For a Linux instance, follow these steps to verify the security group rule:
Connect to a Linux instance by using a password.
Then, run the following command:
sudo netstat -plunt
To check whether TCP 80 (replace “80” with any port) is being listened to.
sudo netstat -an | grep 80
You can also use nmap which probably is the most commonly used network mapper in the infosec world.
Nmap can be used to:
- create a complete computer network map.
- find remote IP addresses of any hosts.
- get the OS system and software details.
- detect open ports on local and remote systems.
- audit server security standards.
- find vulnerabilities on remote and local hosts.
You should run nmap ONLY on servers that you own or in situations where you’ve notified the owners.
The reason is that why you as a network administrator might be using nmap to look for possible vulnerabilities to help prevent such attacks, your action can be interpreted as “malicious cracking attempts” and most security tools and cloud providers frowns on this.
CentOS
sudo yum install nmap
To install nmap on Red Hat Enterprise Linux 8 execute the following dnf command:
sudo dnf install nmap
To install nmap on an Ubuntu or Debian machine by entering:
sudo apt-get update
sudo apt-get install nmap
Use the –version option to check the installed nmap version and correctness of the actual nmap installation. For example:
nmap -version
Basic Nmap Scan against IP or host
nmap 1.1.1.1
Now, if you want to scan a hostname, simply replace the IP for the host, as you see below:
nmap cloudflare.com
These kinds of basic scans are perfect for your first steps when starting with Nmap.
Scan specific ports or scan entire port ranges on a local or remote server
nmap -p 1-65535 localhost
In this example, we scanned all 65535 ports for the localhost.
