To list open ports on a Linux system, use a simple command: netstat -tuln

List Open Ports On Linux and Stop Services

Estimated reading time: 6 minutes

When it comes to managing servers and ensuring their security, I often find myself needing to list open ports and stop unnecessary services. Doing this helps keep things running smoothly and reduces the attack surface. If you’re looking to secure your system, knowing which ports are open and how to stop services is key. Here’s how I handle it, and you can too.

Why You Should List Open Ports Regularly

Listing open ports on a system is a quick way to identify which services are currently running. Open ports act like entry points to your system, and while some are necessary, others might be left open unintentionally. These unnecessary open ports could be potential vulnerabilities. I always recommend checking them regularly, especially when managing a production server or troubleshooting network issues.

How to List Open Ports with netstat

One of the classic tools I often use to list open ports on Linux is netstat. It’s a simple command that provides a lot of useful information. With netstat -tuln, you can view a list of all the open ports on your system, showing you which services are actively listening for incoming connections.

For Ubuntu users, here’s an example:

  • -t filters for TCP connections.
  • -u filters for UDP connections.
  • -l shows only listening sockets.
  • -n displays the address and port numbers in numeric form, which I find easier to read.
  • -p displays the process id/program name that is is listening for connections on the port.
To list open ports on a Linux system, use a simple command: netstat -tuln

This command will return all open ports, allowing you to identify which services are listening on your system. Tools like nmap are also handy when scanning for open ports remotely.

While netstat has been a staple in network management for years, it’s now considered somewhat outdated in newer Linux distributions. However, it still works well in many environments, and I find it useful for quick checks.

How to List Open Ports with ss

As Linux evolves, so do its tools. A more modern alternative to netstat is the ss command. ss stands for socket statistics, and it’s faster and more efficient, especially on systems with a lot of connections. I often use it because it provides similar output to netstat but with better performance and more filtering options.

Here’s how I use ss to list open ports:

This command works similarly to netstat, with nearly identical options:

  • -t for TCP connections.
  • -u for UDP connections.
  • -l for listening sockets.
  • -n for displaying numeric addresses and port numbers.
  • -p for showing the process using the port.

The key advantage of ss is its ability to handle large volumes of traffic more efficiently. If you’re managing a busy server or need to troubleshoot multiple connections, ss is the way to go. It’s faster and gives you real-time insights into your system’s network activity.

How to Stop Unnecessary Services

Stopping unnecessary services can free up resources and close unwanted open ports. Once you’ve identified which services you no longer need, you can stop them using systemctl for most modern Linux distributions.

For example, if I want to stop Apache (which uses port 80), I would run:

This command immediately stops the Apache service, and the port will no longer be open. If I don’t need the service in the future, I can also disable it permanently:

Stop and disable apache2 on Ubuntu

How to Kill a Process Associated with an Open Port

Once you’ve identified which process is using a specific port and you want to terminate it, you can kill the process using its PID. The following command is used to kill a process:

For instance, if you want to stop a process using port 8080 and its PID is 12345, you would run:

If the process doesn’t stop immediately, you can use the -9 flag to forcefully kill it:

Be careful with this command because it forcefully terminates the process, which could lead to data loss or corruption if the process was managing critical tasks.

How to Use lsof -i for Open Ports

In addition to netstat and ss, another useful tool for managing open ports is lsof (List Open Files). The lsof -i command provides a list of all network connections, including open ports and the processes using them. Here’s how I use it:

The lsof -i command provides a list of all network connections, including open ports and the processes using them.

This command displays all active network connections. It’s a great alternative to netstat or ss when you want to see which files and network connections are in use.

You can filter the results by specifying a port or protocol. For example, to list all connections on TCP port 80, I would use:

You can filter the results by specifying a port or protocol.


This gives a detailed list of processes using port 80 and their PIDs. Like the other commands, lsof -i allows you to identify and kill any unwanted or rogue processes quickly.

Why This Matters

If you’re serious about server management or network security, regularly reviewing open ports and stopping unnecessary services should be routine. Doing so minimizes your system’s exposure to potential threats and improves overall performance. I like to think of it as cleaning up your workspace—only, in this case, you’re decluttering your system and securing it.

Using Automated Tools

Although I prefer manual methods, automated tools can be useful, especially when managing multiple systems. Tools like ufw (Uncomplicated Firewall) and fail2ban help monitor and manage open ports. If you’re managing a larger network or need a quick overview, these tools can automatically handle a lot of the heavy lifting.

Conclusion

I can’t emphasize enough the importance of regularly checking open ports and disabling unnecessary services. Whether you prefer using netstat, ss, or lsof, these commands give you the information you need to identify open ports and secure your system. And when you need to stop a service or kill a process, the tools are at your disposal. It’s a simple, effective step that goes a long way in improving your server’s security and efficiency.

Further Reading

Leave a Reply

Your email address will not be published. Required fields are marked *