How to check opened/closed ports on my computer?












120















How to check the opened/closed ports on my computer?



I used netstat -a on command line.




  • Does the port status "LISTENING" indicate that the port is open?

  • Is any port, that is not shown in the output, closed?










share|improve this question

























  • Check this post on AskUbuntu!.

    – Justgivemeaname
    Oct 17 '14 at 12:46






  • 2





    @Justgivemeaname: nmap is a tool to check for open ports on another host. If you can run netstat on a machine, it's much faster and reliable to use it.

    – David Foerster
    Oct 17 '14 at 14:20











  • @DavidFoerster: Didn't know about netstat, so I learned that. It says in the link that it should be used from another host, though. Thanks!

    – Justgivemeaname
    Oct 17 '14 at 14:38






  • 3





    Possible duplicate of How can I see what ports are open on my machine?

    – Dan Dascalescu
    Jan 17 '17 at 20:32
















120















How to check the opened/closed ports on my computer?



I used netstat -a on command line.




  • Does the port status "LISTENING" indicate that the port is open?

  • Is any port, that is not shown in the output, closed?










share|improve this question

























  • Check this post on AskUbuntu!.

    – Justgivemeaname
    Oct 17 '14 at 12:46






  • 2





    @Justgivemeaname: nmap is a tool to check for open ports on another host. If you can run netstat on a machine, it's much faster and reliable to use it.

    – David Foerster
    Oct 17 '14 at 14:20











  • @DavidFoerster: Didn't know about netstat, so I learned that. It says in the link that it should be used from another host, though. Thanks!

    – Justgivemeaname
    Oct 17 '14 at 14:38






  • 3





    Possible duplicate of How can I see what ports are open on my machine?

    – Dan Dascalescu
    Jan 17 '17 at 20:32














120












120








120


47






How to check the opened/closed ports on my computer?



I used netstat -a on command line.




  • Does the port status "LISTENING" indicate that the port is open?

  • Is any port, that is not shown in the output, closed?










share|improve this question
















How to check the opened/closed ports on my computer?



I used netstat -a on command line.




  • Does the port status "LISTENING" indicate that the port is open?

  • Is any port, that is not shown in the output, closed?







netstat






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Oct 11 '18 at 16:08









abu_bua

3,27981126




3,27981126










asked Oct 17 '14 at 12:43









RouterRouter

856396




856396













  • Check this post on AskUbuntu!.

    – Justgivemeaname
    Oct 17 '14 at 12:46






  • 2





    @Justgivemeaname: nmap is a tool to check for open ports on another host. If you can run netstat on a machine, it's much faster and reliable to use it.

    – David Foerster
    Oct 17 '14 at 14:20











  • @DavidFoerster: Didn't know about netstat, so I learned that. It says in the link that it should be used from another host, though. Thanks!

    – Justgivemeaname
    Oct 17 '14 at 14:38






  • 3





    Possible duplicate of How can I see what ports are open on my machine?

    – Dan Dascalescu
    Jan 17 '17 at 20:32



















  • Check this post on AskUbuntu!.

    – Justgivemeaname
    Oct 17 '14 at 12:46






  • 2





    @Justgivemeaname: nmap is a tool to check for open ports on another host. If you can run netstat on a machine, it's much faster and reliable to use it.

    – David Foerster
    Oct 17 '14 at 14:20











  • @DavidFoerster: Didn't know about netstat, so I learned that. It says in the link that it should be used from another host, though. Thanks!

    – Justgivemeaname
    Oct 17 '14 at 14:38






  • 3





    Possible duplicate of How can I see what ports are open on my machine?

    – Dan Dascalescu
    Jan 17 '17 at 20:32

















Check this post on AskUbuntu!.

– Justgivemeaname
Oct 17 '14 at 12:46





Check this post on AskUbuntu!.

– Justgivemeaname
Oct 17 '14 at 12:46




2




2





@Justgivemeaname: nmap is a tool to check for open ports on another host. If you can run netstat on a machine, it's much faster and reliable to use it.

