Shulou(Shulou.com)05/31 Report--

This article mainly explains "how to check which ports are open in linux". Friends who are interested may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn "how to check which ports are open by linux".

Linux check the open port method: 1, use the nmap tool to detect the open port; 2, use the netstat tool to detect the open port; 3, use the lsof tool to detect the open port; 4, use the telnet to detect the open port; 5, use the netcat tool to detect the open port.

The operating environment of this tutorial: linux5.9.8 system, Dell G3 computer.

In network technology, Port includes two types: logical port and physical port. Physical ports refer to physically existing ports, such as ADSL Modem, hubs, switches, and interfaces used on routers to connect other network devices, such as RJ-45 ports, SC ports, and so on. Logical port refers to the port used to differentiate services logically, such as the service port in TCP/IP protocol. The port number ranges from 0 to 65535, such as port 80 for browsing web services, port 21 for FTP services, and so on. Because of the large number of physical ports and logical ports, each port is numbered in order to distinguish the ports. This is the port number.

Ports can be divided into three categories according to their port numbers:

1: well known port (Well Known Port)

The accepted port numbers range from 0 to 1023, and they are closely bound to some common services, such as FTP services using port 21, as you can see in / etc/services.

2: register port (Registered Ports):

From 1024 to 49151. They are loosely tied to some services. In other words, there are many services tied to these ports, which are also used for many other purposes.

3: dynamic or private port (Dynamic and/or Private Ports)

A dynamic port, or private port number (private port numbers), is the number of ports that can be used for any software to communicate with any other software, a transmission control protocol that uses the Internet, or a user transport protocol. Dynamic ports generally range from 49152 to 65535

There is a limited range of ports in Linux, and if I want to reserve some ports for my program, then I need to control this port range. / proc/sys/net/ipv4/ip_local_port_range defines the port range of the local TCP/UDP. You can define net.ipv4.ip_local_port_range = 1024 65000 in / etc/sysctl.conf.

[root@localhost ~] # cat / proc/sys/net/ipv4/ip_local_port_range32768 61000 [root@localhost ~] # echo 1024 65535 > / proc/sys/net/ipv4/ip_local_port_range

With regard to ports and services, I used to take public toilets as an analogy. Every toilet in a public toilet is like every port in the system. Convenience for people is the so-called service. If you provide these services, then you have to open the port (toilet). When someone goes to the toilet, links are established at these ports. If the toilet is occupied by someone, it means that the port number is occupied by the service. If one day there is no public toilet service here, the public toilet will be dismantled, and naturally there will be no port number. In fact, a more vivid example is like the bank lobby, the port number is those counters, and those who take the number to do business are like various clients linked to the server. They communicate with the counter through port redirection technology. To take another easy-to-understand example, the port number is like every station on the high-speed railway line. For example, Changsha and Yueyang represent a port number respectively. Passengers who travel to their respective stations through train tickets are like IP packets sent by various applications to the server port.

How to check whether the port is open, in fact, do not organize, do not know that there are so many ways!

1:nmap tool detects open ports

Nmap is a tool for network scanning and host detection. The installation of nmap is very simple, as shown in the rpm installation shown below.

[root@DB-Server Server] # rpm-ivh nmap-4.11-1.1.x86_64.rpm warning: nmap-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 setting. # 1:nmap # [root@DB-Server Server] # rpm- Ivh nmap-frontend-4.11-1.1.x86_64.rpm warning: nmap-frontend-4.11-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY Key ID 37017186Preparing... # [100%] 1:nmap-frontend # [100%] [root@DB-Server Server] #

With regard to the use of nmap, you can write long capitals, which will not be expanded here. As shown below, nmap 127.0.0.1 looks at the ports open on this machine and scans all ports. Of course, you can also scan other server ports.

[root@DB-Server Server] # nmap 127.0.0.1 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2016-06-22 15:46 CSTInteresting ports on localhost.localdomain (127.0.0.1): Not shown: 1674 closed portsPORT STATE SERVICE22/tcp open ssh25/tcp open smtp111/tcp open rpcbind631/tcp open ipp1011/tcp open unknown3306/tcp open mysql Nmap finished: 1 IP address (1 host up) scanned in 0.089 secondsYou have new mail in / Var/spool/mail/root [root@DB-Server Server] #

2:netstat tool detects open ports

[root@DB-Server Server] # netstat-anlp | grep 3306tcp 0: 3306: * LISTEN 7358/mysqld [root@DB-Server Server] # netstat-anlp | grep 22tcp 0 0: 22:: * LISTEN 4020 / Sshd tcp 0 52:: ffff:192.168.42.128:22:: ffff:192.168.42.1:43561 ESTABLISHED 6198/2 [root@DB-Server Server] #

As shown above, this tool doesn't feel as straightforward as nmap. Of course, it is not as powerful as nmap.

3:lsof tool detects open ports

[root@DB-Server Server] # service mysql startStarting MySQL. [OK] [root@DB-Server Server] # lsof-i:3306COMMAND PID USER FD TYPE DEVICE SIZE NODE NAMEmysqld 7860 mysql 15u IPv6 44714 TCP *: mysql (LISTEN) [root@DB-Server Server] # service mysql stopShutting down MySQL.. [OK] [root@DB-Server Server] # lsof-iOK 3306 [root@DB-Server Server] #

[root@DB-Server Server] # lsof-I TCP | fgrep LISTENcupsd 3153 root 4U IPv4 9115 TCP localhost.localdomain:ipp (LISTEN) portmap 3761 rpc 4U IPv4 10284 TCP *: sunrpc (LISTEN) rpc.statd 3797 rpcuser 7u IPv4 10489 TCP *: 1011 (LISTEN) sshd 4020 root 3u IPv6 12791 TCP *: ssh (LISTEN) sendmail 4042 root 4u IPv4 12876 TCP localhost.localdomain:smtp (LISTEN)

4: use telnet to check whether the port is open

Even if the server port is in the listening state, the firewall iptables blocks the port, so it is impossible to detect whether the port is open by this method.

The 5:netcat tool detects whether the port is open.

[root@DB-Server ~] # nc-vv 192.168.42.128 1521Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded! [root@DB-Server ~] # nc-z 192.168.42.128 1521 Echo $? Connection to 192.168.42.128 1521 port [tcp/ncube-lm] succeeded spread 0 [root@DB-Server ~] # nc-vv 192.168.42.128 1433nc: connect to 192.168.42.128 port 1433 (tcp) failed: No route to host so far, I believe you have a better understanding of "how to check which ports are open in linux". You might as well do it in practice! Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.