Ubuntu - What ports are open on my computer?

December 2016


[Ubuntu]What ports are open on my computer?




Intro


Type:
sudo netstat -lp --inet 


Example:
Active Internet connections (only servers)


Proto Recv-Q Send-Q Local address         Remote address        State      PID/Program name   
tcp        0      0 *:ssh                   *:*                     LISTEN     4140/sshd           
tcp        0      0 localhost:ipp           *:*                     LISTEN     4179/cupsd          
tcp        0      0 localhost:smtp          *:*                     LISTEN     4440/exim4          
udp        0      0 *:32768                 *:*                                4498/avahi-daemon:  
udp        0      0 *:mdns                  *:*                                4498/avahi-daemon:  
  • or:


sudo netstat -lp --inet
  • for the port numbers (21) instead of the associated protocol name (ftp).

How to interpret these data?


An open port does not necessarily mean it is accessible to Internet.
Here are some examples:
  • localhost: ftp means that the ftp port (21) is accessible only from your computer itself. This is not a security risk.
  • 10.0.0.1: ftp means that for the ftp port (21) is open only on the address 10.0.0.1, ie your local network. It is not accessible Internet.
  • 192.168.0.1: ftp means that for the ftp port (21) is open only on the address 10.0.0.1, ie your local network. It is not accessible Internet.
  • In fact, the IP addresses:
    • 10.0.0.1 to 10.255.255.254,
    • 172.16.0.1 to 172.31.255.254
    • 192.168.0.1 àto 192.168.0.254
  • are not routable on the Internet. This means that if a port is open on these addresses, it is not accessible from the Internet.
  • .ftp means that the port is open on all your interfaces (IP addresses). Anyone can access it from internet or your local network.
  • Unless you need it, you must avoid having an open server on the Internet addresses (* for example). This is a security risk.
  • You must check out the configuration of each server in order that they open only on certain IP (for example, /etc/vsftpd.conf for the ftp server)

Install a firewall


You can install a firewall, for better security.

Thanks to Sebsauvage for this tip.

Related :

This document entitled « Ubuntu - What ports are open on my computer?  » from CCM (ccm.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.