What ports are in use

Written by Robert -

I'm running an application and I need to make sure that application isn't using an already used port on my system.

For this reason, there are several tools available that you can use, for example: lsof and nmap spring to mind.

lsof is an old Unix-like tool that lists open files (hey, it's not called "LiSt Open Files" for nothing right?) Doing a command like lsof -i -P -n but adding | grep LISTEN will show you the ports it's listening on. On my box it's displaying the following:

root@server:~# lsof -i -P -n | grep LISTEN
mysqld     1086    mysql   18u  IPv4    12899      0t0  TCP 127.0.0.1:3306 (LISTEN)
sendmail-  1091     root    4u  IPv4    12532      0t0  TCP 127.0.0.1:25 (LISTEN)
sendmail-  1091     root    5u  IPv4    12533      0t0  TCP 127.0.0.1:587 (LISTEN)
sshd       1169     root    3u  IPv4    13367      0t0  TCP *:21 (LISTEN)
sshd       1169     root    4u  IPv6    13369      0t0  TCP *:21 (LISTEN)
apache2    1774 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2    1774 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2    7567 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2    7567 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2    7606 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2    7606 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   24538     root    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   24538     root    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   29647 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   29647 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   29648 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   29648 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   30161 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   30161 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   30163 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   30163 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   30164 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   30164 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   30165 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   30165 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)
apache2   30405 www-data    4u  IPv6   382274      0t0  TCP *:80 (LISTEN)
apache2   30405 www-data    6u  IPv6   382278      0t0  TCP *:443 (LISTEN)


Ok so I know my machine is listening on port 80 and 443.
Now, this generates a nice list, but doesn't show me what it sees from the outside. To do that, we use the wonderful application called nmap. Keep in mind this only works properly when done remotely. Just because of that, I will show you the internal and external output of nmap:
Internal on the server itself:

root@server:~# nmap localhost

Starting Nmap 6.47 ( http://nmap.org ) at 2017-01-02 20:01 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000030s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 994 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
25/tcp   open  smtp
80/tcp   open  http
443/tcp  open  https
587/tcp  open  submission
3306/tcp open  mysql

Nmap done: 1 IP address (1 host up) scanned in 1.56 seconds
You have new mail in /var/mail/root


External from my own machine:

[robert@arch ~]$ nmap 404.404.404.404

Starting Nmap 7.31 ( https://nmap.org ) at 2017-01-02 21:01 CET
Nmap scan report for 404.404.404.404
Host is up (0.12s latency).
Not shown: 997 filtered ports
PORT    STATE SERVICE
21/tcp  open  ftp
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 9.54 seconds

Comments