What ports are used by an application
Solution 1
You can use netstat
for this. See the example (I grepped for ssh
):
netstat -putan | grep ssh
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1725/sshd
tcp 0 0 1.2.3.4:45734 1.2.3.5:22 ESTABLISHED 2491/ssh
tcp6 0 0 :::22 :::* LISTEN 1725/sshd
Explanation:
I often use the parameters -putan
(because they are simple to remember).
-
-p
: show the PIDs of the application/process -
-u
: show udp ports/connections -
-t
: show tcp ports/connections -
-a
: show both listening and non-listening sockets -
-n
: numeric output (don't do DNS lookups for hostnames etc.)
In the output above, you see that there is an ssh daemon process (sshd
) with PID 1725
listening at port 22
on all network interfaces (0.0.0.0
). Also there is an ssh client process (PID 2491
) connected to the IP-address 1.2.3.5
at port number 22
, my IP-address is 1.2.3.4
and my external port is 45734
. You see that the connection is established. Therefore I'm logged in via ssh
.
Solution 2
ss
utility from iproute package for Linux
Solution 3
We have already good answers but they only list the ports that are open at the moment the command runs.
strace
is the right tool to monitor the connections opened during the application lifetime:
strace -e socket,connect,close -f -o hipchat.strace.txt hipchat
The output would show you additional information like UDP requests and opened but closed connections.
Related videos on Youtube
Baz
Updated on September 18, 2022Comments
-
Baz almost 2 years
I'm testing an application which opens its own ports (acts as a server for these ports, hence listens at that ports) and where the same application connects to ports bound by other applications (acts as client for these ports).
I would like to get an overview as to which ports the application creates and to which applications and ports it connects to.
How can I do this?
-
jamesbtate about 9 yearsAn established TCP connection on port 22 does not indicate successful authentication. TCP must be established before authentication in either direction can occur.
-
chaos about 9 years@Puddingfox yes true, we could better say "I'm connected to that port", but for comprehension I said "i'm logged in", because it's more illustrative.
-
Prerak Diwan about 9 yearshehe... `-putan' I'm so tempted to correct this minor spelling error ;)
-
MariusMatutiae about 9 yearsWhy use obsolete utilities when modern ones are available? ss -lntp is the utility provided by the iproute2 suite.