Checking ports on the local network. How to determine open ports

Using standard Windows tools, you can check whether the port that the program uses to operate is closed.
In order to check open/closed Windows ports, you must use the command line. To launch it, press the key combination “Windows + R”. After these steps, a window will open. You need to enter “cmd” in it. After that, press the “Enter” key.

A black window will appear on the screen, which experts call the Windows command line. Now you can run the utility itself, which will allow you to view the list of closed ports. Enter "netstat" into the command.

After entering, press the "Enter" key. The Command Prompt window will display information about all open ports on your computer. It will appear after the domain name of your personal computer and is separated from it by a colon. Please note that everything ports, which are not listed in this list are private. And if the port that your application uses is on this list, then it will need to be closed so that the application can function normally.

note

If the information provided is not enough for you, you can explore all the capabilities of the “netstat” utility by running it with the –h switch. This means entering the command “netstat -h” at the command prompt. Then in the window that appears you will see help for the "netstat" program.

Helpful advice

There is also a utility called "Windows Worms Doors Cleaner", which can not only show open and closed TCP/UDP ports, but also close the open port itself. Thus, you can further protect your computer from various threats on the Internet, as well as numerous viruses. The "NetStat Agent 2.0" program can replace the built-in "netstat".

Sources:

NetStat Agent 2.0

Sometimes a user who wants to control his system as completely as possible needs to clarify which s connections are currently open from his computer. This operation takes no more than a few seconds.

Instructions

First of all, you can use netstat from the standard Windows XP set. To execute it, log into Windows and type “netstat 5” (without quotes). After executing the command, you will see an update every 5 seconds (you can specify any) containing information about open connections, programs using them and ports.

Sources:

what port do I have open?

There are many programs running on the computer at the same time. If program uses an Internet connection and is allocated a specific port. Sometimes the user needs to control which port is used by one or another program.

Instructions

The need to determine which ones are used program(or what program uses ports), usually occurs when a computer is suspected of being infected with a Trojan program. If you notice something suspicious, open the command line: “Start” – “All Programs” – “Accessories” – “Command Prompt”.

Type tasklist in the command line and press Enter. You will receive data about all processes running in the system. Pay attention to the PID - process identifier. It will help determine which program uses one port or another.

Type netstat –aon at the command prompt and press Enter. You will see a list of current connections. In the “Local Address” column, the port number is indicated at the end of each line. The PID column contains process identifiers. After looking at the port number and its corresponding PID, go to the list of processes and use the ID number to determine which process is using this port.

If you cannot figure out which program it belongs to by the name of the process, use one of the programs that are suitable for this case. For example, the Everest program, also known as Aida64. Launch the program, open the “Operating System” tab, select “Processes”. In the list of processes, find the one you need and look at its launch line. This will help determine which program the process belongs to.

Use the AnVir Task Manager program for the same purpose. It allows you to monitor all suspicious processes, including processes of programs connecting to the Internet. All suspicious processes are highlighted in red in the program list.

If you see that the port is being used by a program unknown to you, then if there is a current connection in the “External address” column (command netstat –aon) you will see the IP address of the computer with which the connection is established. The “Status” column will contain the value ESTABLISHED – if the connection is currently present; CLOSE_WAIT if the connection is closed; LISTENING if program waiting for connection. The latter is typical for backdoors - one of the types of Trojan programs.

Sources:

what ports does skype use

A firewall, also known as a firewall and firewall, is designed to control incoming and outgoing Internet traffic. The security of your network depends on how correctly the firewall is configured.

Instructions

The Windows operating system has a built-in firewall, but its capabilities are very limited, so it is better to use a third-party program. One of the best programs of this type is Outpost Firewall.

Before starting setup, open the main program window. Select “Options” - “System”, then find the “Global rules and rawsocket access” section at the bottom of the tab and click the “Rules” button in it.

In the window that opens, click the “Add” button. In the “Select an event for the rule” field, check the boxes “Where is the protocol”, “Where is the direction” and “Where is the local port”. Below, in the “Rule Description” field, select “Undefined” with the mouse in the “Where is the protocol” line and select the TCP protocol in the window that opens.

In the “Rule Description” field, click “Undefined” in the “Where is the direction” line, select “Incoming (from a remote computer to your computer)” in the connection type. In the same field, click “Undefined” in the “Where is the local port” line and enter the number of the port that needs to be closed.

