Category: Networking

How To: Scan A Remote Host For Open Ports

In today’s article, we’re going to learn another way to scan a remote host for open ports. It’s actually going to be an easy article to follow, suitable even for beginners. Read on, I promise it’s not all that complicated! We can make this pretty simple.

There are a couple of reasons why you’d want to scan for open ports. You may want to know what ports you have open, or you may be interested in penetrating a remote host and want to know what ports are open (and things like what services are running on them).

This may seem  a little familiar. We recently used the ‘nc’ command to check if a specific port is open. You can (and should) read that article (it goes into describing ports, so it’s worth reading as I don’t want to duplicate the work) here:

How To: Check If A Specific Port Is Open

Again, if you’re not all that familiar with ports, you should read that article. It explains them in more detail.

The tool we’re going to use is ‘nmap‘, a familiar tool that’s used by security professionals, but can be used for our purposes just fine. It’s not all that daunting, which is why I feel even a beginner can learn to scan a remote host for open ports.

Installing nmap:

Alas, nmap is seldom installed by default. As such, you’ll need to install it. We’ll do that in the terminal. If you need to open a terminal, just press CTRL + ALT + T and your default terminal should open.

So, let’s get nmap installed:

Fedora/Derivatives:
Debian/Ubuntu:
RHEL/CentOS:

I know those should work, but nmap will certainly be in most default repositories. You should be able to install it with your package manager. Once you have nmap installed, you can check the man page to see how nmap describes itself:

There, you’ll see:

nmap – Network exploration tool and security / port scanner

Which, as you can guess, is a pretty good description. You’ll also notice that there are a whole lot of options. It’s a pretty complicated command. Don’t worry, we’ll make it easy for our goal, which is too…

Scan A Remote Host For Open Ports:

You should have an open terminal from the previous section. You’ll need that. While there are graphical tools for scanning for open ports, nmap is not one of them. You use nmap in the terminal, like so many of the great Linux applications.

So, then let’s start with the basics. If you want to scan a remote host for open ports, your best starting point will be:

For example, you could use Linux-Tips.us as a test:

Or you can use a computer on the same network via the hostname or IP address. That’d look like:

However, that command won’t actually scan all the possible ports. It only scans the 1000 most common ports, which is usually what you’re after. You can scan the entire range of ports if you want. That’d look like:

If you want, you can actually scan for a specific port to see if that port is open on the remote host. That’s a bit more complicated, but not much. Try a command that looks like this:

To try to make that more clear, see the following example to check to see if the default SSH port is open:

I’ve even made you an example image of the above commands:

a number of nmap commands being used to scan a remote host for open ports
As you can see, it’s pretty easy to use nmap to scan a remote host for open ports.

See? While nmap may seem daunting when you first check the man page, it’s pretty easy to use nmap to scan a remote host for open ports. It’s even easy enough for a newbie to use!

Closure:

Well, that’s another article. I have yet to run out of notes and I have yet to run out of ideas for articles. So, there are likely to be even more articles written. Eventually, I’m sure to run out – or need a break. But, for now, you have an article that tells you how to scan a remote host for open ports. It’s even easy enough for a beginner.

The nmap application is one of the first tools you’ll learn when you decide to learn about network security. If you want to probe a site for security holes, it’s important to know which doors are open and available for you to explore. Well, that’s where tools like nmap come into play and this article will get you started.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Check If A Specific Port Is Open

In today’s article, we’re going to learn how to check if a specific port is open. The command is simple, but versatile. It’s also pretty quick to check and see if a port is open. Read on, as I try to make it easy!

From a security standpoint, it’s a good idea to identify what ports are open, and what function those open ports have. From a usability standpoint, it’s good to know which ports are open so that you can connect to the device.

I suppose, as a general rule, you could probably assign ports to do all sorts of things. However, it’s actually standardized (in many cases) and specific ports will be open for specific things. 