– David Foerster
Oct 17 '14 at 14:20





@Justgivemeaname: nmap is a tool to check for open ports on another host. If you can run netstat on a machine, it's much faster and reliable to use it.

– David Foerster
Oct 17 '14 at 14:20













@DavidFoerster: Didn't know about netstat, so I learned that. It says in the link that it should be used from another host, though. Thanks!

– Justgivemeaname
Oct 17 '14 at 14:38





@DavidFoerster: Didn't know about netstat, so I learned that. It says in the link that it should be used from another host, though. Thanks!

– Justgivemeaname
Oct 17 '14 at 14:38




3




3





Possible duplicate of How can I see what ports are open on my machine?

– Dan Dascalescu
Jan 17 '17 at 20:32





Possible duplicate of How can I see what ports are open on my machine?

– Dan Dascalescu
Jan 17 '17 at 20:32










7 Answers
7






active

oldest

votes


















152














There's a few parameters to netstat that are useful for this :





  • -l or --listening shows only the sockets currently listening for incoming connection.


  • -a or --all shows all sockets currently in use.


  • -t or --tcp shows the tcp sockets.


  • -u or --udp shows the udp sockets.


  • -n or --numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.


You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:



netstat -atn           # For tcp
netstat -aun # For udp
netstat -atun # For both


In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)



** They can also be connecting/disconnecting from the peer.






share|improve this answer

































    66














    You can use this command:



    netstat -tulnp | grep <port no>


    If it shows some process its used. Its closed(not used) if there is no output.






    share|improve this answer

































      19














      Another alternative command line easy to use to find out which process is using a port:



      lsof -n -i4TCP:$PORT | grep LISTEN


      I added the next function in my .bash_profile,



      function pslisten {
      echo `lsof -n -i4TCP:$1 | grep LISTEN`
      }


      and now run "pslisten 5060" to see who is grabing my SIP port.



      It's work with Apple Mac OS X too.






      share|improve this answer































        11















        Is the port status "LISTENING" indicated that the port is opened?




        Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.




        Any port that are not shown in the output indicated that it's closed?




        Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)



        All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.






        share|improve this answer


























        • Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

          – Tim
          Aug 21 '18 at 19:28













        • I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

          – Egon Olieux
          Sep 22 '18 at 8:28











        • @EgonOlieux Thanks. I stand corrected; edited the answer.

          – heemayl
          Sep 24 '18 at 20:20











        • @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

          – Egon Olieux
          Sep 25 '18 at 20:37



















        2














        Another option is ss. It's much easier to use....



        The below command will only output a list of current listening sockets.



        root@server:~# ss -l

        Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port


        u_dgr UNCONN 0 0 * 23353 * 23352
        u_dgr UNCONN 0 0 * 568 * 362
        u_dgr UNCONN 0 0 * 14836 * 14837
        u_dgr UNCONN 0 0 * 20446 * 369
        u_dgr UNCONN 0 0 * 22877 * 369
        u_dgr UNCONN 0 0 * 504 * 347
        u_dgr UNCONN 0 0 * 16298 * 369
        u_dgr UNCONN 0 0 * 23343 * 369
        u_dgr UNCONN 0 0 * 24125 * 369
        u_dgr UNCONN 0 0 * 24617 * 369
        u_dgr UNCONN 0 0 * 23352 * 23353
        u_dgr UNCONN 0 0 * 23334 * 369
        u_dgr UNCONN 0 0 * 17113 * 369
        u_dgr UNCONN 0 0 * 16957 * 369
        u_dgr UNCONN 0 0 * 14793 * 362
        u_dgr UNCONN 0 0 * 23345 * 362
        u_dgr UNCONN 0 0 * 24070 * 369
        udp UNCONN 0 0 *:sunrpc *:*
        udp UNCONN 0 0 *:981 *:*
        udp UNCONN 0 0 :::sunrpc :::*
        udp UNCONN 0 0 :::981 :::*
        tcp LISTEN 0 128 127.0.0.1:85 *:*
        tcp LISTEN 0 128 *:ssh *:*
        tcp LISTEN 0 128 *:3128 *:*
        tcp LISTEN 0 100 127.0.0.1:smtp *:*
        tcp LISTEN 0 128 *:8006 *:*
        tcp LISTEN 0 128 *:sunrpc *:*
        tcp LISTEN 0 128 :::ssh :::*
        tcp LISTEN 0 100 ::1:smtp :::*
        tcp LISTEN 0 128 :::sunrpc :::*





        share|improve this answer
























        • I did not know about this, thanks zee

          – nick fox
          Feb 8 '18 at 10:19



















        1














        Or this might help by using watch, then play around with what you want to see.



