A port is a logical construct that is bound to a service or process. It acts as an endpoint for a network service that accepts some type of communication. Only one process can bind to a port, so often you need to find which process is listening on a specific port.
In the article we will show you four different ways to accomplish this with four different commands and their options.
Find Listening Process with lsof Command
The lsof command stands for "list open files". Since everything in Linux is a file, including ports and sockets, we can get all the information we need. To find the processes listening on a specific port with lsof, run the following command:
lsof -iTCP:22 -sTCP:LISTEN
The lsof command is available on all major Linux distributions and usually installed by default.
Use netstat Command to Find Process Listening on Port
The netstat command is an oldie but a goody. It has been around since the early 80's and is available not only on every Linux system, but also any UNIX or UNIX variant and Microsoft Windows since at least XP.
To find the processes listening on a specific port with netstat, use the following command:
netstat -anp | grep ":22"
The -a option means all, -n means show ports numerically not names, -p means show process id and name.
NOTE: Syntax on Windows and UNIX systems may vary.
Find Listening Process with fuser Command
The fuser command identifies which process is using a file or socket. With some clever options we can find all the information we need about which process is listening on a port.
sudo fuser 22/tcp
Here we use the -v option for verbose mode, and the -n option to select the corresponding namespace, followed by TCP port 22.
Use the ss Command to Find Process Listening on Port
The ss command is pegged as the replacement for netstat. However, I think netstat is so ingrained in people that it will be a while before it goes anywhere. The ss commands syntax in my opinion is a little more convoluted, but that may be because I am old and set in my ways.
To find processes listening on a specific port with the ss command, we can use the following command:
sudo ss -lptn 'sport = :22'
Conclusion
As with anything in Linux there is always more than one way to get the job done. Here we showed you four different methods to find which process is listening on a specific port. If you have a different way than we discussed here feel free to sound off in the comments.
Resources and Links
- lsof Man Page
- Netstat Man Page (I like the UNIX man page)
- fuser Man Page
- ss Man Page