As many functions rely on specific ports to function, it is essential to know the status of Ports. Port configuration can lead to Proper Functioning of Applications, and Remote Access as well. With the awareness of Open Ports, we can protect our system from unwanted and unauthorized access, we can allow or deny any type of traffic on a specific port, and it can also help us identify issues in our network configuration or connectivity.
In this article, we will discuss the different methods used to check which TCP Ports are Open and which ones are Closed.
How Do I know if a TCP Port is Open or Closed on Ubuntu 22.04?
Several Methods can be used to find out if a TCP Port is opened or closed on Ubuntu 22.04. The methods are
- Using “lsof” Command
- Viewing Network Service List
- Using “netstat” Command
- Using “ss” Command
- Using “nmap”
- Using Bash Script
- Using “netcat” Command
Each method is explained in detail below.
Using “lsof” to Check Whether the Port is Opened or Closed
The “lsof” or “List Open Files” Command lists information about files currently opened by a process. Although it is used to list opened and in-process files, it can also be used to know whether a Network Port is Opened or Closed. The Syntax to use the “lsof” command is:
The “[options]” can be used to display the specific output you want. To display the list of open network connection, use the “-i” tag:
Here, the “LISTEN” ones are those ports that are Open. To check whether the TCP ports are opened or not, use the command:
The “grep” will filter the ports that are in the “LISTEN” state, the “-P” is used to show the Port Number, and “-i” is used to show all the Open Sockets. The below TCP Ports are all open:
With “lsof”, a specific port can also be checked whether it is closed or open with the command:
This command will check whether port 22 is opened or not:
Using “netstat” to Check Whether the Port is Opened or Closed
The “netstat” command is used to display Active Connections, Open Ports, and Network Statistics. To use netstat, use the command:
This will display all the Active Connections:
Flags can be used with the “netstat” command to display according to your needs. To get only the TCP Port, use the command:
The “-t” flag means only the TCP Connections and the “l” flag means list those connections. This will display the TCP Ports only:
To display the Active TCP Ports using “netstat” use the command:
The “grep” will filter the list and return only the TCP Ports that are open:
If you want to check whether a specific TCP Port is Opened or Closes, use the netstat command as
The “grep” command will filter and return only the Port 22 connections. In our case, the Port is Closed so no output will be displayed and the command line will move to the next line:
Using the “ss” Command to Check Whether the Port is Opened or Closed
The “ss” command lists all the Sockets and Listening Sockets, and it also displays the Connections Established. It is simpler and faster than the “netstat” command. To use the “ss” command, use the following command:
The “-tulpn” will display all the TCP/UDP Connections:
To display only the TCP Ports, use the command:
The “-tl” command will display the TCP port connections only:
Now to display the Open Ports only, use the command:
The “grep” filters the list for Open Connections only:
Using “nmap” to Check Whether the Port is Opened or Closed
To check the Port Status on a Remote Host Machine, the “nmap” command is used. The syntax includes the Host Machine’s IP Address and the Port Number:
Considering my case where the Host System name is “tahakhan” and the Client is “ubuntu1”. The IP address of my Host Machine is “192.168.184.130”. To check the status of all the TCP Ports on the Host Machine, the “nmap” command will be:
The “-p-” specifies to scan all the TCP Ports. The filtered TCP Ports are returned:
Using “netcat” to Check Whether the Port is Opened or Closed
The “netcat” command is used to analyze network hosts by connecting to a TCP port. The netcat command includes the hostname and the port number to analyze the network:
The “-zv” flag scans for the Open Ports whereas the “nc” simply means netcat. To check the status of TCP Ports in some range using netcat, use the command:
In our case, the host “tahakhan” will be scanned for Open Ports between 20-200:
This command will scan the Host Machine Ports one by one from Port 20 to Port 200 and return the status. If the “Connection Succeeds” it means the TCP Port is Open.
You can also check a specific Port status using the netcat command:
This will check the status of Port 22:
Similarly, to check the Status of Port 64, use the netcat command:
If the Port is closed, the connection will be refused as seen in our case:
Using Bash Script to Check Whether Port is Opened or Closed
To check whether a TCP Port is Open or Closed using a Bash Script, use the following syntax:
This syntax can be modified to be used in the terminal. To check whether the Port 22 is Open or Closed, use the Bash Script as:
If the TCP Port is Open, the echo command will display “Port Open”, as seen in our case:
To check if the Port 64 is Opened, modify the Bash Script as:
Now if the TCP Port is closed, the echo command will display “Port Closed” in the terminal, as seen in our case:
Viewing Network Service List to Check Whether Port is Opened or Closed
The “/etc/services” text file consists of the names of the services along with the assigned port numbers. Thus, by viewing the file, you can see which Ports are Open. To open the file use the command:
The highlighted “use of each TCP Protocol” means those Ports are Open:
Conclusion
To check if the TCP port is open or closed on Ubuntu 22.04, the “lsof”, “ss”, “netstat”, “nmap”, “netcat”, and “Bash” commands are used. Finding out Open Ports is among the crucial concerns of a System Administrator as leaving them unchecked will lead to potential security concerns. This article explained the step-by-step procedure of different methods to check active or open TCP Ports.