$ Linux One Liners
Back to guides

linux troubleshooting guide

Open Ports on Linux: Find What Is Listening

A port problem starts with socket evidence: address, port, protocol, process, and whether it is bound to localhost or a public interface.

Problem

A service will not start because a port is in use, or a site is unavailable and you need to prove whether anything is listening.

First rule

Find the listener before killing a process, opening a firewall rule, or changing service configuration.

Audience

VPS owners, developers, beginner admins, and defensive security students

Cert context

Useful for unofficial networking, services, and security-hygiene practice for Linux exams.

quick start

Safe first commands

  1. sudo ss -tulpn
  2. sudo ss -ltnp 'sport = :80'
  3. sudo ss -tulpn | grep ':80\|:443'

List listening sockets

`ss` shows listening ports and, with privileges, the owning process. This is stronger evidence than guessing from service names.

  1. sudo ss -tulpn

Filter to one port

When a startup error says a port is already in use, filter directly to that port and identify the process before changing anything.

  1. sudo ss -ltnp 'sport = :8080'

Distinguish localhost from public binds

A service bound to `127.0.0.1` is reachable locally but not directly from the network. A service bound to `0.0.0.0` or a public address is exposed more broadly, subject to firewall and routing.

  1. sudo ss -ltnp | grep -E '127.0.0.1|0.0.0.0|:80|:443'

Connect port evidence to logs

If the listener is missing, check service state and logs. If the listener exists but clients fail, move outward to firewall, DNS, TLS, or routing checks.

  1. systemctl status nginx --no-pager
  2. journalctl -u nginx --since '30 minutes ago' --no-pager

triage logic

How to read the result

another process owns the desired port

The new service cannot bind until the conflict is resolved.

Next: Identify whether the existing listener is expected before stopping or reconfiguring it.

the service is active but no port is listening

The service may be misconfigured, crashed after start, or listening on a different address.

Next: Read service status and recent logs.

the port listens only on localhost

Local checks may pass while remote users cannot connect directly.

Next: Confirm intended bind address and reverse proxy design.

safety notes

Slow down here

  • Do not kill a process only because it owns a port; identify what it is serving first.
  • Opening firewall access is a security change, not just a connectivity fix.
  • Capture listener output before changing service configuration.

Independent study support

These guides are cert-adjacent practice material, not official training, endorsement, exam dumps, or real exam questions.

related lessons

Command cards

Practice drills