        sudo watch -d -n0 "netstat -atnp | grep ESTA"

        sudo watch -d -n0 "netstat -tulnp | grep ESTA"





        share|improve this answer





















        • 1





          -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

          – ModerateJavaScriptDev
          Jul 2 '17 at 23:31





















        1














        Actually there is a better way to see what ports you have open. The issue with netstat or lsof is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap like so:



        nmap -sT -O localhost


        To see open ports.






        share|improve this answer























          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "89"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f538208%2fhow-to-check-opened-closed-ports-on-my-computer%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          7 Answers
          7






          active

          oldest

          votes








          7 Answers
          7






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          152














          There's a few parameters to netstat that are useful for this :





          • -l or --listening shows only the sockets currently listening for incoming connection.


          • -a or --all shows all sockets currently in use.


          • -t or --tcp shows the tcp sockets.


          • -u or --udp shows the udp sockets.


          • -n or --numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.


          You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:



          netstat -atn           # For tcp
          netstat -aun # For udp
          netstat -atun # For both


          In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)



          ** They can also be connecting/disconnecting from the peer.






          share|improve this answer






























            152














            There's a few parameters to netstat that are useful for this :





            • -l or --listening shows only the sockets currently listening for incoming connection.


            • -a or --all shows all sockets currently in use.


            • -t or --tcp shows the tcp sockets.


            • -u or --udp shows the udp sockets.


            • -n or --numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.


            You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:



            netstat -atn           # For tcp
            netstat -aun # For udp
            netstat -atun # For both


            In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)



            ** They can also be connecting/disconnecting from the peer.






            share|improve this answer




























              152












              152








              152







              There's a few parameters to netstat that are useful for this :





              • -l or --listening shows only the sockets currently listening for incoming connection.


              • -a or --all shows all sockets currently in use.


              • -t or --tcp shows the tcp sockets.


              • -u or --udp shows the udp sockets.


              • -n or --numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.


              You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:



              netstat -atn           # For tcp
              netstat -aun # For udp
              netstat -atun # For both


              In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)



              ** They can also be connecting/disconnecting from the peer.






              share|improve this answer















              There's a few parameters to netstat that are useful for this :





              • -l or --listening shows only the sockets currently listening for incoming connection.


              • -a or --all shows all sockets currently in use.


              • -t or --tcp shows the tcp sockets.


              • -u or --udp shows the udp sockets.


              • -n or --numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.


              You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:



              netstat -atn           # For tcp
              netstat -aun # For udp
              netstat -atun # For both


              In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)



              ** They can also be connecting/disconnecting from the peer.







              share|improve this answer














              share|improve this answer



              share|improve this answer








              edited Feb 13 '15 at 19:12









              muru

              1




              1










              answered Oct 17 '14 at 13:53









              kbenoitkbenoit

              1,9271813




              1,9271813

























                  66














                  You can use this command:



                  netstat -tulnp | grep <port no>


                  If it shows some process its used. Its closed(not used) if there is no output.






                  share|improve this answer






























                    66














                    You can use this command:



                    netstat -tulnp | grep <port no>


                    If it shows some process its used. Its closed(not used) if there is no output.






                    share|improve this answer




























                      66












                      66








                      66







                      You can use this command:



                      netstat -tulnp | grep <port no>


                      If it shows some process its used. Its closed(not used) if there is no output.






                      share|improve this answer















                      You can use this command:



                      netstat -tulnp | grep <port no>


                      If it shows some process its used. Its closed(not used) if there is no output.







                      share|improve this answer














                      share|improve this answer



                      share|improve this answer








                      edited Sep 16 '15 at 12:29









                      Community

                      1




                      1










                      answered Oct 17 '14 at 12:45









                      kashminderkashminder

                      1,060815




                      1,060815























                          19














                          Another alternative command line easy to use to find out which process is using a port:



                          lsof -n -i4TCP:$PORT | grep LISTEN


                          I added the next function in my .bash_profile,



                          function pslisten {
                          echo `lsof -n -i4TCP:$1 | grep LISTEN`
                          }


                          and now run "pslisten 5060" to see who is grabing my SIP port.



