Open Ports Nagios Check

A machine should run a defined set of ports, if any of them are not listening you’ve got a problem. If any others are open then you’ve potentially got an even bigger problem. The Check Open Ports Nagios Check accepts a list of IPv4 TCP and UDP ports and reports if any of the expected ones go away or any others are detected as listening.

This also partially scratches one of my own itches, I’ve had a couple of daemons (MySQL in particular) start after a package upgrade without my knowing it. With this script and a little cron it won’t happen again. It’s probably worth mentioning that while this script is built to run within Nagios it will work stand-alone.

Note: this script is more for detecting misconfigurations than for security. Most root kits mask the ports they’ve opened so they won’t appear through netstat, which this command uses.