You may have found yourself using different ports. If you owned a website, then the address to your control panel might be something like https://example.com:9000 or similar. Your server will have open ports for other things, like port 80 for HTTP or port 22 for SSH.

If you are curious, you can click this link to learn more about standard ports. If you’re new to the concept, then that link might actually help explain things better than I can. We do rely on standardized port numbers quite a bit.

When you’re browsing the regular web, you’re not necessarily aware but you’re using the site’s port 80 to get the public-facing web data. While you could host your site on a different port, it’d take some configuration changes on the back end. I suppose you could just do some work with htaccess if that was your goal, but it’s a pretty pointless goal.

Check If A Specific Port Is Open:

You should think of open ports as public information! They’re not secrets. It’s easy to find open ports, so you’ll need to secure them properly. It’s a good idea to know what traffic is happening on what port, as ports are open for a reason.

For example, there’s no security lost if I point out this site’s running on a server with port 80 open. Of course it’s open. That’s how you browse it. There are ways to hide your open ports, but that’s beyond the scope of this article. This article is just going to show you how to check if a specific port is open.

Like much of the time, you will need to have an open terminal. Of course, if you want to open your default terminal emulator, just press CTRL + ALT + T and your default terminal should open.

With your terminal open, you can just use ‘localhost‘ to test your own computer. For example, you might have an open port 80 or port 22 for SSH. So, to check those, your commands would look like:

You can also check remote servers. You can even check those on your network by using their IP address or their hostname. You’re familiar with my usage of ‘kgiii-msi.local‘, so we’ll use that.

That also works with this site and other sites on the internet. Just use the fully qualified domain name (FQDN) instead of an IP address. As an example, try the following command:

See? You have now confirmed that this site has port 80 open. Congratulations, you’re a 1337 h4X0R! But, now you can check if a specific port is open, a valuable skill to have. 

By the way, if the command appears to stop and not give you a result, press CTRL + C to halt the process. If the port isn’t open, and the server doesn’t respond to tell you that it’s closed, the command will keep running indefinitely. So, it’s good to know how to stop it.

Closure:

Again, this article has shown you how to check if a specific port is open. An open port doesn’t mean anything bad, necessarily. The command you’re using in this article will also try to tell you what traffic is expected on the open port. It looks a little something like this:

linux-tips.us has an open port 80 - just like every other site on the planet...
Oh no! Linux-Tips.us has an open port! (It’s fine. It’s how you’re seeing the site!)

Of course, that’s just http traffic, so try running the following command to see where you’re getting the https (secure) content:

That’ll show you that not only is the port open, but that that port (443) is used for https traffic, which is really what the site uses for you the reader. I obviously have https configured, updated, and properly implemented. I want you to have a secure connection, as secure a connection as you want.

Anyhow, this is getting to be a long postscript… This is turning into a fairly long article. We’ll see how many people read past the ‘CLOSURE:’ text! 

Think of ports like doors. Just because it’s open doesn’t mean you can go in and help yourself. Also, it’s not polite to go around knocking on random doors just to see if they’re open. Feel free to check this site, as I’m confident about the security.

Well, I hope you’ve learned how to check if a specific port is open. This seemed like a good thing to share. It’s also useful if you want to SSH into a remote computer and need to make sure the port is open as one of your debugging steps! (See?!? All the articles can be SSH articles!)

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Using The SSH Verbose Mode

That’s right, today’s article is going to be yet another SSH related article, this time it’s about using the SSH verbose mode. It’s handy for debugging SSH connections, plus the information can help you understand more about how SSH works. This is a fine article even for those just starting out with SSH and Linux.

I know, I know… I do a lot of SSH articles. In my defense, they’re fun – and there’s just so much to SSH that many people don’t know. It’s a tool that I use all the time, so it’s only natural that I share articles on the SSH subject. I’m bound to run out of ideas for ’em eventually.

