There are several free port scanner tools available online.
Here is our definitive guide to the 16 best free port scanner tools:
- Paessler Port Monitoring is an excellent tool for monitoring ports on servers. It’s part of a broader infrastructure monitoring solution called PRTG. You get up to 100 free sensors for testing purposes. Download the free 30-day demo.
- ManageEngine Oputils (FREE TRIAL): This paid tool combines an I.P. address manager and a switch port manager but is also available in a free version. Windows Server, Linux, and aws are all supported. It is free for Windows, Linux/BSD Unix, and Mac OS X.A.
- PortChecker. Open the free port scanner tool from the Web Tool Hub website. A free online port scanner to check open ports on your computer.
- Free Port Scanner is a free portable application to check TCP ports and runs on Windows. A free process monitor that allows you to determine open and closed ports.
- Spiceworks I.P. Scanner is a cloud-based console with a local agent that can be installed on Windows (XP/Vista), Mac OS X, Ubuntu, and Debian Linux.
The best way to keep your network secure is to close all open ports – not just the ones connected to the internet.
Hackers often scan and search every port number used to connect to services. Anyone trying to get into your system must go through a firewall. If a port check tool or a port scanner on a website can not find the ports on your computer, the firewall will block them. You can use a tool to test for port vulnerabilities yourself.
Port Checker Operating Systems Table:
|Port Checker||Linux||Windows||Mac OS||Online|
|Paessler PRTG (FREE TRIAL)||No||Yes||No||No|
|ManageEngine OpUtils (FREE TRIAL)||Yes||Yes||No||Yes|
|Open Port Scanner||No||No||No||Yes|
|IP Fingerprints Network Port Checker||No||No||No||Yes|
|Free Port Scanner 3.5||No||Yes||No||No|
|Port Checker 1.0||No||Yes||No||No|
|What is my IP Port Scanner||No||No||No||Yes|
|Spiceworks IP Scanner||Yes||Yes||Yes||Yes|
|Engineer’s Toolset Open Port Scanner – Trial||No||Yes||No||No|
|Advanced IP Scanner||No||Yes||No||No|
|Angry IP Scanner||Yes||Yes||Yes||Yes|
|Free IP Scanner by Eusing||No||Yes||No||No|
|LanSweeper IP Scanner||No||Yes||No||No|
|MyLanViewer Network/IP Scanner||No||Yes||No||No|
|Komodo Labs’ Slitheris Network Scanner||No||Yes||No||No|
What features should you look for when choosing a free port scanner?
We took a look at the port scanner market and analyzed them based on these criteria:
- A way to scan a device or multiple devices at once for open ports.
- The ability to query a specific port number or range of port numbers system that can detect computers on a network without needing to be installed on each computer service explains which protocols are associated with each port it examines.
- A way to get a list of ports and the status of each port.Free tools that do not require payment.
- An effective port mapping system that is easy to set up and configure.
We searched for free port scanners based on these criteria. We focused on monitoring packages that offer more than just port scanning functionality.
Paessler Port Monitoring with PRTG (FREE TRIAL)
Paessler PRTG monitors networks, network connections, servers, and applications. It provides real-time monitoring for these elements through sensors. Sensors detect performance characteristics or cover specific aspects of the hardware.
- Two port mappers
- Network, server, application monitoring tools
- TCP ports
- Check a range of port numbers
- Operates per device
The Port Monitor contains three port sensors that monitor port activity for you. Each type of port sensor covers a specific range of port numbers. For example, one sensor can cover port numbers between 1024 and 5000, another between 5000 and 10000, and so on. You can also specify whether your sensors will operate with TLS enabled.
The port range sensor is similar to the port sensor except that it checks specific port ranges rather than individual ports. You can specify a list of port ranges instead of individual ports to check multiple ports simultaneously.
- Uses flexible sensors to measure network performance and dozens of other metrics across networks, apps, and servers.
- A network designed to sweep large networks.
- Customizable sensors can be designed for specific applications.
- Pricing is based on each sensor, allowing large and smaller companies to use the PRTG platform for their needs.
- Supports auto-discovery, ideal for long-term monitoring.
- It’s feature-rich, but it may take some time to get used to its features and functionality.
You can choose how many sensors you want to monitor with Paessler PRTG. If you want to use more than 100 sensors, you need to create a new sensor instance for each IP address/port combination. For pricing purposes, each instance is considered a separate sensor.
