How to check for open ports on Debian 10

Port checking is very important to check which ports are open and listening on your system. Eavesdropping services can be a starting point for hackers who can exploit vulnerabilities in systems to gain access or compromise a system. It is not recommended to continue running the service if you are not using it. It also requires additional resources. Therefore, it is necessary to constantly check the open ports on your system.

In this article, we will explain how to check for open ports on a Debian 10 system in four different ways.

Note. The commands and procedures described in this article have been tested on a Debian 10 Buster system.

Check open ports with ss command

The ss (socket statistics) command in Linux provides important information about network connections, including open ports and listening sockets. It gets this information from the Linux kernel. When used without command line arguments, the ss command displays detailed information about all current connections, regardless of what state they are in. The ss command replaces the netstat command. The ss command is included in the iproute2 package and is available on the Debian system. However, in any case, if you don’t find it on your system, you should be able to install it easily.

Open Terminal on your Debian 10 system and enter the following command in it:

$ sudo apt install iproute2

To check the open ports on your Debian system, enter the following command in Terminal:

$ sudo ss -tulpn

Where:

  • -t, -tcp: To see all TCP sockets
  • -u, -udp: To see all UDP sockets
  • -l, – listening: To see all listening sockets
  • -p, processes: To find out which processes are using sockets
  • -n, -numeric: Use this option if you want to see the port number instead of the service names.

In the output, you will see a list of all listening TCP and UDP connections.

The above output shows that only port 22 is open on the system.

The note: If you use the -p or –processes parameter with the ss command, you must be root or a user with sudo privileges. Otherwise, you will not be able to see the process identification number (PID) of the process running on the ports.

Check open ports with netstat command

The Netstat command in Linux provides information about current network connections and statistics. Netstat has almost the same command options as the ss command. To use the netstat command, you need to install net-tools. To do this, run the following command in Terminal:

$ sudo apt-get install net-tools

Install network tools

Advertisement

Once installed, you can use the netstat command in your Debian terminal.

To check the open ports on your Debian system, enter the following command on it:

$ sudo netstat –tulnp

Where:

  • -t, -tcp: To see all TCP sockets
  • -u, -udp: To see all UDP sockets
  • -l, – listening: To see all listening sockets
  • -p, processes: To find out which processes are using sockets
  • -n, -numeric: Use this option if you want to see the port number instead of the service names.

Check open ports with netstat command

The above output shows that only port 22 is open on the system.

The note: If you use the -p or –processes parameter with the netstat command, you must be root or a user with sudo privileges. Otherwise, you will not be able to see the process identification number (PID) of the process running on the ports.

Check open ports with lsof command

The lsof command in Linux means a list of open files (because in Linux everything is a file, including devices, directories, ports, etc.). Using the lsof command, you can search for information about files that are opened by different processes.

The lsof command is available on the Debian system. However, in any case, if you do not find it on your system, you can easily install it using the following command in Terminal:

$ apt-get install lsof

To use lsof to view all listening TCP ports, enter the following command in Terminal:

$ sudo lsof -nP -iTCP -sTCP:LISTEN

Find open ports with lsof

The above output shows that only port 22 is open on the system.

Check open ports with Nmap utility

Nmap is a Linux command line utility used to perform system and network scans. It is mainly used for network auditing and security scanning. It is not installed by default on Linux systems, however you can install it with the following command in Terminal:

$ sudo apt install nmap

Use nmap to find open ports

After executing the above command, the system may ask for confirmation whether you want to proceed with the installation or not. Press y to continue, after that the installation will start on your system.

Once installed, you can use Nmap to check for open ports on your system. To do this, enter the following command in the Terminal:

$ sudo nmap –sT –p-65535 ip-address

Since our system’s IP address is 192.168.72.158, the command will look like this:

$ sudo nmap –sT –p-65535 192.168.72.158

Port scanning with nmap

The above output shows that only port 22 is open on the system.

That’s all! In this article, we discussed how to check for open ports on a Debian 10 system. Hope you enjoyed the article!

How to check for open ports on Debian 10

Sidebar