How To Check Which Port Is Listern or Open on Linux

Posted by Planet Malaysia on September 12, 2008

advertisement

For some security reason you may configure SSH or any other protocol using different kind of port number on Linux server. Sometimes it’s important to know which ports are listern or open to the system network, it may open for network instruction or hacking.

Basically there are few methods to see which ports are open on Linux.

“How to check and open ports in Linux”

Option 1:
Check /etc/services file
planetmy:/ # cat /etc/services | grep xxx (xxx = port number)

If the command return no output mean no port configure to listen on the particular port number. For port SSH/22, you should be able to see:
ssh 22/tcp # SSH Remote Login Protocol
ssh 22/udp # SSH Remote Login Protocol

Option 2:
Use netstat command – Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

planetmy:/ # netstat -nan | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7110/sshd

If the command output return ‘LISTEN’, mean the particular port is open or listen on network.

Option 3:
use lsof command – list open files

planetmy:/ # lsof -i -n -P|grep 631
cupsd 17934 lp 0u IPv4 56540196 TCP *:631 (LISTEN)
cupsd 17934 lp 2u IPv4 56540197 UDP *:631

Option 4:
use nmap command – Network exploration tool and security scanner

planetmy:/ # nmap -sS -O 192.168.1.2
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2008-09-12 10:13 GMT
Interesting ports on 192.168.1.2:
(The 1655 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
427/tcp open svrloc
631/tcp open ipp
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux Kernel 2.4.0 – 2.5.20, Linux Kernel 2.4.18 – 2.5.70 (X86)
Nmap run completed — 1 IP address (1 host up) scanned in 4.146 seconds

The output show the system is running SSH on port 22.

Option 5:
use telnet command – user interface to the TELNET protocol

planetmy:/ # telnet 192.168.1.2 22
Trying 192.168.1.2…
Connected to 192.168.1.2.
Escape character is ‘^]’.
SSH-1.99-OpenSSH_4.2

The output show as above mean SSH port 22 is listening on the network

planetmy:/ # telnet 192.168.1.2 122
Trying 192.168.1.2…
telnet: connect to address 192.168.1.2: Connection refused

The output show as above mean port 122 is closed.

Lastly, to make it more perfect, you can get a script as example below:

#!/bin/bash
PORT=:22 #The port number
INITS=sshd #The name of the service in /etc/init.d/
COUNT=$(netstat -lpn | grep $ | wc -l)
if [ $COUNT -lt 1 ]
then
/etc/init.d/$INITS restart
fi

Possibly Related Posts:


« How To Force User Change Password At Next Login on Linux

Categories How's To, Open Source, Tips

Set a Good Password Policy On SuSE Linux »

Comments

4 Responses to “How To Check Which Port Is Listern or Open on Linux”

  1. Wing Loon on September 13th, 2008 6:06 pm

    Correct me if I am wrong. Option 1 is just a reference file. It can’t determine whether a program is listening on that port.

    If the number is not in the /etc/services file, a program can still run as daemon and listen to whatever port numbers.

  2. deepak on September 14th, 2008 2:26 am

    Hi,

    Can anybody tell me that how to redirect output for ’scp’ command, as it created a file when I redirect it, but the file is empty,

    I want to log network speed.

    Thanks,
    Deepak

  3. deepak on September 14th, 2008 2:27 am

    or Is there any other command by which I can log the network speed. ?

  4. Planet Malaysia on September 16th, 2008 11:11 am

    check this: http://www.planetmy.com/blog/bandwidth-monitoring-tools/

Leave a Reply




Planet Malaysia
  • Follow us on Twitter


    • web www.planetmy.com