Tag: port

How To: Check If A Specific Port Is Open

In today’s article, we’re going to learn how to check if a specific port is open. The command is simple, but versatile. It’s also pretty quick to check and see if a port is open. Read on, as I try to make it easy!

From a security standpoint, it’s a good idea to identify what ports are open, and what function those open ports have. From a usability standpoint, it’s good to know which ports are open so that you can connect to the device.

I suppose, as a general rule, you could probably assign ports to do all sorts of things. However, it’s actually standardized (in many cases) and specific ports will be open for specific things. 

You may have found yourself using different ports. If you owned a website, then the address to your control panel might be something like https://example.com:9000 or similar. Your server will have open ports for other things, like port 80 for HTTP or port 22 for SSH.

If you are curious, you can click this link to learn more about standard ports. If you’re new to the concept, then that link might actually help explain things better than I can. We do rely on standardized port numbers quite a bit.

When you’re browsing the regular web, you’re not necessarily aware but you’re using the site’s port 80 to get the public-facing web data. While you could host your site on a different port, it’d take some configuration changes on the back end. I suppose you could just do some work with htaccess if that was your goal, but it’s a pretty pointless goal.

Check If A Specific Port Is Open:

You should think of open ports as public information! They’re not secrets. It’s easy to find open ports, so you’ll need to secure them properly. It’s a good idea to know what traffic is happening on what port, as ports are open for a reason.

For example, there’s no security lost if I point out this site’s running on a server with port 80 open. Of course it’s open. That’s how you browse it. There are ways to hide your open ports, but that’s beyond the scope of this article. This article is just going to show you how to check if a specific port is open.

Like much of the time, you will need to have an open terminal. Of course, if you want to open your default terminal emulator, just press CTRL + ALT + T and your default terminal should open.

With your terminal open, you can just use ‘localhost‘ to test your own computer. For example, you might have an open port 80 or port 22 for SSH. So, to check those, your commands would look like:

You can also check remote servers. You can even check those on your network by using their IP address or their hostname. You’re familiar with my usage of ‘kgiii-msi.local‘, so we’ll use that.

That also works with this site and other sites on the internet. Just use the fully qualified domain name (FQDN) instead of an IP address. As an example, try the following command:

See? You have now confirmed that this site has port 80 open. Congratulations, you’re a 1337 h4X0R! But, now you can check if a specific port is open, a valuable skill to have. 

By the way, if the command appears to stop and not give you a result, press CTRL + C to halt the process. If the port isn’t open, and the server doesn’t respond to tell you that it’s closed, the command will keep running indefinitely. So, it’s good to know how to stop it.

Closure:

Again, this article has shown you how to check if a specific port is open. An open port doesn’t mean anything bad, necessarily. The command you’re using in this article will also try to tell you what traffic is expected on the open port. It looks a little something like this:

linux-tips.us has an open port 80 - just like every other site on the planet...
Oh no! Linux-Tips.us has an open port! (It’s fine. It’s how you’re seeing the site!)

Of course, that’s just http traffic, so try running the following command to see where you’re getting the https (secure) content:

That’ll show you that not only is the port open, but that that port (443) is used for https traffic, which is really what the site uses for you the reader. I obviously have https configured, updated, and properly implemented. I want you to have a secure connection, as secure a connection as you want.

Anyhow, this is getting to be a long postscript… This is turning into a fairly long article. We’ll see how many people read past the ‘CLOSURE:’ text! 

Think of ports like doors. Just because it’s open doesn’t mean you can go in and help yourself. Also, it’s not polite to go around knocking on random doors just to see if they’re open. Feel free to check this site, as I’m confident about the security.

Well, I hope you’ve learned how to check if a specific port is open. This seemed like a good thing to share. It’s also useful if you want to SSH into a remote computer and need to make sure the port is open as one of your debugging steps! (See?!? All the articles can be SSH articles!)

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Let’s Use ‘netstat’ To Find Out What Process Is Listening On A Specific Port

Today’s article is going to teach you how to use ‘netstat’ to find out what process is listening on a specific port. If you have open ports and don’t know why – and what’s listening on that port, you’re not making good security choices.

Let’s say you followed an article about how to monitor TCP/UDP in real time. If you’re new, or even just not all that advanced with Linux and networking, you might not know why there are all those ports and all that activity. Well, one of the things you should know is how to identify what process is listening on a specific port.

There are a number of ways to do this, but we’ll be using ‘netstat’. The ‘netstat’ application can be pretty advanced, but what we’ll be doing is pretty straightforward. If you’re curious, ‘netstat’ defines itself thus:

Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

As you can see, it’s a pretty advanced application. It has a rather expansive man page, and we’ll largely ignore that as we really only need some limited functionality. All we really need to do, for this exercise, is find out what process is listening on a specific port.