                          It's work with Apple Mac OS X too.






                          share|improve this answer




























                            19














                            Another alternative command line easy to use to find out which process is using a port:



                            lsof -n -i4TCP:$PORT | grep LISTEN


                            I added the next function in my .bash_profile,



                            function pslisten {
                            echo `lsof -n -i4TCP:$1 | grep LISTEN`
                            }


                            and now run "pslisten 5060" to see who is grabing my SIP port.



                            It's work with Apple Mac OS X too.






                            share|improve this answer


























                              19












                              19








                              19







                              Another alternative command line easy to use to find out which process is using a port:



                              lsof -n -i4TCP:$PORT | grep LISTEN


                              I added the next function in my .bash_profile,



                              function pslisten {
                              echo `lsof -n -i4TCP:$1 | grep LISTEN`
                              }


                              and now run "pslisten 5060" to see who is grabing my SIP port.



                              It's work with Apple Mac OS X too.






                              share|improve this answer













                              Another alternative command line easy to use to find out which process is using a port:



                              lsof -n -i4TCP:$PORT | grep LISTEN


                              I added the next function in my .bash_profile,



                              function pslisten {
                              echo `lsof -n -i4TCP:$1 | grep LISTEN`
                              }


                              and now run "pslisten 5060" to see who is grabing my SIP port.



                              It's work with Apple Mac OS X too.







                              share|improve this answer












                              share|improve this answer



                              share|improve this answer










                              answered Mar 13 '15 at 7:22









                              Fernando SantucciFernando Santucci

                              8201714




                              8201714























                                  11















                                  Is the port status "LISTENING" indicated that the port is opened?




                                  Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.




                                  Any port that are not shown in the output indicated that it's closed?




                                  Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)



                                  All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.






                                  share|improve this answer


























                                  • Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

                                    – Tim
                                    Aug 21 '18 at 19:28













                                  • I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

                                    – Egon Olieux
                                    Sep 22 '18 at 8:28











                                  • @EgonOlieux Thanks. I stand corrected; edited the answer.

                                    – heemayl
                                    Sep 24 '18 at 20:20











                                  • @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

                                    – Egon Olieux
                                    Sep 25 '18 at 20:37
















                                  11















                                  Is the port status "LISTENING" indicated that the port is opened?




                                  Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.




                                  Any port that are not shown in the output indicated that it's closed?




                                  Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)



                                  All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.






                                  share|improve this answer


























                                  • Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

                                    – Tim
                                    Aug 21 '18 at 19:28













                                  • I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

                                    – Egon Olieux
                                    Sep 22 '18 at 8:28











                                  • @EgonOlieux Thanks. I stand corrected; edited the answer.

                                    – heemayl
                                    Sep 24 '18 at 20:20











                                  • @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

                                    – Egon Olieux
                                    Sep 25 '18 at 20:37














                                  11












                                  11








                                  11








                                  Is the port status "LISTENING" indicated that the port is opened?




                                  Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.




                                  Any port that are not shown in the output indicated that it's closed?




                                  Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)



                                  All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.






                                  share|improve this answer
















                                  Is the port status "LISTENING" indicated that the port is opened?




                                  Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.




                                  Any port that are not shown in the output indicated that it's closed?




                                  Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)



                                  All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.







