Developer Networking Open source

10 ways to check ports in Linux to help troubleshoot systems


linux-10-trouleshoot
Image: Julien Tromeur/Adobe Stock

Networking is the spine behind a lot of know-how, and whereas a standalone machine isn’t with out vital worth due to its native processing capabilities, the bread and butter behind enterprise operations includes communication. Namely, getting systems and gadgets speaking with each other throughout networks to entry or share information, keep safety and monitor operations.

When utilizing TCP/IP, the common language of networks, the method of checking ports to guarantee they’re configured, listening and accepting visitors is customary fare for system and community directors. Ports are related to processes operating on course systems resembling internet servers, electronic mail servers, Active Directory area controllers and different centralized assets. Gathering details about them is crucial to correct communicative performance.

SEE: Linux turns 30: Celebrating the open supply working system (free PDF) (TechRepublic)

Here are 10 ways you’ll be able to work with ports utilizing Linux to troubleshoot points and keep operations.

How to check to see what protocols and ports are related to a given service

This command can present you a reference information which can inform you the protocols and ports used (in principle) by any service in case you’re on the lookout for extra info. It doesn’t present you what’s actively listening, however relatively is used to help slim down what may or needs to be used for any given operate, resembling FTP or SSH.

Run:

cat /and many others/providers | much less

The output will present an intensive record of dozens of providers and the ports related to them to help function a reference level for you.

How to check to see what ports are actively related from or to an area system

Run the ss command and you will note a listing of the ports to which a selected system is related, both regionally or remotely: Details will rely on the system and capabilities concerned.

How to use nmap to scan a distant system for open ports

The nmap utility, also referred to as ncat, is a helpful Swiss military knife which works for Linux and Windows that can be utilized to see what ports are open on a distant system. Keep in thoughts port scanning could appeal to the eye of a safety group, so solely do that for licensed enterprise functions.

Let’s say you need to see what ports are open on the distant system web site for Microsoft.

In Linux, run:

nmap microsoft.com

The outcomes will reveal open ports on that host comparable to the next:

Starting Nmap 7.92 ( https://nmap.org ) at 2022-05-05 15:32 Eastern Daylight Time

Nmap scan report for microsoft.com (20.81.111.85)

Host is up (0.018s latency).

Other addresses for microsoft.com (not scanned): 20.84.181.62 20.103.85.33 20.53.203.50 20.112.52.29

Not proven: 998 filtered tcp ports (no-response)

PORT    STATE SERVICE

80/tcp  open  http

443/tcp open  https

Nmap executed: 1 IP deal with (1 host up) scanned in 47.51 seconds

To check for a selected port resembling 443, run nmap -p 443 microsoft.com.

You can check a number of ports resembling 80 and 443 with nmap -p 80,443 microsoft.com.

How to check an area system to see which utility is related to a port

Let’s say you need to see what native utility is listening on port 8443.

Run:

netstat -tulpn | grep 8443

This will return the method ID (PID), as an example 8971 (there could also be a number of PIDs) in addition to the applying title (in this case it’s Java).

How to kill an utility or service related to a selected port

This can come in helpful for functions or providers you don’t acknowledge and suspect could also be malicious. Follow the above command to get the PID(s), then run:

kill -9 (PID)

Repeat as wanted for every PID to kill the method.

How to check a distant system with telnet to see if a port is listening and will be related to

Let’s say you need to see if a distant system referred to as host.firm.com is listening on port 443 and will be related to.

Run:

telnet host.firm com 443

If you see a Connected response, the host is listening on that port and will be related to.

If you get a (*10*) Refused error or the connection instances out, the host both isn’t listening, entry could also be blocked from that host or you’ll be able to’t get to the host (check for firewall entry).

How to check a distant system with out telnet to see if a port is listening and will be related to

Not each system has telnet put in, and when you can normally set up it from a yum repository utilizing yum set up telnet, generally the repositories don’t comprise that bundle or the system is locked down stopping any software program set up. You may additionally be in an excessive amount of of a rush to conduct a yum set up. Let’s say you’d like to see if the host with the IP of 10.37.39.141 is listening on port 636:

echo > /dev/tcp/10.37.39.141/636

Ironically, in the event you get no response again, that’s truly a very good factor and means the entry labored.

If you get a (*10*) Refused error or the connection instances out, the host both isn’t listening, entry could also be blocked from that host or you’ll be able to’t get to the host (check for firewall entry).

How to check a distant system utilizing curl to see if a TCP port is listening

This achieves the identical consequence because the prior step, however is a helpful manner to get oriented in the direction of the curl utility.

Let’s say you’d like to see if the host with the IP deal with of 10.37.34.21 is listening on port 16667:

Run:

curl -v telnet://10.37.34.21:16667

If you see a Connected response, the host is listening on that port and will be related to.

If you get a (*10*) Refused error or the connection instances out, the host both isn’t listening, entry could also be blocked from that host or you’ll be able to’t get to the host (check for firewall entry).

Note that this solely works for TCP ports.

How to check what SSL certificates is listening on a port

This is considered one of my favorites and it has been a lifesaver for me throughout SSL certificates replacements in order to be certain that issues have been executed appropriately.

Let’s say you’ve got a server named splunk.firm.com with an SSL certificates hooked up to port 8000, which you’ve simply changed and need to verify is current.

Run:

openssl s_client -connect splunk.firm.litle.com:8000 2>/dev/null | openssl x509 -noout

This will return the total particulars of the SSL certificates such because the CN and issuer.

How to check the expiration date of an SSL certificates listening on a port

For fast manner to set up the server in query has the fitting certificates hooked up to that port, run:

openssl s_client -connect splunk.firm.litle.com:8000 2>/dev/null | openssl x509 -noout -dates

This will return output comparable to the next:

notBefore=May 31 21:46:06 2021 GMT

notAfter=May 31 21:56:06 2022 GMT

With the above info in thoughts you’ll be able to relaxation simple understanding the fitting certificates is in place.

admin

Leave a Reply

Your email address will not be published.Required fields are marked *

*