For those that don’t know, SSH stands for “Secure Shell”. It’s a way to remotely control computers within the terminal – though you can actually forward some graphics applications over SSH.

If you’re unfamiliar with SSH, you might try reading some of these articles:

Install SSH to Remotely Control Your Linux Computers
Prevent SSH Root Login
Check Your SSH Server Configuration

Alternatively, you can search for SSH articles and discover quite a few other articles on the subject of SSH. As mentioned in the preamble, and I have gotten pretty formulaic, there are quite a few SSH articles.

There are quite a few SSH articles because there’s a lot to learn. You don’t start off by running, you start by stumbling a few steps and working your way up.

So, with all that in mind, let’s have another SSH-related article…

Using The SSH Verbose Mode:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Of course, you need a computer you can connect to with SSH installed. If you don’t have a remote device, you can enable SSH on your local computer and then just connect to user@localhost and practice all these remote commands.

There are three different modes in SSH verbose mode. They’re indicated with a -v, a -vv, and -vvv. To use them, the command would look similar to the following commanda:

In the first mode, that is -v, you get details about the client-side activities.

In the second mode, that is -vv, you get details about both the client-side activities and the server-side activities.

With the third mode, that is -vvv, you get even more details, more verbosity, about both the client-side and server-side activities. 

For example, this is some of the text output from a -v SSH verbose mode:

ssh verbose mode displayed
And that’s just some of the information you’ll see when you use the SSH verbose mode.

You’ll get even more verbosity as you go up through the levels of SSH verbose mode. This is useful for debugging your SSH connections – but it’s also useful for those who aren’t sure what’s going on behind the scene. When using SSH’s verbose mode, you can see what’s actually going on behind the curtain. That means you can learn more about what’s going on with your SSH connections.

Closure:

So, yeah… It’s another SSH article. I wrote this one ’cause I was thinking about it. I was thinking about it because I’d recently done another SSH-related article. So, I figured I might as well cover SSH verbose mode while thinking about it. Otherwise, I’d have made a note of it in my files and maybe never bothered with the article. Besides, if you want a different article, you’re always welcome to write it yourself and I’ll (quite likely) publish it.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Login To SSH To Run One Command

In today’s article, we’re going to learn how to login to SSH to run one command. Yes, it’s another SSH article! However, this one should be relatively short. I’ve covered SSH a great deal already. This is just one more SSH trick.

SSH stands for Secure Shell and is a way to remotely control other computers. As I said in the opening paragraph, I’ve already covered a lot of SSH articles, because SSH is a tool I use regularly and it’s a tool I really like.

SSH lets me manage computers on the other side of the country without even leaving my chair. I also use SSH to manage various computers around my house. If I need to do something on a computer in another room, I can just SSH into it and do what I needed to do. It’s great!

Well, today’s SSH article is a bit different. We’re going to login to SSH to run one command. That’s all we’re going to do. We’ll login, automatically run the command, and then automatically exit the SSH connection. This is useful if you want to run a script, update, etc…

There are some previous SSH articles that you might want to read:

Install SSH to Remotely Control Your Linux Computers
Prevent SSH Root Login
Show Failed SSH Login Attempts

Alternatively, you can click to search for SSH articles. I’ve covered quite a bit of SSH material, so you can learn quite a bit from those links – even if you’re already familiar with SSH.

Well then, let’s just jump into the article… It really shouldn’t take long.

Login To SSH To Run One Command:

Like oh so many articles, and this one involving SSH, you’re going to need to start off with a terminal. You’ll also need a device that has SSH properly setup and ready to run. You can actually set SSH up on the computer you’re using and just SSH into localhost to practice this.

And, of course, if you don’t know how to open your terminal, just press CTRL + ALT + T and your default terminal should open.