                                  share|improve this answer














                                  share|improve this answer



                                  share|improve this answer








                                  edited Sep 24 '18 at 20:19

























                                  answered Oct 17 '14 at 13:53









                                  heemaylheemayl

                                  66.3k8139212




                                  66.3k8139212













                                  • Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

                                    – Tim
                                    Aug 21 '18 at 19:28













                                  • I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

                                    – Egon Olieux
                                    Sep 22 '18 at 8:28











                                  • @EgonOlieux Thanks. I stand corrected; edited the answer.

                                    – heemayl
                                    Sep 24 '18 at 20:20











                                  • @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

                                    – Egon Olieux
                                    Sep 25 '18 at 20:37



















                                  • Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

                                    – Tim
                                    Aug 21 '18 at 19:28













                                  • I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

                                    – Egon Olieux
                                    Sep 22 '18 at 8:28











                                  • @EgonOlieux Thanks. I stand corrected; edited the answer.

                                    – heemayl
                                    Sep 24 '18 at 20:20











                                  • @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

                                    – Egon Olieux
                                    Sep 25 '18 at 20:37

















                                  Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

                                  – Tim
                                  Aug 21 '18 at 19:28







                                  Thanks. you wrote that -a means server and established. Does "server" means ports that are being listened at by some services? Does "established" mean ports where there are existing connections regardless of it is a client or server's port? Then what kinds of ports does -a not show?

                                  – Tim
                                  Aug 21 '18 at 19:28















                                  I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

                                  – Egon Olieux
                                  Sep 22 '18 at 8:28





                                  I don't think the -a option means "all active" sockets; it just means "all". netstat shows all active sockets by default, but leaves out the passive sockets (open, listening). By using the -a option both active and passive sockets are shown.

                                  – Egon Olieux
                                  Sep 22 '18 at 8:28













                                  @EgonOlieux Thanks. I stand corrected; edited the answer.

                                  – heemayl
                                  Sep 24 '18 at 20:20





                                  @EgonOlieux Thanks. I stand corrected; edited the answer.

                                  – heemayl
                                  Sep 24 '18 at 20:20













                                  @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

                                  – Egon Olieux
                                  Sep 25 '18 at 20:37





                                  @heemayl The second part of your answer is still not correct. A TCP socket in the "listening" state can never be a connection; it is not connected to anything, it is only listening. Listening TCP sockets are also called passive sockets because of this. If a client attempts to connect to a (listening) socket on a server, a new socket will be created on the server to establish a connection with the client. A socket which is part of an established connection is called an active socket.

                                  – Egon Olieux
                                  Sep 25 '18 at 20:37











                                  2














                                  Another option is ss. It's much easier to use....



                                  The below command will only output a list of current listening sockets.



                                  root@server:~# ss -l

                                  Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port


                                  u_dgr UNCONN 0 0 * 23353 * 23352
                                  u_dgr UNCONN 0 0 * 568 * 362
                                  u_dgr UNCONN 0 0 * 14836 * 14837
                                  u_dgr UNCONN 0 0 * 20446 * 369
                                  u_dgr UNCONN 0 0 * 22877 * 369
                                  u_dgr UNCONN 0 0 * 504 * 347
                                  u_dgr UNCONN 0 0 * 16298 * 369
                                  u_dgr UNCONN 0 0 * 23343 * 369
                                  u_dgr UNCONN 0 0 * 24125 * 369
                                  u_dgr UNCONN 0 0 * 24617 * 369
                                  u_dgr UNCONN 0 0 * 23352 * 23353
                                  u_dgr UNCONN 0 0 * 23334 * 369
                                  u_dgr UNCONN 0 0 * 17113 * 369
                                  u_dgr UNCONN 0 0 * 16957 * 369
                                  u_dgr UNCONN 0 0 * 14793 * 362
                                  u_dgr UNCONN 0 0 * 23345 * 362
                                  u_dgr UNCONN 0 0 * 24070 * 369
                                  udp UNCONN 0 0 *:sunrpc *:*
                                  udp UNCONN 0 0 *:981 *:*
                                  udp UNCONN 0 0 :::sunrpc :::*
                                  udp UNCONN 0 0 :::981 :::*
                                  tcp LISTEN 0 128 127.0.0.1:85 *:*
                                  tcp LISTEN 0 128 *:ssh *:*
                                  tcp LISTEN 0 128 *:3128 *:*
                                  tcp LISTEN 0 100 127.0.0.1:smtp *:*
                                  tcp LISTEN 0 128 *:8006 *:*
                                  tcp LISTEN 0 128 *:sunrpc *:*
                                  tcp LISTEN 0 128 :::ssh :::*
                                  tcp LISTEN 0 100 ::1:smtp :::*
                                  tcp LISTEN 0 128 :::sunrpc :::*





