In Linux, a port is a logical communication endpoint that is associated with a running service in the operating system. Ports are entirely managed by the operating system, and each port is associated with a specific service. Ports help administrators identify which services are running on the system.
Each port is usually assigned a number. Port numbers span from 0 to 65535. Ports lower than 1024 are referred to as privileged ports and are used for special protocols. For example, web traffic (HTTP) goes through port 80, while SSH listens to port 22. Ports greater than 1024 are called non-privileged ports and can be used for test purposes. For example, you can configure your webserver to run on one of those ports instead of its default port number.
In this guide, we will focus on how you can find out which processes are listening on which ports in Linux. We have used Ubuntu 20.04 for demonstration purposes.
Using the netstat Linux command
The Linux Netstat command is a portmanteau of the words network and statistics. As you might have guessed, it’s a command-line utility for displaying network & protocol statistics on a Linux system. Additionally, it allows you to print out the routing table, status of TCP & UDP endpoints, and information about your network interfaces.
To view which process is listening to a particular port, use the syntax below:
# netstat -pnltu | grep -w port_number
Let’s break down the list of options:
p – Displays process name and ID
n – Displays port address
l – Lists listening sockets only
t – Prints out TCP connections
u – Prints out UDP connections
In the example below, we are probing for the service listening on port 80.
# netstat -pnltu | grep -w 80
The output indicates that it is the Apache webserver service that is listening on port 80.
To check the service listening on port 3306. Execute:
# netstat -pnltu | grep -w 3306
Using the lsof command
An acronym for List Open Files, the lsof command is a command used for revealing open files & directories. With the -i option, it can reveal the services listening to a particular port.
In the example below, we are searching for the service listening to TCP port 22, which is the SSH (Secure Shell) service.
# lsof -i TCP:22
Using the fuser command
Lastly, we have the fuser command. The fuser utility is a smart command-line tool that is used for locating processes using a socket, a file, or alternatively, a directory. It also does many things such as displaying the type of process, PID of each process, the user that owns the process.
To use fuser to find out the service listening to a port, first, find out the PID of the process as shown.
# fuser 22/tcp
Thereafter proceed and invoke the ps command to reveal the name of the service. Note that 34093 is the PID of the process that we got from the previous command
# ps -p 34093 -o comm=
We have illustrated 3 ways that you can use to reveal the processes that are listening to particular ports on your Linux system. We are hopeful that you can now do so without any issues.
Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications including CCNA RS, SCP, and ACE. As an IT engineer and technical author, he writes for various websites.