In the “Select actions for the rule” field, check the “Block this data” checkbox. Click "OK" - the selected port is closed for incoming connections. You can also close it for outgoing ones by selecting “Outgoing (from your computer to a remote computer)” instead of an incoming connection in the settings described just above.

If you are using a regular firewall Windows, check the list of exceptions: “Start” - “Control Panel” - “Windows Firewall” - “Exceptions”. Uncheck "Remote" if you do not use it. You can disable exceptions altogether by checking the checkbox on the “General” tab in the “Do not allow exceptions” line.

The firewall in Windows 7 has more capabilities than in Windows XP; it can be used to control both individual ports and specified ranges. Create a rule for outgoing connections, when starting the rule creation wizard, select “All programs”. Click “Next”, in the window that opens, select “Block connections”. Click “Next” again, select a profile and specify a rule name. Then in the rule properties specify ports, which the firewall should block. The rule for incoming connections is created in the same way.

Internet applications send data through special ports. A network port is a dedicated system resource that runs on a specific network host. If the port is closed, the program will not be able to access the network, and therefore will not be able to perform its functions correctly.

Good afternoon, dear readers and guests of the blog, I am glad to welcome you again to the section about security, last time we learned how to remove a screenup virus, today the topic will be more interesting, namely how check open ports on Windows or Linux. I will describe my situation, I have a project, the customer provided 20 virtual machines, within which my organization must deploy a service there, some virtual machines are located on different networks and while the programmers have not had time to deploy everything on them, I need to use a special utility to listen to the port on one server and check that it responds on another, so to speak, network communication. Let's do this.

We install a service responding to the required port

As I wrote above, while the services are not deployed, no one is listening to the ports, but we need to check so that we don’t have to deal with this later. We need to use a special utility to emulate listening to the port (socket) we need. Those of you who know an operating system like Centos 7, they remember that it had an excellent utility called netcat. It allowed using certain commands to listen to the port required by the administrator.

netcat- a Unix utility that allows you to establish TCP and UDP connections, receive data from there and transmit it. On Windows platforms, it is also present.

We unpack the archive on the server where the service will run in the future. In the folder you will need the files nc.exe and nc64.exe. Next, hold down Shift and right-click on the folder, from the context menu select "Open command window"

Now let’s imagine that I want port 80 to work on the server, like an IIS server. Open netcat, first look at the help:

-d detach from console, background mode
-e prog inbound program to exec
-g gateway source-routing hop point[s], up to 8
-G num source-routing pointer: 4, 8, 12, ...
-h this craft
-i secs delay interval for lines sent, ports scanned
-l - listen for incoming connections
-L listen harder, re-listen on socket close
-n numeric-only IP addresses, no DNS
-o file hex dump of traffic
-p - which connection will be listened to
-r randomize local and remote ports
-s - set local destination address
-t answer TELNET negotiation
-c send CRLF instead of just LF
-u - UDP mode
-v verbose
-w secs timeout for connects and final net reads
-z zero-I/O mode

We are interested in a command like this:

netcat-win32-1.12>nc.exe -l -p 80

As a result, a virtual socket is raised on the server that listens to connection 80, simulating a web server.

How to check if a port is open on a server

Now let's move to another server and try to check open ports on the remote server. To solve our problem, we will use the telnet utility; see how to install it. Open the command line and enter the following line:

telnet 10.242.17.134 80

As you can see, I indicated the IP address I needed and the required port number

By the way, you can check the open ports on the computer where the service is located with the command:

telnet localhost number 80

If the IP address does not respond to your request, then you will see an attempt to connect, after which you will be shown that this could not be done.

If the connection is successful, then you will see a black screen, either without text, or with some kind of welcome message that some service has responded to you.

Through external utilities

You can also check whether the port is open using external utilities; the main requirement here is that you have a white IP with Internet access. Let’s imagine the same situation: you need to test the 80 connection on which the company’s website will be located. You deployed it, but for some reason it doesn’t work. Not long ago, I told you about the ping.eu () service. One of the items in this toolkit was port check (checking open ports). In the “ip address or host name” field you write the ip address or dns name of the service, which requires verification, and in the adjacent field, the required socket number, in my case 80, click “Go”. In a second, you will get the result whether ports 80 or 443 are open on the site or not. In my case the status is "open".

Mass checking of open ports on the network and locally

There are special utilities whose task is to scan a computer or server for available ports through which there is a connection; they are called port scanners. There are a lot of such programs, I will give an example in the form of XSpider 7.7. How to check if a port is open in the XSpider 7.7 utility. Right-click on “scanned hosts” and add a host or range of IP addresses.