With that in mind, let’s leap into the meat of the article…

What Process Is Listening On A Specific Port:

This article requires an open terminal. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Once you have that open, you’ll need to find out if you have ‘netstat’ already installed. There are many ways to do this, I prefer:

If you do not have ‘netstat’ installed, it’s certainly available for all mainstream distros and easily installed from your default repositories. Here’s how to install on a few distros:

Debian/Ubuntu/Mint/etc:

RHEL/CentOS/Fedora/Rocky Linux/etc:

SUSE/OpenSUSE/etc:

If you’re using a different distro, root through the default repositories. It’s a pretty common tool and I’d like to imagine it’s easily available to anyone.

Once you have ‘netstat’ installed, the command we’re going to use is really, really, simple. In fact, I wrote this whole darned article mostly for just one command. I probably could have made it shorter. Still, it might as well be long enough to give some extra information along the way.

Anyhow, the command you run is this:

For example, you might have an open port 22 and want to know what process is listening on that specific port. So, you’re command would look like this:

The end result will look something like this:

netstat being used to find out which process is listening at a specific port
While not completely clear, you can deduce that it’s just the SSH daemon listening on port 22.

It may not be completely clear, but you can use this to deduce what process is listening on a specific port. If it’s not completely clear, you can get actually dig a little deeper. See the “1100” in there? Well, that’s the PID (Process ID) and you can use the following command to get more informtion. It looks like this:

The output from that in this case is:

Which, as we know, is the daemon for SSH and thus nothing unexpected is running on port 22. See? Security!

Closure:

And there you have it, another article. This one is a pretty handy one, especially for when you want to know what process is listening on a specific port. If you have things running that you can’t identify, you can always stop by Linux.org and ask for help. Someone there will try to find out what’s going on for you.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Change The Port SSH Uses

There are a number of things you can do to help secure SSH, and changing the port that SSH uses is one of those things that many people change. That can help, but I feel it’s important to also mention that security by obscurity isn’t really good security.

By the way, I’ve already written a couple of articles about SSH. Feel free to check ’em out, as they may get you up to speed if you’re not already there. The first link should be the link you click if you need to learn how to get started.

If you don’t know what ports are, there’s a great Wikipedia page here. We’re talking about software ports and not hardware ports. They’re well-described as this:

At the software level, within an operating system, a port is a logical construct that identifies a specific process or a type of network service.

By default, SSH uses port 22, and everybody knows it. Well, everybody that’s interested in networking knows this. And, because of this, malicious actors will scan for online computers and then check port 22 to see if SSH is running. If they find the port open, they’ll possibly try to guess the password and keep trying until they get through. 

NOTE: There are a number of ways to secure SSH, including disabling password logins entirely and using things like fail2ban to limit login attempts. I’d expect articles on those subjects in the future, but they have not yet been written by me. I’m sure other sites will have information, so use a search engine if you’re wanting to learn about those things today. (I am never gonna remember to come back and remove this.)

So, one step you can take is to make SSH listen on a different port. You can do that in isolation or along with other security methods. It’s not the greatest security fix, because people can (and do) just scan entire port ranges. While moving the port to something other than the default will help, it’s (by itself) just security by obscurity.

Knowing all that, let’s take a look at how we can change from the default port to one of your choosing. It’s actually pretty easy.

Change Your SSH Port:

To get started, we’re gonna need to open a terminal. You can do this with your keyboard, simply press CTRL + ALT + T and your default terminal should open up. By the way, you can change your default terminal.

Once that’s open, we’re going to want to edit a file using nano. You’ll do that with this command:

That will open ‘sshd_config’ (the SSH configuration file) with the nano text editor. Once that’s open, you’re going to scroll down while looking for “#Port 22”. It will look a little something like this:

changing the port SSH uses
For many of you, the next step will be obvious!

What you need to do is remove the # and then change the 22 to whatever port you want to use. So, if you wanted to change the port to 4441, you’d change the line to read:

Note the removal of the #, as the # tells the computer to ignore that line. A line starting with # (in this case) means that line is ‘commented out’, meant to be ignored.

Anyhow, once you’ve changed it to the new port you need to save it. Seeing as you’re using nano, that’s pretty easy. Just use your keyboard and press CTRL + X, then Y, and then ENTER.

Just because you’ve changed it doesn’t mean it has taken effect. You have to restart the service. To do that, you need this command:

That should restart the service, where it will now listen on the new port. From now on, you’ll connect with something like this:

Basically you’re just adding the ‘-p 4441’, except whatever port you picked, to the command. If you’re using aliases or something like Putty, be sure to change those settings as well.

NOTE: This isn’t the final step for many people. Some of you will have to change your firewall’s settings to allow TCP on the changed port. In some cases you may also have to enable it with semanage utility. In those cases, consult your documentation. If you can’t get it figured out, leave a comment and we’ll see if we can get it figured out together.

Closure:

And there you have it, another article in the books. This time, you’ve learned how to change the port that SSH uses. Hopefully that’ll come in handy for some of you. In isolation, it’s not the greatest security method – but it’s better than nothing. There’s still an article every other day!

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Subscribe To Our Newsletter
Get notified when new articles are published! It's free and I won't send you any spam.
.
Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.