How to Watch TCP and UDP Ports in Real-time

In software terms, especially at the operating system level, a port is a logical construct that identifies a specific process/application or a type of network service and each network service running on a Linux system uses a particular protocol (the most common being the TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)) and a port number for communicating with other processes or services.

In this short article, we will show you how to list and monitor or watch running TCP and UDP ports in real-time with a socket summary on a Linux system.

List All Open Ports in Linux

To list all open ports on a Linux system, you can use the netstat command or ss utility as follows.

It is also crucial to mention that netstat command has been deprecated and instead ss command has taken its place in showing more detailed network statistics.

$ sudo netstat -tulpn
OR
$ sudo ss -tulpn
List Open Ports in Linux

List Open Ports in Linux

From the output of the above command, the State column shows whether a port is in a listening state (LISTEN) or not.

In the above command, the flag:

  • -t – enables listing of TCP ports.
  • -u – enables listing of UDP ports.
  • -l – prints only listening sockets.
  • -n – shows the port number.
  • -p – show process/program name.

Watch TCP and UDP Open Ports in Real-Time

However, to watch TCP and UDP ports in real-time, you can run the netstat or ss tool with the watch utility as shown.

$ sudo watch netstat -tulpn
OR
$ sudo watch ss -tulpn
Watch Open Ports in Real Time in Linux

Watch Open Ports in Real Time in Linux

To exit, press Ctrl+C.

You will also find the following articles useful:

  1. 3 Ways to Find Out Which Process Listening on a Particular Port
  2. How to Check Remote Ports are Reachable Using ‘nc’ Command
  3. How to List All Running Services Under Systemd in Linux
  4. 29 Practical Examples of Nmap Commands for Linux System/Network Administrators

That’s all for now! If you have any questions or thoughts to share about this topic, reach us via the comment section below.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

7 Responses

  1. Kacper Perschke says:

    Thanks a lot!

  2. Satish says:

    It’s a really good tutorial…

  3. Douglas C Bodden says:

    I’d recommend tcpdump with no filter for “real-time” information.

  4. Xitong Li says:

    A very good article to monitor running ports in real-time in Linux.

  5. Richard says:

    The title of this article is misleading. the watch command is batch based on a timer event triggering you can specify the granularity but it’s clearly not real-time.

  6. dragonmouth says:

    What is the practical use of watching one’s open ports? Other than dubious entertainment.

  7. Joe says:

    Finally – a useful article linked to Google News.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.