You specify what exactly will be checked.

Click the start icon and start the procedure.

You may see a warning that your actions may be recognized as a DDoS attack and many firewalls on the network may simply ban you, so be careful.

Sources: Wikipedia, Microsoft, portscan.ru

How can I find out which ports are open on my computer?

For Windows: Start → “cmd” → Run as administrator → “netstat -bn”
In an antivirus program such as Avast, it is possible to view active ports in the Firewall: tools -> Firewall -> Network connections.

Also useful netstat commands:

To display both the Ethernet statistics and the statistics for all protocols, type the following command:

netstat -e -s

To display the statistics for only the TCP and UDP protocols, type the following command:

netstat -s -p tcp udp

To display active TCP connections and the process IDs every 5 seconds, type the following command:

nbtstat -o 5

To display active TCP connections and the process IDs using numerical form, type the following command:

nbtstat -n -o

The following status values are valid for TCP sockets:

CLOSED	Closed The socket is not in use.
LISTEN (LISTENING)	Waits for incoming connections.
SYN_SENT	Actively trying to establish a connection.
SYN_RECEIVED	The initial connection synchronization is in progress.
ESTABLISHED	The connection is established.
CLOSE_WAIT	The remote party has disconnected; waiting for the socket to close.
FIN_WAIT_1	The socket is closed; disconnecting the connection.
CLOSING	The socket is closed, then the remote side disconnects; Waiting for confirmation.
LAST_ACK	The remote side disconnected, then the socket is closed; Waiting for confirmation.
FIN_WAIT_2	The socket is closed; waiting for the remote side to disconnect.
TIME_WAIT	The socket is closed, but is waiting for packets still on the network to be processed

List of most commonly used ports

The (listening, for connections) port is used to provide connections between multiple programs. Some ports are occupied by system services and therefore cannot be used by other services.

Port 80 is for the HTTP protocol to connect to the Internet, and the POP3 mail protocol uses port 110. If 80 is closed, it is therefore impossible to transmit data over the Internet. Therefore, sending and receiving mail is prohibited with port 100 closed.

System programs are assigned ports numbered from 0 to 1023. User programs use numbers from 1024 to 49151 to connect. Ports from 49152 to 65535 are called dynamic and are used for temporary client-server connections.

Ports are in the following states:

ready to receive packages;
the port is blocked by a firewall, the state cannot be determined;
locked and not associated with applications, can be opened;
the condition cannot be determined.

Method 1: Online services

This is a very simple way to check if a port is open on the computer you are using.

By default, you are prompted to select frequently used ports and check them. This:

25565 for the game "Minecraft";
8621 commonly used by Ace Stream for TV broadcasts;
80 for HTTP protocol;
7777;
27016;
8080 to connect to the server.

How to check if a port is open on a computer? All you need to do is select the one you are interested in and wait for a response. In addition, you can:

check your IP;
get detailed information about the site;
find out the connection speed;
find out site traffic;
check the existence of the email.

Method 2: CurrPorts

You can check if the port is open using third-party software CurrPorts.

Intended for network monitoring, displays a list of all currently open ports on the local computer. As a result, the following information is displayed:

port number;
process name;
full process path;
version;
file description;
time of creation;
the name of the user who created it.

In addition, using the program you can close unwanted TCP connections, terminate processes on specified ports, and copy information about ports to a file. The software is designed for Windows, starting from version XP.

Method 3: netstat

One quick way to check whether a port is open on a computer or server is from the command line using the netstat utility.

Allows you to monitor incoming and outgoing network connections and view the routing table. Available for unix-like operating systems and Windows OS.

Using some parameters, you can filter the information displayed on the screen.

The routing table is displayed using netstat -r (the -r or --route parameters are added to the command name).
The interface table is output in the form netstat -i or netstat --interfaces.
To display network statistics you need to add -s.
Verbose output is provided using the -v option.
To display the timer, add the -t parameter;
Continuous input is specified with -c.
To print the address and port numbers in numeric format without names, issue netstat -n.
Displays the connection by protocol, and is specified as "-p protocol_name".

Method 4: telnet

Another effective way to check if a port is open is to use telnet.

As a rule, the utility is available on most systems. To check the availability of addresses use:

Telnet IP_address

It is possible to enable debugging mode and display detailed information during operation. To do this, add the -d parameter, specify the address and port number. For example:

Sudo telnet -d localhost 22

To check if a port is open via IP:

Telnet address_IP port_number

You can test the site, collect requests, and see all the transferred data with the command:

Telnet site_address ru 80 GET /

Thus, the page is returned, the headers that the browser displays.

