A Network Port, simply known as a Port, is a logical number assigned to a process running on any machine. We know that on the Internet (or on any network) a machine is identified by its hostname.
The hostname can be simply the IP address of the machine, or a fully qualified domain name. A port number is assigned to each program running on the host machine; thus the client machine can access the program on the host.
Today, we will learn how to check if a particular port is open on a remote Linux system.
Install Nmap in Linux
The utility ‘Nmap‘ is the most popular and a very robust and handy command-line tool for network-related tasks. You can install it using apt package manager in Ubuntu and other Debian based systems.
$ sudo apt install nmap
In Red Hat-based systems, you can use yum or dnf to install it:
$ sudo yum install nmap Or $ sudo dnf install nmap
Now, run ‘nmap -v‘ to verify if it has been installed.
$ nmap -v
Check for Open Ports in Remote Linux
Once it is installed, we can execute it to get the open ports in a system. To get a list of all open ports on a remote Linux host, run:
$ nmap hostname/domainname
For example, to check the open ports on ubuntumint.com, run:
$ nmap ubuntumint.com
As you can see, there are only 2 ports that are open: port 80 used by HTTP and port 443 used by HTTPS. This is a proper configuration for any website or web server; to only keep open HTTP and HTTPS and close all other ports and prevent illegal access.
However, this will not scan for all the ports; in fact, it scans the 1000 most commonly used port numbers. To scan all the ports, run it with the
$ nmap -p- hostname
Note that this will take a lot of time to run for obvious reasons.
Check Particular Port is Open on Remote Linux
Now, to check if a particular port is open on the host, run:
$ nmap -Pn -p port_number hostname
For example, to scan for port number 22, which is the port number commonly used for SSH, run:
$ nmap -Pn -p 22 ubuntumint.com
You can see that the state of the port number is shown to be ‘filtered‘. This state means that the particular port number is blocked by either a firewall or a similar blocker, and hence it cannot be determined if the port is open or closed.
If it is determinable by Nmap that the port is closed, the state will appear to be ‘Closed‘. Usually, every website will have a firewall or similar software to prevent port scanning and network discovery; tools usually used by hackers with malicious intent.
We learned about the tool ‘Nmap‘ and how it can be used to check for open ports in a remote Linux host. There are plenty of similar things that can be done with Nmap, and actually, a good website or web host is one that prevents Nmap from scanning it!
If you have any questions or feedback let us know in the comments below!