Checking for ports is very important to verify which ports are opened and listening on your system. Listening services can be an entry point for hackers who can exploit vulnerabilities in systems to gain access or compromise a system. It is not recommended to keep a service running if you are not using it. Also, it consumes additional resources. Therefore, it is necessary to keep a continuous check on open ports on your system.

In this article, we will explain how to check for open ports on Debian 10 system using four different ways.

Note: The commands and procedures discussed in this article have been tested on a Debian 10 Buster system.

Check open ports using ss command

The ss (socket statistics) command in Linux provides significant information about network connections including open ports and listening sockets. It gets this information from the Linux kernel. When the ss command is used without any command-line arguments, it displays detailed information about all current connections irrespective of which state they are in. The ss command is the substitute of netstat command. The ss command is bundled with the iproute2 package and available on the Debian system. However, in any case, if you do not find it in your system, you can install it easily.

Open the Terminal in your Debian 10 system, and issue the following command in it:

$ sudo apt install iproute2

To check open ports on your Debian system, issue the following command in the Terminal:

$ sudo ss -tulpn

Where:

  • -t, –tcp: To see all TCP sockets
  • -u, –udp: To see all UDP sockets
  • -l, –listening: To see all listening sockets
  • -p, processes: To see which processes are using sockets
  • -n, –numeric: Use this option if you want to see a port number instead of service names

In the output, you will see a list of all listening TCP and UDP connections.

Find open Ports on Debian

The above output shows that only port 22 is opened on the system.

Note: If you are using the -p or –processes option with ss command, you must be root user or the user with sudo privileges. Otherwise, you will not be able to see the process identification number (PID) of the process running on the ports.

Check open ports using netstat command

Netstat command in Linux provides information about current network connections and statistics. Netstat has almost the same command options as that of ss command. In order to use the netstat command, you will need to install the net-tools. Issue the following command in Terminal to do so:

$ sudo apt-get install net-tools

Install net tools

Once installed, you can use the netstat command in your Debian Terminal.

To check open ports on your Debian system, issue the following command in it:

$ sudo netstat –tulnp

Where:

  • -t, –tcp: To see all TCP sockets
  • -u, –udp: To see all UDP sockets
  • -l, –listening: To see all listening sockets
  • -p, processes: To see which processes are using sockets
  • -n, –numeric: Use this option if you want to see a port number instead of service names

Check open ports with netstat command

The above output shows that only port 22 is opened on the system.

Note: If you are using the -p or –processes option with netstat command, you must be root user or the user with sudo privileges. Otherwise, you will not be able to see the process identification number (PID) of the process running on the ports.

Check open ports using the lsof command

The lsof command in Linux stands for list open files (as everything in Linux is a file including devices, directories, ports, etc). Using the lsof command, you can look for the information about the files which are opened by different processes.

The lsof command is available on the Debian system. However, in any case, if you do not find it in your system, you can install it easily using the following command in Terminal:

$ apt-get install lsof

In order to use lsof to view all listening TCP ports, issue the following command in Terminal:

$ sudo lsof -nP -iTCP -sTCP:LISTEN

Find open ports using lsof

The above output shows that only port 22 is opened on the system.

Check open ports using the Nmap utility

Nmap is a Linux command-line utility used to perform systems and network scans. It is mostly used for network auditing and security scans. It does not come installed by default on Linux systems, however, you can install it using the following command in Terminal:

$ sudo apt install nmap

Use Nmap to search for open ports

After running the above command, the system might ask for confirmation that if you want to continue the installation or not. Hit y to continue, after that, the installation will be started on your system.

Once installed, you can use the Nmap to check for open ports on your system. To do so, issue the following command in Terminal:

$ sudo nmap –sT –p-65535 ip-address

As our system’s IP address is 192.168.72.158, therefore the command would be:

$ sudo nmap –sT –p-65535 192.168.72.158

Scan for ports using nmap

The above output shows that only port 22 is opened on the system.

That is all there is to it! In this article, we have discussed how to check open ports on Debian 10 system. I hope you liked the article!

How to Check for Open Ports on Debian 10
Avatar

Karim Buzdar

About the Author: Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. You can reach Karim on LinkedIn