                                  share|improve this answer
























                                  • I did not know about this, thanks zee

                                    – nick fox
                                    Feb 8 '18 at 10:19
















                                  2














                                  Another option is ss. It's much easier to use....



                                  The below command will only output a list of current listening sockets.



                                  root@server:~# ss -l

                                  Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port


                                  u_dgr UNCONN 0 0 * 23353 * 23352
                                  u_dgr UNCONN 0 0 * 568 * 362
                                  u_dgr UNCONN 0 0 * 14836 * 14837
                                  u_dgr UNCONN 0 0 * 20446 * 369
                                  u_dgr UNCONN 0 0 * 22877 * 369
                                  u_dgr UNCONN 0 0 * 504 * 347
                                  u_dgr UNCONN 0 0 * 16298 * 369
                                  u_dgr UNCONN 0 0 * 23343 * 369
                                  u_dgr UNCONN 0 0 * 24125 * 369
                                  u_dgr UNCONN 0 0 * 24617 * 369
                                  u_dgr UNCONN 0 0 * 23352 * 23353
                                  u_dgr UNCONN 0 0 * 23334 * 369
                                  u_dgr UNCONN 0 0 * 17113 * 369
                                  u_dgr UNCONN 0 0 * 16957 * 369
                                  u_dgr UNCONN 0 0 * 14793 * 362
                                  u_dgr UNCONN 0 0 * 23345 * 362
                                  u_dgr UNCONN 0 0 * 24070 * 369
                                  udp UNCONN 0 0 *:sunrpc *:*
                                  udp UNCONN 0 0 *:981 *:*
                                  udp UNCONN 0 0 :::sunrpc :::*
                                  udp UNCONN 0 0 :::981 :::*
                                  tcp LISTEN 0 128 127.0.0.1:85 *:*
                                  tcp LISTEN 0 128 *:ssh *:*
                                  tcp LISTEN 0 128 *:3128 *:*
                                  tcp LISTEN 0 100 127.0.0.1:smtp *:*
                                  tcp LISTEN 0 128 *:8006 *:*
                                  tcp LISTEN 0 128 *:sunrpc *:*
                                  tcp LISTEN 0 128 :::ssh :::*
                                  tcp LISTEN 0 100 ::1:smtp :::*
                                  tcp LISTEN 0 128 :::sunrpc :::*





                                  share|improve this answer
























                                  • I did not know about this, thanks zee

                                    – nick fox
                                    Feb 8 '18 at 10:19














                                  2












                                  2








                                  2







                                  Another option is ss. It's much easier to use....



                                  The below command will only output a list of current listening sockets.



