70

Is it possible to check that if the ports are open for the remote system on ubuntu server?

I should able to check if a port(eg:ssh) on my machine is open for the remote machine.

user53864
  • 1,723
  • 11
  • 37
  • 66

8 Answers8

93

use good old telnet:

[user@lappie ~]$ telnet host 22
Trying ip.adr.tld ...
Connected to host  (ip.addr.tld).
Escape character is '^]'.
SSH-2.0-OpenSSH_5.1p1 Debian-5

this is a successful attempt. An unsuccessful one should look like this;

[user@lappie ~]$ telnet host 23
Trying ip.adr.tld ...
telnet: connect to address ip.adr.tld: Connection refused
telnet: Unable to connect to remote host: Connection refused

or with nmap 

[user@lappie ~]$ nmap host

Starting Nmap 5.21 ( http://nmap.org ) at 2010-10-07 11:25 CEST
Nmap scan report for host (ip.adr.tld)
Host is up (0.0052s latency).
rDNS record for ip.adr.tld : host.domain.tld
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
3000/tcp open  ppp
5666/tcp open  nrpe

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
natxo asenjo
  • 5,739
  • 2
  • 26
  • 27
  • Great help!. I felt It's only listing the port no's for which the services are running on the specified host. I checked it stopping the services and running nmap command again. so it didn't list the port which I stopped. Is it really showing the open ports for remote machine? – user53864 Oct 07 '10 at 10:39
  • 1
    @user53864: you should run this test on a remote machine, obviously. – natxo asenjo Oct 07 '10 at 11:00
  • 2
    This will only work for TCP services. –  Oct 27 '11 at 17:07
  • Using `nmap` on aws machine trigger an abuse report. – Newbee Aug 07 '18 at 13:23
15

This is simple as :

nc -zw3 domain.tld 22 && echo "opened" || echo "closed"

-w3 is the timeout

Gilles Quénot
  • 1,313
  • 10
  • 17
10

Use NMAP. Example:

nmap example.com

You can use IP address in place of domain name. Here is the full documentation: http://nmap.org/book/man.html

Joshua
  • 593
  • 2
  • 19
  • 1
    Its only listing the ports on which services are running on a specified machine. – user53864 Oct 07 '10 at 06:05
  • Then you're using it wrong. – Christoffer Hammarström Oct 07 '10 at 08:50
  • @user53864, that is correct. More specifically, it will list all OPEN ports and also describe what services are using them. If you are looking for a specific port, try simply "nmap example.com 22" as natxo asenjo said, which will scan port 22 (SSH) to see if it is open. – Joshua Oct 07 '10 at 14:31
7

From this StackOverflow answer:

You seem to be looking for a port scanner such as nmap or netcat, both of which are available for Windows, Linux, and Mac OS X.

For example, check for telnet on a known ip:

  nmap -A 192.168.0.5/32 -p 23

For example, look for open ports from 20 to 30 on host.example.com:

  nc -z host.example.com 20-30
Community
  • 1
Mohamed Brahimi
  • 71
  • 1
  • 1
6

For a script, I use something like the following:

nmap example.com -p 22 -sV --version-all -oG - | grep -iq '22/open'

The return value tells you whether the port is open!

yar
  • 3,045
  • 1
  • 15
  • 5
2

nmap example.com -p 22

Sudheer
  • 169
  • 2
  • 10
2

Telnet will only work for TCP services, so if you're trying to see if your DHCP server (UDP/68) is running on a remote machine it won't work. Likewise nmap defaults to only scanning TCP ports.

For UDP ports use:

nmap -sU example.com -p 68

1

I used following command .It gave output what I wanted. nmap -A IPAddressOfRemoteSystem -p portNumber ex : nmap -A 192.168.1.87 -p 8080 (or) we can check the local ports also

before that first check what are the ports are open/listen mode by using following command.

netstat -ntlp | grep LISTEN

after that

nmap -A localhost -p portNumber

and close any one port for example if mysql is running on 3306 you can stop it by,

sudo service mysql stop

and then,

nmap -A localhost -p 3306

Hope this will helpfull.

deagh
  • 2,019
  • 5
  • 19
  • 19
Harish Kumar
  • 11
  • 1