Home Linux Commands How to Find What IP Addresses are Connected to Linux

How to Find What IP Addresses are Connected to Linux

Categories Linux Commands, Linux Security Leave a comment

A server is application software that listens to requests over a network and returns the requested files, data, etc. Linux machines have servers installed for many different protocols: Eg. HTTP Server, SSH Server, FTP Server, etc.

The computers which request data from a server (client machines) using either a web browser for HTTP requests or an SSH or FTP Client and are obviously identified by an IP address.

In this article, we will learn how to find out what IP addresses are connected to your Linux server.

Check What IP’s are Connected to Linux Server

The netstat utility used to be a very commonly used command for checking network traffic, routing tables, etc., and in Linux this command is mostly obsolete now and is replaced by the utility ss (socket statistics), which is by default available in most Linux distributions.

To get the list of IP addresses connected to your Linux server, run the following command.

$ ss -tun state connected
List IP's Connected to Linux Server
List IP’s Connected to Linux Server

The 't' implies TCP connections, 'u' implies UDP connections and the 'n' implies that the command should display IP addresses in a numerical format, without name resolution.

If 'n' is not specified, the command will display the protocol name instead of its port number (read: find and close ports in Linux).

$ ss -tu state connected
List Port Names
List Port Names

The column ‘Peer Address: Port are the fields that contain the IP addresses of connected computers to your Linux servers. Thus we have found that these addresses are connected to my server: 10.0.2.2 connected on the service Bootstrap Protocol, 127.0.0.1 (i.e., localhost) connected on SSH and FTP, and 91.189.88.152 connected on HTTP.

Another interesting column in the output is the last column: State, which obviously, means the state of the connection, whether it is timed out or established, etc. We have added something called a ‘state filter’ with the statement ‘state connected’. This will only show the ports which have IPs connected to them.

The state TIME_WAIT signifies that the server has initiated the closing of the connection; it is just kept around to gather and handle some packets of data that arrive late. Similarly, CLOSE_WAIT signifies that the client has initiated the closing, and the connection will be closed once all data packets are dealt with.

Similarly, ESTABLISHED signifies that the connection is currently established and the client computer can access the public files on the server.

Conclusion

Today we learned about the command ss and how to use it to see which IP Addresses are connected to your Linux server. Which command do you use to check traffic on your server? Do let us know in the comments below!

How to Fix /bin/rm: cannot execute [Argument list too long]

How to Find and Close Open Ports in Linux

Photo of author
Ravi Saive
I am an Experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies. Founder of TecMint.com, LinuxShellTips.com, and Fossmint.com. Over 150+ million people visited my websites.

Each tutorial at UbuntuMint is created by a team of experienced writers so that it meets our high-quality standards.

Was this article helpful? Please add a comment to show your appreciation and support.

RECOMMENDED ARTICLES

Got something to say? Join the discussion.

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published or shared. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.