It is necessary that you check which network interface ports on the server are open for traffic. In order to identify an intrusion, you must be aware of any open ports. Further to an intrusion, you might need to verify that a port on your servers isn't already being used by another application for purposes of troubleshooting. For instance, you may set both Apache and Nginx servers on the same machine. Therefore, it is essential to ascertain whether Apache or Nginx is using TCP port 80/443.
1. Using the netstat Command
The netstat command, which displays network connection, routing table, interface metrics, and other information, is utilized for this purpose. It is compatible with both Windows OS and Linux, as well as all Unix-like operating systems.
[On Debian/Ubuntu & Mint]
sudo apt-get install net-tools
[On CentOS/RHEL and Fedora]
sudo dnf install net-tools
You can use netstat with grep command
netstat -ltnp | grep -w ':80'
The flags are in the command above.
l - tells netstat to display only sockets that are listening.
t - To view TCP connections
n – tells it to display addresses as numbers.
p - Allows the process name and ID to be displayed.
grep -w - displays the precise string that matches (:80).
2. Using the lsof Command
To view a list of all open files on a Linux system, use the lsof command (List Open Files).
Enter the following command to install it on your computer.
[On Debian/Ubuntu & Mint]
sudo apt-get install lsof
[On CentOS/RHEL and Fedora]
sudo yum install lsof
To find the process/service listening on a particular port, type (specify the port).
lsof -i :80
3. Using the fuser Command
Use the command below to find the process or service that is listening on a specific port (specify the port).
fuser 80/tcp
This article through you can find the which port is running on Linux systems.
0 Comments