Method 5: tcping

How to check if a port is open on a computer? You can use the tcping command. It is only available for Windows servers. The utility must be downloaded before use.

Diagnostics of port availability is carried out in the form:

Tcping [-tdsvf46] [-i interval] [-n times] [-w interval] [-b n] [-r times][-j depth] [--tee filename] [-f] destination

Designation of some options:

4 - use of IPv4;
6 - use of IPv6;
n - number of sent pings (default 4);
i - interval between sending pings (default 1);
w - interval between responses (default 2);
d - display the date and time of the request;
f - forced sending of at least 1 byte;
g - stop after a specified number of unsuccessful pings;
v - print version and exit;
--tee _filename_ - duplicating the result into a text file;
--append - if --tee is used, instead of overwriting the contents of the file, the new information is appended to the existing one;
port - port number;
h - use http mode;
u - display the URL on each line;
post - use POST instead of GET in http mode;
head - use HEAD instead of GET;
shortcut call to http mode.

Method 6: nmap

How to check if a port is open on a router?

This is easy to do using the nmap utility. You can set the occupancy of a certain port of an IP address as follows:

Nmap -sP IP_address/port_number

General command syntax:

Nmap [scan types] [options] (specifications)

It is not necessary to set the keys - in this case, all open ports and programs that listen to them will be checked.

To find out the software used:

Nmap -sV site

If you need to scan several sites, they are indicated separated by a space.

You can scan a range of addresses like this:

Nmap -sP x-y

where x is the address from which the range begins, y is where it ends.

The utility has a Zenap graphical shell. In addition to the fact that it performs all the functions of nmap, it can build a network map.

Now we will deal with the question of what open ports are. This issue should be sorted out if Internet traffic begins to “suddenly go away” into the unknown. First of all, you should look at where, what program and what exactly it uses. Based on such information, the situation can be corrected.

Network Applications

There is a situation when an application that uses the network to run does not want to work. If so, it is worth which program uses for its own work. Situations when you need to find out the list of open ports occur quite often.

To view the list, you must use either a third-party or a standard utility for Windows and Linux operating systems: netstat. It is launched from the usual command line. First, call the command line. This can be achieved in two ways. For the first option, go to the Start menu and click on Run.

In the window that appears, enter “cmd”, then press “Enter”. Another method is to launch the required command line “with your own hands”, that is, by going to the “System32” folder, use the “cmd.exe” program.

Netstat

To find out which ones, in the next step we run the “netstat” utility. To do this, enter “netstat” into the command line that you launched earlier, then press “Enter.”

Those users for whom this information is not enough can access the capabilities of this utility by running it with the special switch -h, in other words, try entering “netstat -h” into the command line. If you use the “netstat -b” key, the utility will show open ports, as well as applications that use these ports for their own work.

There is another useful key “netstat 5”. If you use it, you will see not only open ports, but also the ability to stream information updates, new data will be displayed every 5 seconds. To stop the appearance of information with the specified key, you must use the keyboard shortcut “Ctrl+C”.

Studying the information received

The command prompt window will show open ports. It will look like this: directly divided into 4 parts. The left column will display the protocol name, the second - the domain, and after the colon the open port itself, the third part - the external address, the fourth - the state.

Opening ports on Windows

Next we'll look at Windows. Users can perform the operation of opening ports on Windows 7 and Vista by using standard tools of the operating system itself without using special software from third-party developers.

Click the “Start” button to bring up the main menu of the system, go to the “Control Panel” item in order to initiate the procedure for opening ports in the Windows firewall.

Select the “Security” item and go to the “Windows Firewall” section. Select the item called “Advanced options”, which is located on the left side of the application window. After this, enter the administrator password. It must be entered in the appropriate field after the authorization window appears.

Expand the link that talks about allowing the program to run through the Windows Firewall, and select the section about the rules for incoming connections. We indicate the item called “Create a rule”, run the “Add port” function to perform the operation of opening the specified port. Click the “Next” button and enter a name that allows you to associate the specified open port.

For this purpose, the corresponding “Name” field is provided. Enter the number of the selected port in the corresponding “Port” field and click the “Next” button. We indicate the desired one (it can be TCP or UDP) in the next one, which is dedicated to ports and protocols. Apply the checkbox for the “Allow connection” item by moving to the next “Actions” window.