                                  root@server:~# ss -l

                                  Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port


                                  u_dgr UNCONN 0 0 * 23353 * 23352
                                  u_dgr UNCONN 0 0 * 568 * 362
                                  u_dgr UNCONN 0 0 * 14836 * 14837
                                  u_dgr UNCONN 0 0 * 20446 * 369
                                  u_dgr UNCONN 0 0 * 22877 * 369
                                  u_dgr UNCONN 0 0 * 504 * 347
                                  u_dgr UNCONN 0 0 * 16298 * 369
                                  u_dgr UNCONN 0 0 * 23343 * 369
                                  u_dgr UNCONN 0 0 * 24125 * 369
                                  u_dgr UNCONN 0 0 * 24617 * 369
                                  u_dgr UNCONN 0 0 * 23352 * 23353
                                  u_dgr UNCONN 0 0 * 23334 * 369
                                  u_dgr UNCONN 0 0 * 17113 * 369
                                  u_dgr UNCONN 0 0 * 16957 * 369
                                  u_dgr UNCONN 0 0 * 14793 * 362
                                  u_dgr UNCONN 0 0 * 23345 * 362
                                  u_dgr UNCONN 0 0 * 24070 * 369
                                  udp UNCONN 0 0 *:sunrpc *:*
                                  udp UNCONN 0 0 *:981 *:*
                                  udp UNCONN 0 0 :::sunrpc :::*
                                  udp UNCONN 0 0 :::981 :::*
                                  tcp LISTEN 0 128 127.0.0.1:85 *:*
                                  tcp LISTEN 0 128 *:ssh *:*
                                  tcp LISTEN 0 128 *:3128 *:*
                                  tcp LISTEN 0 100 127.0.0.1:smtp *:*
                                  tcp LISTEN 0 128 *:8006 *:*
                                  tcp LISTEN 0 128 *:sunrpc *:*
                                  tcp LISTEN 0 128 :::ssh :::*
                                  tcp LISTEN 0 100 ::1:smtp :::*
                                  tcp LISTEN 0 128 :::sunrpc :::*





                                  share|improve this answer













                                  Another option is ss. It's much easier to use....



                                  The below command will only output a list of current listening sockets.



                                  root@server:~# ss -l

                                  Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port


                                  u_dgr UNCONN 0 0 * 23353 * 23352
                                  u_dgr UNCONN 0 0 * 568 * 362
                                  u_dgr UNCONN 0 0 * 14836 * 14837
                                  u_dgr UNCONN 0 0 * 20446 * 369
                                  u_dgr UNCONN 0 0 * 22877 * 369
                                  u_dgr UNCONN 0 0 * 504 * 347
                                  u_dgr UNCONN 0 0 * 16298 * 369
                                  u_dgr UNCONN 0 0 * 23343 * 369
                                  u_dgr UNCONN 0 0 * 24125 * 369
                                  u_dgr UNCONN 0 0 * 24617 * 369
                                  u_dgr UNCONN 0 0 * 23352 * 23353
                                  u_dgr UNCONN 0 0 * 23334 * 369
                                  u_dgr UNCONN 0 0 * 17113 * 369
                                  u_dgr UNCONN 0 0 * 16957 * 369
                                  u_dgr UNCONN 0 0 * 14793 * 362
                                  u_dgr UNCONN 0 0 * 23345 * 362
                                  u_dgr UNCONN 0 0 * 24070 * 369
                                  udp UNCONN 0 0 *:sunrpc *:*
                                  udp UNCONN 0 0 *:981 *:*
                                  udp UNCONN 0 0 :::sunrpc :::*
                                  udp UNCONN 0 0 :::981 :::*
                                  tcp LISTEN 0 128 127.0.0.1:85 *:*
                                  tcp LISTEN 0 128 *:ssh *:*
                                  tcp LISTEN 0 128 *:3128 *:*
                                  tcp LISTEN 0 100 127.0.0.1:smtp *:*
                                  tcp LISTEN 0 128 *:8006 *:*
                                  tcp LISTEN 0 128 *:sunrpc *:*
                                  tcp LISTEN 0 128 :::ssh :::*
                                  tcp LISTEN 0 100 ::1:smtp :::*
                                  tcp LISTEN 0 128 :::sunrpc :::*






                                  share|improve this answer












                                  share|improve this answer



                                  share|improve this answer










                                  answered Feb 5 '18 at 3:37









                                  zeezee

                                  1212




                                  1212













                                  • I did not know about this, thanks zee

                                    – nick fox
                                    Feb 8 '18 at 10:19



















                                  • I did not know about this, thanks zee

                                    – nick fox
                                    Feb 8 '18 at 10:19

















                                  I did not know about this, thanks zee

                                  – nick fox
                                  Feb 8 '18 at 10:19





                                  I did not know about this, thanks zee

                                  – nick fox
                                  Feb 8 '18 at 10:19











                                  1














                                  Or this might help by using watch, then play around with what you want to see.



