Introduction

Ports are used by services running on a server to communicate over the network. For example, web servers usually listen on ports 80 and 443, mail services use ports like 25, 110, 143, 993, and 995, and control panels such as cPanel/WHM use ports like 2082, 2083, 2086, and 2087.

To check whether ports are open, closed, or filtered on a server, we can use the nmap command. nmap is a powerful network scanning tool used to identify active services, open ports, and service versions running on a server.

Prerequisites

Before checking open or closed ports, ensure the following:

  1. Root or sudo access
    You should have root or sudo privileges on the system from where you are running the scan.
  2. nmap package installed
    The nmap tool must be installed on the server or local machine.
  3. Server IP address
    You should know the IP address of the server that needs to be scanned.
  4. Network connectivity
    Ensure the scanning machine can reach the target server.
  5. Firewall permission
    Make sure the firewall or security group allows scanning, otherwise some ports may show as filtered.
  6. Authorization
    Scan only servers that you own or have permission to test.

Steps

Step 1: Install nmap

For AlmaLinux, CentOS, or RHEL-based servers:

yum install nmap -y

For Ubuntu or Debian-based servers:

apt install nmap -y

Step 2: Check the server IP address

If you want to scan a remote server, note down the server IP address.

Example:

SERVER_IP_ADDRESS

Replace SERVER_IP_ADDRESS with the actual IP address of the server.

Step 3: Run the port scan command

Use the following command to scan all TCP ports and detect service versions:

nmap -Pn -T4 -sV -p- SERVER_IP_ADDRESS

Example:

nmap -Pn -T4 -sV -p- 192.168.1.10

Command Explanation

-Pn  : Treat the host as online and skip host discovery
-T4  : Use faster scan timing
-sV  : Detect service/version information
-p-  : Scan all ports from 1 to 65535

Step 4: Review the scan output

Example output:

PORT     STATE    SERVICE     VERSION
53/tcp   open     domain
110/tcp  open     pop3        Dovecot pop3d
143/tcp  open     imap        Dovecot imapd
993/tcp  open     ssl/imap    Dovecot imapd
995/tcp  open     ssl/pop3    Dovecot pop3d
2082/tcp open     unknown
2083/tcp open     ssl/unknown
2086/tcp open     unknown
2087/tcp open     ssl/unknown
8080/tcp open     http        Apache Tomcat

Step 5: Understand the port states

open     : The port is open and a service is listening on it.
closed   : The port is reachable but no service is listening.
filtered : The port is blocked by firewall or security rules.

Step 6: Check listening ports locally on the server

If you are logged in to the server and want to check which services are listening locally, use:

ss -tulnp

Alternative command:

netstat -tulnp

Conclusion

Using nmap, we can easily check which ports are open, closed, or filtered on a server. This helps server administrators verify running services, troubleshoot connectivity issues, and improve server security by identifying unnecessary open ports.

It is recommended to keep only the required ports open and close or firewall all unused ports to reduce security risks.

Leave a Reply