« Back to Networking: Frequently Asked Questions

How to see which process is using a port

The ss command can solve the question what process is keeping a port in use.

To find services that are listening, we use the --listening option. For TCP that means the LISTEN state, UNCONN for UDP.

Additionally, we specify the option --processes to show the process information and --numeric to avoid resolving hostnames or service names. This way we see port numbers instead of their names.

ss --listening --numeric --processes sport :443
Netid    State     Recv-Q     Send-Q         Local Address:Port         Peer Address:Port    Process                                                                                      
tcp      LISTEN    0          511                  0.0.0.0:443               0.0.0.0:*        users:(("nginx",pid=344368,fd=19),("nginx",pid=344367,fd=19),("nginx",pid=344264,fd=19))    
tcp      LISTEN    0          511                  0.0.0.0:443               0.0.0.0:*        users:(("nginx",pid=344368,fd=13),("nginx",pid=344367,fd=13),("nginx",pid=344264,fd=13))    
tcp      LISTEN    0          511                     [::]:443                  [::]:*        users:(("nginx",pid=344368,fd=14),("nginx",pid=344367,fd=14),("nginx",pid=344264,fd=14))    
tcp      LISTEN    0          511                     [::]:443                  [::]:*        users:(("nginx",pid=344368,fd=20),("nginx",pid=344367,fd=20),("nginx",pid=344264,fd=20))

In this example it is nginx that is using port 443 to listen for incoming connections. Not really surprising for web server software to serve HTTPS on port 443.

The shortened version:

ss -lnp sport :443

Learn more about ss

This article uses the ss command to achieve its tasks. For this popular tool there is a cheat sheet available!

» Mastering the tool: ss

ss cheat sheet

Other questions related to Networking

Feedback

Is the described answer not working or incorrect, got another tip or question? Share your thoughts!