How to Check If a Port Is Open on Mac
Two different questions hide behind "is this port open": is something listening locally, or can I reach a port on another host? Here's how to test both on Mac with lsof, nc, and nmap.
“Is the port open?” is really two questions, and they need different tools. Either you’re asking is something listening on this port on my own Mac, or can I reach this port on another machine over the network. Mixing them up is why people get confusing answers. Here’s how to check each.
Question 1: Is a port open (listening) on my own Mac?
You want to know whether a local service has claimed a port. Use lsof:
lsof -i :3000 -n -P
- Output appears → the port is open; something is listening. You’ll see the process and PID.
- Nothing appears → the port is closed; nothing local is listening there.
COMMAND PID USER ... NODE NAME
node 1421 aaron ... TCP *:3000 (LISTEN)
To list every open port at once instead of checking one, see how to list open ports on Mac.
Question 2: Can I reach a port on another host?
Now you’re testing reachability across the network, “is port 5432 open on the database server?” This isn’t about your own machine; it’s about whether a remote port accepts connections. The built-in tool is nc (netcat), which ships with macOS:
nc -zv example.com 443
-z: scan only, don’t send data (just check if it connects)-v: verbose, so you see the result
Results read plainly:
Connection to example.com port 443 [tcp/https] succeeded!
A success means the port is open and reachable. A timeout or “Connection refused” means it’s closed, filtered by a firewall, or nothing is listening on the other end.
Check a specific local service the same way, which also confirms it’s actually accepting connections, not just bound:
nc -zv 127.0.0.1 3000
Testing a UDP port
UDP is harder to test because UDP doesn’t acknowledge connections, there’s no handshake to confirm. nc can try, but “no response” is ambiguous (open and silent looks the same as closed):
nc -zvu 8.8.8.8 53
For UDP, the only reliable confirmation is getting an actual application-level reply (e.g. a real DNS answer on port 53).
Scanning a range of ports
To check many ports on a host at once, nmap is the right tool (install with brew install nmap):
# Scan the common 1000 ports on a host
nmap example.com
# Scan a specific range
nmap -p 3000-3010 127.0.0.1
nmap probes from the outside, so it answers the “reachability” question, not the “what’s listening locally” one. For simply auditing your own Mac, lsof is faster and more accurate.
Which tool for which question
| You want to know | Tool | Command |
|---|---|---|
| Is a local port listening? | lsof | lsof -i :PORT -n -P |
| Can I reach a remote port? | nc | nc -zv HOST PORT |
| Scan many ports on a host | nmap | nmap -p 1-1000 HOST |
“Open” can also mean “exposed”
One more nuance worth knowing: a port listening on 127.0.0.1 is open to your Mac only, while one listening on 0.0.0.0 is open to the whole network. The lsof output shows which: 127.0.0.1:3000 is private, *:3000 is exposed. If you’re checking a port for security reasons, that distinction is the one that matters, see what is localhost for the full explanation.
Check any port, local or remote, in one place
Portie answers both questions in one app. It shows every open port on your Mac live, with the owning process and whether each is bound to localhost or exposed to the network. The $8.99 one-time unlock adds a remote port scanner, so you can check whether a port is open on any other host or IP without touching nc or nmap.
Local monitoring is free. Download Portie and stop juggling three different commands to answer one question.