How to check opened/closed ports on my computer?

There's a few parameters to netstat that are useful for this :

• -l or --listening shows only the sockets currently listening for incoming connection.
• -a or --all shows all sockets currently in use.
• -t or --tcp shows the tcp sockets.
• -u or --udp shows the udp sockets.
• -n or --numeric shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.

You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:

netstat -atn           # For tcp
netstat -aun           # For udp
netstat -atun          # For both

In the output all port mentioned are in use either listening for incoming connection or connected to a peer** all others are closed. TCP and UDP ports are 16 bits wide (they go from 1-65535)

** They can also be connecting/disconnecting from the peer.

You can use this command:

netstat -tulnp | grep <port no>

If it shows some process its used. Its closed(not used) if there is no output.

Another alternative command line easy to use to find out which process is using a port:

lsof -n -i4TCP:$PORT | grep LISTEN

I added the next function in my .bash_profile,

function pslisten {
    echo `lsof -n -i4TCP:$1 | grep LISTEN`
}

and now run "pslisten 5060" to see who is grabing my SIP port.

It's work with Apple Mac OS X too.

Is the port status "LISTENING" indicated that the port is opened?

Yes. It means that some service is listening to that port on your computer for incoming connection i.e. this port is open for establishing new connections.

Any port that are not shown in the output indicated that it's closed?

Yes. Remember netstat -a will show all active (listening) and passive (non-listening) connections i.e. the ports that are acting as both server (some services are listening to these ports for connections from a different machine/process) and established (connections are established on these ports regardless of the fact the host/a service can be a server or client)

All TCP and UDP ports belong to a category called sockets and there are a whole lot of those. To view socket info you can check man ss.

Another option is ss. It's much easier to use....

The below command will only output a list of current listening sockets.

root@server:~# ss -l

    Netid  State      Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port   


u_dgr  UNCONN     0      0                                                      * 23353                                                                * 23352                
u_dgr  UNCONN     0      0                                                      * 568                                                                  * 362                  
u_dgr  UNCONN     0      0                                                      * 14836                                                                * 14837                
u_dgr  UNCONN     0      0                                                      * 20446                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 22877                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 504                                                                  * 347                  
u_dgr  UNCONN     0      0                                                      * 16298                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 23343                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 24125                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 24617                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 23352                                                                * 23353                
u_dgr  UNCONN     0      0                                                      * 23334                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 17113                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 16957                                                                * 369                  
u_dgr  UNCONN     0      0                                                      * 14793                                                                * 362                  
u_dgr  UNCONN     0      0                                                      * 23345                                                                * 362                  
u_dgr  UNCONN     0      0                                                      * 24070                                                                * 369                  
udp    UNCONN     0      0                                                      *:sunrpc                                                               *:*                    
udp    UNCONN     0      0                                                      *:981                                                                  *:*                    
udp    UNCONN     0      0                                                     :::sunrpc                                                              :::*                    
udp    UNCONN     0      0                                                     :::981                                                                 :::*                    
tcp    LISTEN     0      128                                            127.0.0.1:85                                                                   *:*                    
tcp    LISTEN     0      128                                                    *:ssh                                                                  *:*                    
tcp    LISTEN     0      128                                                    *:3128                                                                 *:*                    
tcp    LISTEN     0      100                                            127.0.0.1:smtp                                                                 *:*                    
tcp    LISTEN     0      128                                                    *:8006                                                                 *:*                    
tcp    LISTEN     0      128                                                    *:sunrpc                                                               *:*                    
tcp    LISTEN     0      128                                                   :::ssh                                                                 :::*                    
tcp    LISTEN     0      100                                                  ::1:smtp                                                                :::*                    
tcp    LISTEN     0      128                                                   :::sunrpc                                                              :::*                    

Or this might help by using watch, then play around with what you want to see.

sudo watch -d -n0 "netstat -atnp | grep ESTA"

sudo watch -d -n0 "netstat -tulnp | grep ESTA"

Actually there is a better way to see what ports you have open. The issue with netstat or lsof is that they query network stack and actually do not connect to the machine but instead trying to see what is running on the system. The better approach is to use nmap like so:

nmap -sT -O localhost

To see open ports.

1. Try this to get a list of opened ports in that range.

   for p in {1..1023}
   do
      (echo >/dev/tcp/localhost/$p) >/dev/null 2>&1 && echo "$p open"
   done
   

2. And this command will show what is it!

   cat /etc/services | grep {PORTNumber}