How To Check Open Ports in Linux
As a system administrator, you should know how to check open ports on a Linux Server. There are a couple of commands we can use for this. One is
ss, another one is
Run the following command to list open ports on your local Linux system:
ss -tuln | grep -i listen
The output of the preceding command is as shown in the screenshot:
Just because the
ss command reports the port is listening doesn't mean it's accessible outside the system. For example, the MySQL port (3306) only listens on localhost (127.0.0.1). It is not open to the outside.
Also, remember that a port will not be accessible to remote hosts if a firewall is blocking the port.
Using Nmap Command To Check Open Ports
To check if a port is open to a remote computer, use the
For example, the following command lists open ports on the host
If you are on Ubuntu/Debian Linux, you can install nmap with
sudo apt update && sudo apt install nmap. For CentOS/Fedora, the command is:
dnf install nmap.
ss command shows that a port is open and
nmap does not, this may indicate that the port is not listening on remote connections or that the firewall is blocking the port.
If you are on Ubuntu Linux, you can run the following command to check which ports are allowed through the Ubuntu Firewall:
sudo ufw status
Another command is
telnet which you can use to test a specific port on a remote computer. In the following example, the
telnet command will try to establish a connection with the remote host through port 22.
telnet 192.168.1.10 22
If the port is not open, then the telnet command will timeout and fail.