Final stage

Apply the checkboxes for all the fields in the next dialog box called “Profile”, click the “Done” button to apply the selected changes. Click the button called “Change Scope” to select the option for the number of computers that have permission to use the selected port. Specify the required value.

We repeat the above procedures for each of the ports that are to be opened. Reboot the computer to apply the selected changes. It should be remembered that the described algorithm of actions will allow you to open ports only in the firewall of a personal computer, but is not related in any way to the permissions of a specific Internet connection provider.

To solve such problems, you need to contact a representative of your provider company directly. When connecting to the Internet, the system allocates ports to programs that work with the network through which data is received and sent. Ports can be not only open, but also closed.

№	Port	Protocol	Description
1	20	FTP Data	File Transfer Protocol - file transfer protocol. Data port.
2	21	FTP Control	File Transfer Protocol - file transfer protocol. Port for commands.
3	22	SSH	Secure SHell - “safe shell”. Protocol for remote control of the operating system.
4	23	telnet	TERminaL NETwork. Protocol for implementing a text interface over the network.
5	25	SMTP	Simple Mail Transfer Protocol - a simple mail transfer protocol.
6	42	WINS	Windows Internet Name Service. Service for mapping NetBIOS computer names to host IP addresses.
7	43	WHOIS	"Who is". Protocol for obtaining registration data about domain name owners and IP addresses.
8	53	DNS	Domain Name System - domain name system.
9	67	DHCP	Dynamic Host Configuration Protocol - protocol for dynamic host configuration. Obtaining dynamic IPs.
10	69	TFTP	Trivial File Transfer Protocol - a simple file transfer protocol.
11	80	HTTP/Web	HyperText Transfer Protocol - hypertext transfer protocol.
12	110	POP3	Post Office Protocol Version 3 - protocol for receiving email, version 3.
13	115	SFTP	SSH File Transfer Protocol. Secure data transfer protocol.
14	123	NTP	Network Time Protocol. A protocol for synchronizing the computer's internal clock.
15	137	NetBIOS	Network Basic Input/Output System. Protocol for providing network input/output operations. Name service.
16	138	NetBIOS	Network Basic Input/Output System. Protocol for providing network input/output operations. Connection service.
17	139	NetBIOS	Network Basic Input/Output System. Protocol for providing network input/output operations. Session service.
18	143	IMAP	Internet Message Access Protocol. Application layer protocol for accessing email.
19	161	SNMP	Simple Network Management Protocol - a simple network management protocol. Device management.
20	179	BGP	Border Gateway Protocol, border gateway protocol. Dynamic routing protocol.
21	443	HTTPS	HyperText Transfer Protocol Secure) is an HTTP protocol that supports encryption.
22	445	SMB	Server Message Block. A protocol for remote access to files, printers and network resources.
23	514	Syslog	System Log. A protocol for sending and recording messages about ongoing system events.
24	515	LPD	Line Printer Daemon. Protocol for remote printing on a printer.
25	993	IMAP SSL	IMAP protocol supporting SSL encryption.
26	995	POP3 SSL	POP3 protocol supporting SSL encryption.
27	1080	SOCKS	SOCKet Secure. Protocol for obtaining secure anonymous access.
28	1194	OpenVPN	Open implementation of Virtual Private Network (VPN) technology.
29	1433	MSSQL	Microsoft SQL Server is a database management system. Database access port.
30	1702	L2TP (IPsec)	Protocol for supporting virtual private networks. As well as a set of data protection protocols.
31	1723	PPTP	Tunnel protocol for a secure connection with a point-to-point server.
32	3128	Proxy	At the moment, the port is often used by proxy servers.
33	3268	LDAP	Lightweight Directory Access Protocol - lightweight access protocol to directories (directory services).
34	3306	MySQL	Access to MySQL databases.
35	3389	RDP	Remote Desktop Protocol - remote desktop protocol for Windows.
36	5432	PostgreSQL	Access to PostgreSQL databases.
37	5060	SIP	Protocol for establishing a session and transmitting multimedia content.
38	5900	VNC	Virtual Network Computing is a system for remote access to a computer desktop.
39	5938	TeamViewer	TeamViewer is a system for providing remote computer control and data exchange.
40	8080	HTTP/Web	An alternative port for the HTTP protocol. Sometimes used by proxy servers.
41	10000	NDMP	Popular port: Webmin, SIP-voice, VPN IPSec over TCP.
42	20000	DNP