netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. Use man netstat for more details.
To list the TCP ports that are being LISTENED ON, and the name of each listener’s daemon and its PID, run the following command:
netstat -plnt
To check specific server port to see if it's listening, you can just grep port or service name:
root@cloud100.com# netstat -plnt | grep httpd
tcp 0 0 :::80 :::* LISTEN 110272/httpd
tcp 0 0 :::443 :::* LISTEN 110272/httpd
tcp - connection type.
80 - port
Listen - status
110272 - PID [Process ID]
ss - another utility to investigate sockets. Use man ss for more details.
ss -s
Total: 1320 (kernel 2139)
TCP: 3714 (estab 845, closed 2803, orphaned 11, synrecv 0, timewait 2796/0), ports 0
Transport Total IP IPv6
* 2139 - -
RAW 0 0 0
UDP 25 21 4
TCP 911 883 28
INET 936 904 32
FRAG 0 0 0
The command will provide complete statistics.
ping <host> —- sends an ICMP echo message (one packet) to a host. This may go continually until you hit Control-C. Ping means a packet was sent from your machine via ICMP, and echoed at the IP level. ping tells you if the other Host is Up.
telnet host <port> —- talk to “hosts” at the given port number. By default, the telnet port is port 23. Few other famous ports are:
7 – echo port,
25 – SMTP, use to send mail
79 – Finger, provides information on other users of the network
Use control-] to get out of telnet.
Arp is used to translate IP addresses into Ethernet addresses. Root can add and delete arp entries. Deleting them can be useful if an arp entry is malformed or just wrong. Arp entries explicitly added by root are permanent — they can also be by proxy. The arp table is stored in the kernel and manipulated dynamically. Arp entries are cached and will time out and are deleted normally in 20 minutes.
arp –a : Prints the arp table
arp –s <ip_address> <mac_address> [pub] to add an entry in the table
arp –a –d to delete all the entries in the ARP table
traceroute —- Useful for tracing the route of IP packets. The packet causes messages to be sent back from all gateways in between the source and destination by increasing the number of hopes by 1 each time.
Important file locations:
/etc/hosts —- names to ip addresses
/etc/networks —- network names to ip addresses
/etc/protocols —– protocol names to protocol numbers
/etc/services —- tcp/udp service names to port numbers
