcp    ESTAB      0      36        172.31.67.16:ssh      192.168.100.87:49839
1 responses to “Useful networking commands for listing open ports and listening services.

Great article! However you forgot to mention another great tool for network/socket connections. The ss (socket statistics) command is capable of showing more information than the netstat and is faster.

Leave a Reply