Introduction
A port is a communication endpoint. At the software level, within an operating system, a port is a logical construct that identifies a specific process or a type of network service. A port is identified for each transport protocol and address combination by a 16-bit unsigned number, known as the port number. The most common transport protocols that use port numbers are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).
Also port is a logical entity that represents an endpoint of communication and is associated with a given process or service in an operating system. In previous articles, we explained how to find out the list of all open ports in Linux and how to check if remote ports are reachable using the Netcat command.
1. Using lsof Command
lsof command (List Open Files) is used to list all open files on a Linux
To install it on your system, run
$ sudo apt-get install lsof #for Debian, Ubuntu and Mint
$ sudo yum install lsof #for RHEL/CentOS/Fedora and Rocky Linux
$ sudo emerge -a sys-apps/lsof #for Gentoo Linux
$ sudo pacman -S lsof #for Arch Linux
$ sudo zypper install lsof #for OpenSUSE To find the process/service listening on a particular port run below command:
[root@unixcop ~]# lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 12289 root 4u IPv6 70310 0t0 TCP *:http (LISTEN)
httpd 24040 apache 4u IPv6 70310 0t0 TCP *:http (LISTEN)
httpd 24041 apache 4u IPv6 70310 0t0 TCP *:http (LISTEN)
httpd 24042 apache 4u IPv6 70310 0t0 TCP *:http (LISTEN)
[root@unixcop ~]#2. Using netstat Command
So netstat command refers to (network statistics) used to show information including network connections, routing tables and interface stats.
To install netstat:
$ sudo apt-get install net-tools #for Debian/Ubuntu & Mint
$ sudo dnf install net-tools #for CentOS/RHEL/Fedora and Rocky Linux
$ pacman -S netstat-nat #for Arch Linux
$ emerge sys-apps/net-tools #for Gentoo
$ sudo dnf install net-tools #for Fedora
$ sudo zypper install net-tools #for openSUSEYou can use it with the grep command to find the process or service listening on a particular port in Linux as with below command:
$ netstat -ultnp | grep -w ':80' 
In the above command, the flags.
l– tells netstat to only show listening sockets.p– enables showing of the process ID and the process name.n– instructs it to show numerical addresses.t– tells it to display tcp connections.grep -w– shows matching of exact string (:80).
3. Using fuser Command
fuser command shows the PIDs of processes using the specified files or file systems .
You can install it with:
$ sudo apt-get install psmisc #for Debian, Ubuntu and Mint
$ sudo yum install psmisc #for RHEL/CentOS/Fedora and Rocky Linux
$ sudo emerge -a sys-apps/psmisc #for Gentoo Linux
$ sudo pacman -S psmisc #for Arch Linux
$ sudo zypper install psmisc #for OpenSUSE
You can find the process/service listening on a particular port with running the command:
[root@unixcop ~]# fuser 80/tcp
80/tcp: 12289 24040 24041 24042
[root@unixcop ~]#To find the process name using PID number with the ps command :
$ ps -p 2053 -o comm=
$ ps -p 2381 -o comm=[root@unixcop ~]# fuser 80/tcp
80/tcp: 12289 24040 24041 24042
[root@unixcop ~]# ps -p 12289 -o comm=
httpd
[root@unixcop ~]# ps -p 24040 -o comm=
httpd
[root@unixcop ~]Conclusion
In this guide you know the best ways for finding the process/service listening on a particular port in Linux.
