Skip to main content
All CollectionsDomains, Web Servers, and BeyondWeb Servers
How To List Down All Listening Ports In Linux?
How To List Down All Listening Ports In Linux?
Rapyd Team avatar
Written by Rapyd Team
Updated over a week ago

Understanding which ports are listening on a Linux system is vital for tasks like system administration, network troubleshooting, and enhancing security. This article outlines commands to help you list all listening ports, allowing you to keep a finger on the pulse of your system's network activity.

Introduction to Ports and Network Listening

In computer networking, a port serves as an endpoint for communication within an operating system. Ports are instrumental in differentiating services running on the same IP address. When a service is waiting for incoming connections, it's said to be "listening" on a port.

The netstat Command

One of the most widely used tools for network diagnostics, netstat, shows network connections, routing tables, and various interface statistics. To view listening ports, run the following command:

netstat -tuln

Here, each flag serves a specific purpose:

  • t displays TCP ports

  • u shows UDP ports

  • l lists listening ports

  • n presents addresses and port numbers numerically

Using lsof to List Listening Ports

The lsof command, which stands for List Open Files, can also be used to show listening ports. Use the command below to do so:

lsof -i -n | grep LISTEN

In this command:

  • i lists all network files

  • n ensures numerical representation of addresses

The ss Command: A Modern Alternative

The ss command is emerging as a modern replacement for netstat and provides an extended range of information about network connections. Use the following command to view listening ports:

ss -tuln

Much like with netstat, the flags -t, -u, -l, and -n serve the same functions.

Tips for Filtering and Understanding Results

  • To focus on a specific port, such as port 80, you can use grep in conjunction with any of the above commands:

    netstat -tuln | grep :80
  • Be aware that ports below 1024 are "well-known ports" used for standard services like HTTP, FTP, and SSH. Ports above 1024 are considered ephemeral and can be utilized by user-level processes.

  • Stay updated on security advisories for software that's listening on ports, especially if they're exposed to the public internet.


Understanding the basics of network ports and becoming proficient with the mentioned commands can offer valuable insights into your Linux system's network activities. Consistently monitoring listening ports is critical not just for diagnosing network problems but also for maintaining a secure and stable system environment.

Did this answer your question?