Knowing how to check listening ports on Ubuntu 20.04 is super useful for anyone managing servers or just trying to understand what's happening on their system. Whether you're troubleshooting network issues, hardening security, or simply curious about the services running, this guide will walk you through the most common and effective methods to get the job done. So, let's dive in and explore how you can easily list those listening ports using various command-line tools.

    Why Check Listening Ports?

    Before we get into the how, let's quickly cover the why. Listening ports are like the open doors of your server, waiting for incoming connections. Each service or application that needs to communicate over the network opens a specific port to listen for requests. Understanding which ports are open and which processes are listening on them is crucial for several reasons:

    • Security: Identifying unexpected or unauthorized listening ports can help you detect potential security vulnerabilities or even malicious software.
    • Troubleshooting: If a service isn't working correctly, checking its listening port can help you determine if it's actually running and accepting connections.
    • Resource Management: Knowing which services are using which ports helps you avoid conflicts and manage your system's resources more efficiently.

    Think of it like this: Imagine a busy city with many buildings (your server). Each building has doors (ports) that allow people (network traffic) to enter. As a responsible city manager (system administrator), you need to know which doors are open, who's using them, and whether anyone suspicious is lurking around. This knowledge allows you to maintain order, ensure security, and keep the city running smoothly.

    Now that we understand the importance, let's explore the tools and techniques to check those listening ports on Ubuntu 20.04.

    Using netstat

    The netstat command is a classic tool for displaying network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. While it's technically deprecated in favor of ss, it's still widely used and available on most systems, including Ubuntu 20.04. If it's not already installed, you can install it using the following command:

    sudo apt update
sudo apt install net-tools

    Once installed, you can use netstat with various options to filter and display the information you need. Here are a few common examples:

    • Show all listening ports:

    sudo netstat -tulnp ```

    Let's break down this command:

*   `-t`: Show TCP ports.
*   `-u`: Show UDP ports.
*   `-l`: Show only listening sockets.
*   `-n`: Show numerical addresses instead of trying to determine symbolic host names.
*   `-p`: Show the PID (Process ID) and name of the program to which each socket belongs.

The output will display a list of listening ports, along with the protocol, local address, foreign address, state, PID, and program name. This is often the most useful command to get a comprehensive overview of all listening ports on your system.

    • Show only TCP listening ports:

    sudo netstat -tlpn ```

    This command is similar to the previous one, but it only shows TCP ports.

    • Show only UDP listening ports:

    sudo netstat -ulpn ```

    This command, you guessed it, only shows UDP ports.

    • Filter by port number:

      You can use grep to filter the output of netstat by a specific port number. For example, to find out which process is listening on port 80 (the standard HTTP port), you can use:

    sudo netstat -tulnp | grep :80 ```

    This will show you any lines in the `netstat` output that contain `:80`, indicating that a process is listening on that port.

    netstat is a powerful tool, but its output can be a bit overwhelming. That's where ss comes in, offering a more modern and streamlined approach.

    Using ss

    The ss command, short for "socket statistics," is part of the iproute2 package and is designed as a replacement for netstat. It's generally faster and provides more detailed information. Most modern Linux distributions, including Ubuntu 20.04, come with ss pre-installed. If, for some reason, it's not on your system, you can install it using:

    sudo apt update
sudo apt install iproute2

    Here are some common examples of how to use ss to check listening ports:

    • Show all listening ports:

    sudo ss -tulnp ```

    This command is very similar to the `netstat -tulnp` command. Let's break it down:

*   `-t`: Show TCP sockets.
*   `-u`: Show UDP sockets.
*   `-l`: Show only listening sockets.
*   `-n`: Show numerical addresses.
*   `-p`: Show the process using the socket.

The output will display a list of listening ports, along with the protocol, local address, foreign address, state, and process information. Notice how the options are similar to `netstat`, making it easy to transition between the two tools.

    • Show only TCP listening ports:

    sudo ss -tlpn ```

    This command shows only TCP listening ports.

    sudo ss -ulpn ```

    This command shows only UDP listening ports.

    • Filter by port number:

      Similar to netstat, you can use grep to filter the output of ss by a specific port number:

    sudo ss -tulnp | grep :80 ```

    This will show you any lines in the `ss` output that contain `:80`.

    • Filter by process name:

      ss allows you to filter by process name directly, which can be very useful. For example, to find out which ports are being listened on by the nginx web server, you can use:

    sudo ss -tulnp | grep nginx ```

    This will show you all listening ports associated with the `nginx` process.

    ss is generally preferred over netstat due to its speed and efficiency. It's also actively maintained, making it a more reliable choice for modern systems. However, both tools provide valuable information and are worth knowing.

    Using lsof

    The lsof command, short for "list open files," is a powerful tool for identifying which processes have opened specific files. In Linux, everything is treated as a file, including network sockets. Therefore, lsof can be used to identify which processes are listening on specific ports. If it's not already installed, you can install it using:

    sudo apt update
sudo apt install lsof

    Here's how you can use lsof to check listening ports:

    • Show all listening ports:

    sudo lsof -i -P -n | grep LISTEN ```

    Let's break down this command:

*   `-i`: Selects the listing of files any of whose Internet address matches the address specified.
*   `-P`: Inhibits the conversion of port numbers to port names.
*   `-n`: Inhibits the conversion of network numbers to host names.
*   `grep LISTEN`: Filters the output to show only lines containing the word "LISTEN", indicating listening sockets.

The output will display a list of listening ports, along with the process ID, user, and command name. While `lsof` provides a lot of information, it can be a bit verbose and harder to parse than `netstat` or `ss`.

    • Filter by port number:

      You can use lsof to find out which process is listening on a specific port. For example, to find out which process is listening on port 22 (the standard SSH port), you can use:

    sudo lsof -i :22 ```

    This will show you the process information for any process listening on port 22.

    • Filter by protocol:

      You can also filter by protocol. For example, to find out which processes are listening on TCP ports, you can use:

    sudo lsof -i TCP -P -n | grep LISTEN ```

    This will show you all TCP listening ports.

    lsof is a versatile tool that can be used for many purposes beyond just checking listening ports. Its ability to show which processes have opened specific files makes it a valuable asset for troubleshooting and system administration.

    A Quick Comparison

    So, which tool should you use? Here's a quick comparison to help you decide:

    • netstat: A classic tool that's widely available, but technically deprecated. It's easy to use and provides a good overview of listening ports.
    • ss: A modern replacement for netstat that's faster and more efficient. It's actively maintained and provides more detailed information.
    • lsof: A versatile tool that can be used for many purposes, including checking listening ports. It provides a lot of information but can be a bit verbose.

    In general, ss is the recommended tool for most users due to its speed, efficiency, and active maintenance. However, netstat and lsof are still valuable tools to know, especially if you're working on older systems or need the specific features they offer.

    Conclusion

    Checking listening ports on Ubuntu 20.04 is an essential skill for anyone managing servers or troubleshooting network issues. By using tools like netstat, ss, and lsof, you can easily identify which processes are listening on which ports and gain valuable insights into your system's network activity. Remember to use these tools responsibly and always be mindful of security best practices. Now, go forth and explore those listening ports!

Lastest News