Open Ports Quick Check

A quick sanity check of what the server is actually listening on.

List listening ports

ss -tulnp

If ss is not available:

netstat -tulnp

What to look for

• services you expect (ssh, mail, web)
• services you do not recognise
• services bound to 0.0.0.0 (all interfaces) that should be internal only

Firewall view

On CentOS 7, you may be using firewalld or iptables.

Check firewalld (if present):

firewall-cmd --list-all

Check iptables (if used):

iptables -S

Useful habit

When the server is “known good”, save the output of:

• ss -tulnp
• firewall rules

That makes spotting later changes much easier.