Each service on your Linux server uses different ports (hopefully), and keeping track of them is not an easy task. Fortunately, there are easy ways to list open ports on Linux (or see whether a specific port is already taken or not). I’ve tested different methods and will give you my favorites in this short article.
Using the lsof command on Linux is the most convenient way to check for open ports on the system. With the -nP options, it includes service names and used ports in a readable format.
Let’s start with this method, and I’ll also add a few more that can be useful in different situations.
Check open ports with lsof
The “lsof” command on Linux can be used in a wide range of situations. It stands for “list open files”, but can also be used to get a list of all processes and the network ports each uses.
The output of this command can be quite wordy, so it’s important to use options and filter the result to get exactly what you need.
To check open ports with lsof, use this command:
sudo lsof -i -nP | grep LISTEN
- sudo is important to get the name of the system processes.
- -i stands for “Internet”, but basically means that we are only interested in network ports open.
- -n disable the host resolution to show the IP addresses directly (faster).
- -P to display the port numbers.
- The grep command is used to filter the list with only listening ports (not the ones used by established connections, for example).
The result on Ubuntu should look something like:
In this example, you can see at a glance that I have a few TCP ports open (last column: 22, 53, 631 and 80). These ports are used by the processes listed in the first column: Systemd (SSH & DNS), Cups and Apache.
To quickly check if a specific port is open, we can specify it with the -i option, like:
sudo lsof -i:80
In this example, we can see that port 80 is already used by Apache, the web server.
In summary, lsof is a great way to quickly identify the open ports on a Linux server. Just make sure to add the right options (-i -nP) to get a filtered list with only the important lines, as it can also be used for many other things.
If you’re new to the Linux command line, this article will give you the most important Linux commands to know, plus a free downloadable cheat sheet to keep handy.
List open ports with the “ss” command
The Linux command “ss” is newer than alternatives like “lsof” or “netstat” mentioned in this article, but it’s now available on most distributions by default and is well-suited to check open ports on your server.
To get a list of the open ports on a Linux server with “ss”, use the following command:
sudo ss -ltn
No need to use grep in this case, you’ll get an easy-to-read list looking like:
In the last column, you can see which ports are open, and on which IP address.
The options added to the command work as follows:
- -t: Only show TCP ports (use -u to include UDP ports).
- -l: Only list ports open in LISTEN mode (the grep equivalent),
- -n: Shows port numbers, do not use their names (http, ssh, …).
You can add the option “-p” to get the process names if needed.
There is no direct option to check if a port is open, but you can use the grep command to filter the list, for example:
sudo ss -ltn | grep 80
It will only display something if the port is open (in my example, port 80 is open, but not port 443).
GUI tools listing open ports on Ubuntu
If you have a desktop environment installed on your Linux server (Ubuntu or other distributions), you don’t necessarily need to use command lines. Tools like “Network Tools” can be used to quickly list open ports instead.
I tried it on my Ubuntu system, and it works pretty well.
“Network Tools” is available directly in the default repository, so you’ll find it in the “Ubuntu Software Center”. You can search for “Network” for example, and install it in one click:
Once installed, it will be available in your app launcher, and you can go to the “Port Scan” tab to list the open ports.
Type “localhost” in the network address, and click on “Scan” to get the list of ports open locally. But it can also scan a remote address if needed.
No command is required, and you get the same results! So if you have a desktop interface, you should definitely get this tool. It can also be useful in other situations with many other features (whois, DNS lookup, ping, etc.).
Get open ports with “nmap”
Nmap is the first tool that came to mind when writing this article because I’m used to scanning for IP addresses and ports on remote computers with it. But it isn’t necessarily the most convenient solution for this task.
Nmap is rarely installed by default on most Linux distributions, so you’ll probably need to install it first. It’s available in the default repository, so you can get it with:
sudo apt install nmap
You can then use the nmap to get an inventory of the open ports locally:
sudo nmap -sT localhost
For your information, “-sT” is a single option. It’s short for “TCP connect scan” and will test all TCP ports. Alternatives you can try are “-sU” for UDP ports and “-sS” for SYN scan:
sudo nmap -sT <IP> #TCP connect scan
sudo nmap -sU <IP> #UDP scan
sudo nmap -sS <IP> #TCP SYN scan
With nmap, you can scan the open ports from a remote computer, which can be pretty convenient sometimes. Here is a scan of the same computer from a remote location:
It doesn’t necessarily show the full picture, as there might be a firewall and networking rules in the middle, but for services that are there to be available on the network, it can be useful anyway.
In this precise example, CUPS is not reachable for the other computer, so it’s not listed, even if the port is taken on the Linux server. So make sure to do the right test depending on your goal.
You can also specify a specific port in the command to get a faster result:
sudo nmap -p 80 localhost
Using “netstat” to check for open ports
Netstat is now deprecated and is no longer installed by default on most Debian-based distributions like Ubuntu. It’s still available, but newer tools (like “ss”) are now replacing it.
I’m including it to be thorough, but you shouldn’t need it if you have a recent system installed.
To use netstat on a recent distribution, the first step is to install it with APT:
sudo apt install net-tools
Netstat can be used to get a list of the processes with a network port open:
sudo netstat -tlpn
You should be used to the options if you tested the previous commands, but anyway, here is what they mean:
- -t to show TCP ports.
- -l to show listening ports only.
- -p to get the program name for each port.
- -n to show the numeric value of the port (not the name).
To quickly check if a port is open, you can use grep, as with “ss” previously, for example:
sudo netstat -tlpn | grep 80
How to check if a port is already used in a bash script?
To check if a port is open directly in a Bash script, you can use the “lsof” command with the -i option for a specific port. Add an if statement to run different actions based on the situation.
Here is a simple example:
#!/bin/bash PORT=80 if lsof -i :$PORT | grep LISTEN; then echo "Port $PORT is in use." else echo "Port $PORT is available." fi
Make sure to run the script with sudo:
How to list ports open in the firewall?
If you are using UFW as your firewall, you can use the command “ufw status” to get a list of all rules and quickly identify if a specific port is allowed or not.
sudo ufw status
You can read more about UFW in my guide on this website.
If you are looking for exclusive tutorials, I post a new course each month, available for premium members only. Join the community to get access to all of them right now!
Overwhelmed with Linux commands?
My e-book, “Master Linux Commands”, is your essential guide to mastering the terminal. Get practical tips, real-world examples, and a bonus cheat sheet to keep by your side.
Grab your copy now.
If you just want to hang out with me and other Linux fans, you can also join the community. I share exclusive tutorials and behind-the-scenes content there. Premium members can also visit the website without ads.
More details here.
Need help building something with Python?
Python is a great language to get started with programming on any Linux computer.
Learn the essentials, step-by-step, without losing time understanding useless concepts.
Get the e-book now.