Posted: . At: 7:39 PM. This was 10 years ago. Post ID: 7610
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.

Useful networking commands for listing open ports and listening services.

To print a list of all open ports and established TCP connections, type this command.

homer@deusexmachina /etc/asterisk $ netstat  -vatn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 127.0.0.1:4101          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
tcp        0    256 192.168.100.4:443       153.107.97.168:53761    ESTABLISHED
tcp      328      0 192.168.100.4:36294     192.168.100.1:139       ESTABLISHED
tcp6       0      0 :::139                  :::*                    LISTEN
tcp6       0      0 :::111                  :::*                    LISTEN
tcp6       0      0 ::1:631                 :::*                    LISTEN
tcp6       0      0 :::443                  :::*                    LISTEN
tcp6       0      0 :::445                  :::*                    LISTEN

To list all open UDP connections, use this command.

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 0.0.0.0:68              0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
udp        0      0 192.168.100.4:123       0.0.0.0:*
udp        0      0 127.0.0.1:123           0.0.0.0:*
udp        0      0 0.0.0.0:123             0.0.0.0:*
udp        0      0 192.168.100.255:137     0.0.0.0:*
udp        0      0 192.168.100.4:137       0.0.0.0:*
udp        0      0 0.0.0.0:137             0.0.0.0:*
udp        0      0 192.168.100.255:138     0.0.0.0:*
udp        0      0 192.168.100.4:138       0.0.0.0:*
udp        0      0 0.0.0.0:138             0.0.0.0:*
udp        0      0 0.0.0.0:4520            0.0.0.0:*
udp        0      0 0.0.0.0:4569            0.0.0.0:*
udp        0      0 0.0.0.0:5000            0.0.0.0:*
udp        0      0 0.0.0.0:912             0.0.0.0:*
udp        0      0 0.0.0.0:5060            0.0.0.0:*
udp        0      0 0.0.0.0:1900            0.0.0.0:*
udp        0      0 0.0.0.0:11422           0.0.0.0:*
udp6       0      0 :::111                  :::*
udp6       0      0 fe80::fa1a:67ff:fe1:123 :::*
udp6       0      0 fe80::7a94:7b57:123     :::*
udp6       0      0 2001:470:1f06:1b5:::123 :::*
udp6       0      0 ::1:123                 :::*
udp6       0      0 :::123                  :::*
udp6       0      0 :::912                  :::*
udp6       0      0 :::39542                :::*

How to list all listening connections on a Linux box.

netstat --listening

How to list all open ports on a Linux box.

homer@deusexmachina ~ $ lsof -i
COMMAND    PID  USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
gvfsd-smb 5755 homer   11u  IPv4  16578      0t0  TCP 192.168.100.4:36294->192.168.100.1:netbios-ssn (ESTABLISHED)
gvfsd-smb 5755 homer   12u  IPv4  16578      0t0  TCP 192.168.100.4:36294->192.168.100.1:netbios-ssn (ESTABLISHED)

The lsof -i command will list all open ports on your system.

Type: sudo apt-get install sockstat and then you gain a cool FreeBSD command for querying open ports.

This netstat parameter lists the results with the FQDN.

homer@deusexmachina ~ $ netstat  -vat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:4101          *:*                     LISTEN
tcp        0      0 *:netbios-ssn           *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
tcp        0      0 *:cisco-sccp            *:*                     LISTEN
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp        0      0 *:https                 *:*                     LISTEN
tcp        0      0 *:microsoft-ds          *:*                     LISTEN
tcp        0    256 192.168.100.4:https     153.107.97.168:53761    ESTABLISHED
tcp      340      0 192.168.100.4:36294     192.168.100:netbios-ssn ESTABLISHED
tcp6       0      0 [::]:netbios-ssn        [::]:*                  LISTEN
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
tcp6       0      0 [::]:https              [::]:*                  LISTEN
tcp6       0      0 [::]:microsoft-ds       [::]:*                  LISTEN

Show an established SSH connection on your server.

ubuntu ~ $ ss | grep ssh
tcp    ESTAB      0      36        172.31.67.16:ssh      192.168.100.87:49839

1 thought on “Useful networking commands for listing open ports and listening services.”

  1. Great article! However you forgot to mention another great tool for network/socket connections. The ss (socket statistics) command is capable of showing more information than the netstat and is faster.

    Reply

Leave a Reply to RoseHosting Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.