How to Check Ports in Use in Linux (Listening Ports)

Last updated: July 14, 2022

A listening port is a network port on which an application or process waiting for a connection or has established a connection. This helps the kernel to act when receiving packets with this specific port number.

The listening port could be closed, listening, or in established states. Once service is started and listening to a port no other applications or services can use that port.

In this guide, we learn how to check ports in use in Linux (Listening Ports). You can do this using ss, netstat, and lsof.

For these tools to list process-related information use sudo or root account, for non root account the output may vary.

1. Using ss Command

ss is a tool used to investigate sockets in Linux and Unix systems. ss is the new command to replace netstat. It provides similar information to netstat but not all.

To list all listening ports using ss, type:

sudo ss -tunlp | grep LISTEN
or
sudo ss -tulw
  • -t : Display only TCP ports.
  • -u : Display only UDP ports.
  • -n : Display numerical address.
  • -l : Display only listening ports.
  • -p : Display the process name (PID) that opened the port.
  • -w : Display RAW sockets.
Listing Listening ports using ss command
Listing Listening ports using ss command

2. Using Netstat Command

Nestat command is a tool used for checking active network connections, interface statistics as well as the routing table. It's available in all Linux distributions.

To list all listening ports using netstat command, type:

sudo netstat -pnltu | grep LISTEN
  • -p : Gives the process ID and the process name.
  • -n : Displays numerical addresses.
  • -l : Displays listening sockets.
  • -t : Shows TCP connections.
  • -u : Shows UDP connections.
List Listening Ports using netstat
List Listening Ports using netstat

You may use grep to filter the output using a pattern to find a specific service or port.

netstat -pnltu | grep -i "80"
netstat -pnltu | grep -i "httpd"

3. Using lsof Command

The lsof command stands for list open files, is used to list all open files and directories. This command helps you find out which files are opened by various processes, the user’s process list, and the list of processes listening on a particular port.

To check all listening ports with lsof, type:

sudo lsof -i -P -n | grep LISTEN

Where,

  • -i : list network files. For specific could add -iTCP -sTCP:LISTEN.
  • -P : inhibits the conversion of port numbers to port names for network files.
  • -n : inhibits the conversion of network numbers to host names for network files.
List listening ports using lsof
List listening ports using lsof

To check a specific port using lsof:

sudo lsof -i:80

Conclusion

In this guide, we learned how to list listening ports in Linux using ss, nestat, and lsof.

Thanks for reading, please add your feedback and suggestions in the comment section below.

About The Author

James Kiarie

James Kiarie

James is a certified LPIC Linux administrator and passionate Linux technical writer. He has over 4 years of penning down technical guides in Linux administration with ample experience in a range of distributions such as Ubuntu, CentOS, RHEL, Fedora, Rocky, and AlmaLinux to mention a few. In addition, he has also spread his wings wider to cloud computing and DevOps tools such as Terraform, Docker, and Kubernetes. During his free time, I love swimming, listening to music, reading books, and taking evening runs after a busy day.

SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment