Thursday, May 7, 2009

Windows How do I tell if a TCP network port is open or not? 

So how do I tell if a TCP or UDP network port is open or not under UNIX or Linux oses?
Sure iptables can be used to block or open port or to apply packet filtering.
However any program can open a network port. For example if use has access to gcc / cc compiler she can open a port.

So it is necessary to list open TCP or UDP ports.

List open TCP port with netstat

Use netstat command to list open tcp port
Code:

[root]# netstat -tulpn

Output:
Code:

tcp        0      0 0.0.0.0:22               0.0.0.0:*                   LISTEN      11960/sshd
tcp        0      0 127.0.0.1:3306           0.0.0.0:*                   LISTEN      3992/mysqld
tcp        0      0 64.19.12.xx:80           0.0.0.0:*                   LISTEN      9474/lighttpd
tcp        0      0 64.19.12.xx:80           0.0.0.0:*                   LISTEN      9474/lighttpd
tcp        0      0 127.0.0.1:25             0.0.0.0:*                   LISTEN      1859/master
tcp        0      0 64.19.12.xx:443          0.0.0.0:*                   LISTEN      9474/lighttpd
netstat also works under Windows XP or 2000 server

Using telnet 
You can also use telnet to find out if port is open or not
Code:

telnet server-ip port-no
telnet localhost 80
telnet 192.168.1.111 25

telnet also works under Windows XP or 2000 server/UNIX oses

Using nmap
Nmap is a free security scanner which is used to evaluate the security of computers, and to discover services or open/close port numbers
Code:

nmap server-ip

Code:

[root]# nmap localhost

Sample output from my computer:
Code:

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-10-10 03:52 MST
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1656 ports scanned but not shown below are in state: closed)
PORT    STATE SERVICE
21/tcp  open  ftp
22/tcp  open  ssh
53/tcp  open  domain
80/tcp  open  http
139/tcp open  netbios-ssn
445/tcp open  microsoft-ds
902/tcp open  iss-realsecure-sensor

Nmap finished: 1 IP address (1 host up) scanned in 0.449 seconds

Nmap works under Windows and UNIX oses
Checking to see if a port is open, blocked, dropped, or filtered at the iptables or windows firewall is not simple. But with above three tools you can get list of open port quickly for both Windows and UNIX servers.

Have fun
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)