Alternative for netstat: ss tool
Alternative for netstat
System administrators and security professionals searching for listening ports on a server, are definitely familiar with the netstat command. However, newer distributions do not have the tool default installed anymore. Time to start using ss besides our beloved netstat command.
Socket statistics, or ss for short, is an easy replacement command for netstat. One way to use it, is with parameters ss -aut
- -a: show listening and non-listening sockets
- -u: show UDP
- -t: show TCP
[root@archlinux ~]# ss -aut Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 *:bootpc *:* tcp LISTEN 0 128 *:ssh *:* tcp ESTAB 0 0 192.168.1.251:ssh 192.168.1.220:hnmp tcp LISTEN 0 128 :::19531 :::* tcp LISTEN 0 128 :::ssh :::*
This way it will show similar information to what netstat shows. When using it for very specific requests, you should refer to the man page, as it has some nice options. One of them is showing specific TCP connection state information
People who like to audit their system and investigate what ports are opened, can use this command as an alternative to systems without netstat. Right now most systems will have one of the tools available.
Not many people like change. But if you like it or not, ss will be there when netstat is not. Besides that, ss has a few benefits like showing interesting new information.