Academy, Linux Fundamentals. How many services are listening on the target system on all interfaces

Can someone give me a clue for this one please ?

I’ve tried the following commands none have given me the correct answer;

netstat -tunleep4 | grep -v “127.0.0”

ss -l -4 | grep -v “127.0.0” | grep “LISTEN” | wc -l

@Su8Z3r0 said:

Can someone give me a clue for this one please ?

I’ve tried the following commands none have given me the correct answer;

netstat -tunleep4 | grep -v “127.0.0”

ss -l -4 | grep -v “127.0.0” | grep “LISTEN” | wc -l

So, I’d suggest thinking through what you are trying to do.

When you run netstat, you want everything that is listening, why are you excluding references to localhost?

Also I’d double-check the switches you are using with netstat. I find -ano is quite a useful one for general use.

Lastly, make sure you are running this on the target system, not your system.

did u get answer ?

I’m wondering about this as well, because every combination I am trying, the answer is still wrong with the output. I’ve tried netstat -luntp | grep “LISTEN” | wc -l , nmap localhost -p 1-65535 | wc -l, ss -l -4 | grep “LISTEN” | wc -l, but all the output that is returned is still apparently the wrong answer.

ss -l -4 | grep -v “127.0.0” | grep “LISTEN” | wc -l

ss -l -4 | grep -v “127.0.0” | grep “LISTEN” | wc -l

i’m not sure why but it didn’t look like it let me post the “slashes”

grep -v “127slash.0slash.0”

I find the Question to be a bit misleading given it mentions (Not on localhost and IPv4 only)
to get the correct answer you have to exclude grep -v “127.0.0”

ah! what was confusing me was the statement “Not on localhost and IPv4 only”. I was interpreting this as "Not only limited to localhost and IPv4 " so i was thinking… -not only limited to localhost (as in include EVERYTHING - including localhost) -not only limited to IPv4 (as in include IPv4 and IPv6) I was sort of trying to get to opposite to the required answer. At least got the LISTENING part correct :smile:

2 Likes

If anyone has any issues try this, as you want what is listening on ipv4 only (0.0.0.0) which forces the daemon to listen on ipv4 only.
netstat -luntp | grep “0.0.0.0” | grep -v “127.0.0” | grep “LISTEN” | wc -l

try out this command it’ll work
$ netstat -ln4 | grep LISTEN | grep -v 127 | wc -l

1 Like

$ netstat -ln4 | grep LISTEN | grep -v 127 | wc -l

for other confused learners like me:

netstat -ln4 - services that are listening, with numeric addresses, and using the ipv4 protocol as opposed to ipv6 or unspecified
grep LISTEN - find results containing the word “LISTEN”
grep -v 127 - exclude any results that contain the number “127”
wc -l - count the number of lines

This 2 methods work:

  1. netstat -l4 | grep “LISTEN” | grep -v “localhost” | wc -l

you could also use a far less simple command → netstat -l | grep “tcp” | grep -v “tcp6” | grep -v “localhost” | wc -l

  1. ss -l4 | grep “LISTEN” | grep -v “127.0.0.*” | wc -l

I am not sure why <grep “LISTEN”> is needed since the filter -l should return listening only. If not used, then UDP services will list as well. Any clues why?

This was exactly the logic i made. Thank you for clarifying.

systemctl |grep listening| wc -l