With your terminal now open, the format of the command is something like this:

For example, if I wanted to connect via SSH to run one command, and that command was to list the files in the home directory, the command would look like this:

Note: That device doesn’t face the public internet, so I don’t have SSH keys enabled on the device. So, that means I have to enter my password in the image below. With that in mind, the output of that command would look like this:

login to ssh to run one command
See? It logs into the remote device, runs one command, and exits! Pretty neat, huh?

Of course, you can make it your own and there would be one less step if you had set up SSH keys. You can also make it more complicated if you want. You could try any one of the following commands, adjusting it for your needs:

Go ahead and play around with this. If you want to login to SSH to run one command, that’s how you do it. You can make the command as simple or as complicated as you want. So long as you string it together properly, the sky’s the limit!

Like I said above, you can just install SSH on your single device and practice what you read in these SSH articles. It’s not particularly taxing. There are plenty of articles to help you along the way.

Closure:

See? It’s really not all that hard to login to SSH to run one command and then exit automatically after that command has been run. It’s another handy SSH trick that you can add to your SSH toolbox. Also, the article is longer than I anticipated. Ah well…

What comes next? I have no idea. I try to not write too many consecutive articles on the same subject. Mixing them up seems the best way to go about it, as the site’s meant to be searched and not read like a blog. I do have a bunch of SSH content, but I’ve also covered a whole lot of it already.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Add A Message Of the Day (MOTD) To SSH

In today’s article, we’re going to learn how to add a message of the day (MOTD)  to SSH. It won’t be a very long article, ’cause I can refer to some earlier articles. But, I’m sure someone will find it handy.

So, yeah… There have been a lot of SSH articles. I love SSH and it has a ton of features, so they get written about. Here’s a link to a list of previous SSH articles. If you have any SSH questions, you’re free to read those articles. They answer all sorts of SSH questions.

SSH stands for ‘secure shell’ and is a way to remotely manage computers. It’s a handy tool, one I think most users should learn. You can sometimes SSH into a broken computer and repair it. It’s pretty handy that way.

The astute among you might notice that this article is a little late. So, I lost internet connectivity and wrote and scheduled an article – or thought I did…

Normally, WordPress would hold that article in cache – but I wasn’t connected. I seem to recall noticing an error when I did hit the scheduling buttons, but it looked normal so I assumed it’d work. That means I’m writing this article right now, ’cause I don’t really want to break my streak of an article every other day. 

Which also explains why this one is just a short article.

Recently, I covered how to show an SSH banner. Well, this is pretty much the same thing. When someone logs into SSH, they’ll see the banner. When someone logs into SSH, they can also see the MOTD. I figure I’ll give you the option to pick which ever one you want.

Add A Message Of The Day (MOTD) To SSH:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

With your terminal now open, we’re going to use nano to do some file editing. It’s really simple. First:

Add whatever text you want. You can generate a fancy ASCII logo and some text about who’s allowed to access the server and remind hackers (’cause they’ll surely listen) that unauthorized access is illegal. To save your MOTD with nano, just press CTRL + X, then Y, and then ENTER.

That’s actually mostly it. You shouldn’t have to edit the SSH configuration for this, it should just work when you restart the SSH service with:

SSH should pick it up automatically and now display your brand new SSH MOTD. It’s a ‘message of the day’ so you can change it regularly and SSH should pick up those changes automatically.

Depending, you might not even have to restart the SSH service. I’ve had it use the MOTD automatically, and I’ve had to restart the service to get it to show. You can have some fun and use things like this to generate some ASCII text. It’s your MOTD, do whatever you want with it!

Closure:

See? This was a nice and easy article. If you want to add an MOTD to SSH, you now know how to do so. Also, for the record, I’m getting pretty darned fast at writing articles. Well, some of them are pretty speedy to write. It helps if I don’t have to consult my notes that often. If I do, I often just put them on a different screen and that makes it easier to read them.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Subscribe To Our Newsletter
Get notified when new articles are published! It's free and I won't send you any spam.
.
Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.