How to check open ports in Linux with ss
Move over netstat, you have been replaced by ss. Previously for checking which ports are open on Linux I would reach for netstat. This has been deprecated and replace by ss. Just hitting ss will give a rather large output, so I typically use the easy to remember options -pant for a quick streamlined view of the stuff I am usually interested in
admin@studio:/tmp$ ss -pant
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 127.0.0.1:631 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:111 0.0.0.0:*
LISTEN 0 16 0.0.0.0:8200 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:34593 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 64 0.0.0.0:34149 0.0.0.0:*
ESTAB 0 0 192.168.11.50:968 192.168.11.12:2049
ESTAB 0 52 192.168.11.50:22 192.168.11.111:51655
TIME-WAIT 0 0 192.168.11.50:8200 192.168.11.143:57235
LISTEN 0 64 [::]:32975 [::]:*
LISTEN 0 4096 [::]:57591 [::]:*
LISTEN 0 4096 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 50 *:1716 *:*
LISTEN 0 128 [::1]:631 [::]:*
admin@studio:/tmp$
options explained
-a, --all. Display both listening and non-listening
-n, --numeric. Do not try to resolve service names
-p, --processes. Show process using the socket
-t, TCP
-4, IPv4 only
also could filter out the IPv6 using -4
admin@studio:/tmp$ ss -4pant
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 64 0.0.0.0:37153 0.0.0.0:*
LISTEN 0 128 127.0.0.1:631 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:111 0.0.0.0:*
LISTEN 0 16 0.0.0.0:8200 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:34593 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
ESTAB 0 0 192.168.11.50:756 192.168.11.12:2049
ESTAB 0 52 192.168.11.50:22 192.168.11.111:51655
admin@studio:/home/alan$
other useful option is -u for UDP ports. For more detail of course check the man pages. ss(8) – Linux manual page (man7.org)