                                  sudo watch -d -n0 "netstat -atnp | grep ESTA"

                                  sudo watch -d -n0 "netstat -tulnp | grep ESTA"





                                  share|improve this answer





















                                  • 1





                                    -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

                                    – ModerateJavaScriptDev
                                    Jul 2 '17 at 23:31


















                                  1














                                  Or this might help by using watch, then play around with what you want to see.



                                  sudo watch -d -n0 "netstat -atnp | grep ESTA"

                                  sudo watch -d -n0 "netstat -tulnp | grep ESTA"





                                  share|improve this answer





















                                  • 1





                                    -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

                                    – ModerateJavaScriptDev
                                    Jul 2 '17 at 23:31
















                                  1












                                  1








                                  1







                                  Or this might help by using watch, then play around with what you want to see.



                                  sudo watch -d -n0 "netstat -atnp | grep ESTA"

                                  sudo watch -d -n0 "netstat -tulnp | grep ESTA"





                                  share|improve this answer















                                  Or this might help by using watch, then play around with what you want to see.



                                  sudo watch -d -n0 "netstat -atnp | grep ESTA"

                                  sudo watch -d -n0 "netstat -tulnp | grep ESTA"






                                  share|improve this answer














                                  share|improve this answer



                                  share|improve this answer








                                  edited Jul 23 '17 at 21:54

























                                  answered Jan 4 '17 at 11:57









                                  Ian CroasdellIan Croasdell

                                  192




                                  192








                                  • 1





                                    -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

                                    – ModerateJavaScriptDev
                                    Jul 2 '17 at 23:31
















                                  • 1





                                    -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

                                    – ModerateJavaScriptDev
                                    Jul 2 '17 at 23:31










                                  1




                                  1





                                  -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

                                  – ModerateJavaScriptDev
                                  Jul 2 '17 at 23:31







                                  -a conflicts with -l, -a grabs all whether ESTABLISHED or LISTENING, and -l just grabs LISTENING, so in reality it is '-ltnp' tcp, '-lunp' udp or '-ltunp' tcp+udp

                                  – ModerateJavaScriptDev
                                  Jul 2 '17 at 23:31













                                  1














                                  Actually there is a better way to see what ports you have open. The issue with netstat or lsof is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap like so:



                                  nmap -sT -O localhost


                                  To see open ports.






                                  share|improve this answer




























                                    1














                                    Actually there is a better way to see what ports you have open. The issue with netstat or lsof is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap like so:



                                    nmap -sT -O localhost


                                    To see open ports.






                                    share|improve this answer


























                                      1












                                      1








                                      1







                                      Actually there is a better way to see what ports you have open. The issue with netstat or lsof is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap like so:



                                      nmap -sT -O localhost


                                      To see open ports.






                                      share|improve this answer













                                      Actually there is a better way to see what ports you have open. The issue with netstat or lsof is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap like so:



                                      nmap -sT -O localhost


                                      To see open ports.







                                      share|improve this answer












                                      share|improve this answer



                                      share|improve this answer










                                      answered Feb 27 '18 at 0:45









                                      DeveloperDeveloper

                                      1133




                                      1133






























                                          draft saved

                                          draft discarded




















































                                          Thanks for contributing an answer to Ask Ubuntu!


                                          • Please be sure to answer the question. Provide details and share your research!

                                          But avoid



                                          • Asking for help, clarification, or responding to other answers.

                                          • Making statements based on opinion; back them up with references or personal experience.


                                          To learn more, see our tips on writing great answers.




                                          draft saved


                                          draft discarded














                                          StackExchange.ready(
                                          function () {
                                          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f538208%2fhow-to-check-opened-closed-ports-on-my-computer%23new-answer', 'question_page');
                                          }
                                          );

                                          Post as a guest















                                          Required, but never shown





















































                                          Required, but never shown














                                          Required, but never shown












                                          Required, but never shown







                                          Required, but never shown

































                                          Required, but never shown














                                          Required, but never shown












                                          Required, but never shown







                                          Required, but never shown







                                          Popular posts from this blog

                                          How to make a Squid Proxy server?

                                          Is this a new Fibonacci Identity?

                                          19世紀