You will quickly exhaust your sensor allocation. You can get a free 30-day trial with an unlimited number of sensors to test the software. You can install Paessler PRTG on Windows or use it online as a cloud service.
Paessler PRTG Network Monitor is an excellent choice for a free port scanner application. It includes a powerful port scanner and offers a wide range of additional features such as packet sniffing, intrusion detection, bandwidth monitoring, and more.
You can easily set up alerts based on your rules and save these settings to create a schedule. Although the package includes many sensors, you do not have to pay anything to activate just 100 of them. Moreover, you can view detailed reports about your traffic data, including graphs and charts.
Get a 30-day free Trial.
Official Site: https://www.paessler.com/download/prtg-download
ManageEngine OpUtils (FREE TRIAL)
OpUtils is a tool for managing IP addresses and switching ports. It examines the cables connecting the switches and determines which devices are connected.
In addition to the port scanner, this package also includes a firewall. Port scanners can be used independently of switch port mappers. Although OpUtil is not designed as a network tool, it includes some network monitoring tools, including port scanners.
- Scanning for open ports
- Describes the protocol for each scanned port
- Indicates whether the port is open.
- Provides mapping of physical ports
One of the best aspects of using this tool is its several valuable features, including a network scanner, an IP address manager, and diagnostic tools. It also includes a report generator, which lets you see abandoned addresses, duplicates, and rogue devices on your network.
- Searches a range of ports for an IP address.
- You can use the IP address to identify the device
- It shows which ports are open
- Runs intermittently
ManageEngine provides OpUtils for free for a limited trial period. After that, you’ll need to purchase the full version. However, if you’re willing to pay for an enterprise solution, you should consider OpUtils Enterprise Edition. This product includes the following features: Port Scanner – Find open ports on your network.
The Port Scanner tool can test the open ports on your PC. Not all of the port numbers have been checked. The service will check 37 well-known ports to determine whether any services are listening to them. A shorter scan checks just 13 of these ports. Some key features include:
- Online service
- Suggests port numbers for use by web servers
- Focuses on the most critical protocols
The network scanner’s services include FTP data, control channels (port 20), TFTP and SFTP, SNMP, DHCP, DNS, and communication, and security services such as HTTPS and HTTP SMTPS, POP3, POP 3SLS, IMAPS, SSH, and Telenet.
The results of the scans are displayed in a table on the website. In many cases, it makes sense to leave these critical ports open. In other cases, you can disable them with your firewall settings. You should not use email protocols such as SMTP, POP 3, and IMAP if you do not use an email client on your computer. If you only use webmail, you do not need these services.
- You don’t need to download or install anything; access PortCheckers from any web browser. It’s easy to use and provides an accurate view of which ports are open, blocked, or filtered.
- It doesn’t cover every port. Not be as comprehensive as some other competing tools.
You don’t need to pay anything to use the Port Checker.
Open Port Scanner
The Open Port Scanning tool is available on the Web Tools Hub website. This free port scanner allows you to select which open ports to scan. You must enter your IP address and list the ports you wish to check. Each scanning run can handle ten ports at once.
- The content is delivered through a website
- A range of nonconsecutive ports
- Open ports are identified
The scan results are presented in a table, along with the status of each port and its regular service. Entering the port number can be tedious. However, you can enter ranges such as 21-29. The results are returned quickly and can be exported to an Excel spreadsheet.
In contrast, a full report on all ports on your PC would take a long time, as the IANA port range is limited to 65535. The Web Tools Hub contains a comprehensive list of online tools. These include a port scanner, a backlink check tool, a whois query, and a ping test.
- Suitable for checking a few ports quickly
- It doesn’t require an installation or download. You can access it from any web browser.
IP Fingerprints Network Port Checker
An excellent starting point is a network scanner like Nmap. If you enter an IP address in the box, it will show you what services are running on that machine. For example, if I want to see what’s listening on port 80 (the HTTP protocol), I can type 192.168.1.100 into the field. It will let me know if any services are listening on that port.
You can also query the TCP/UDP protocols, ICMP messages, and ARP requests. According to the text on the website, the search for port numbers above 500 takes a long time, and the search for an extensive range may never end. Therefore, you need to perform the entire scan in segments.
- Automatic discovery
- Scanning IP addresses and ports
- Monitoring of security systems
Despite this warning, we ran a port scan from 21 to 500. We found that the results were available in less than a minute. Unfortunately, the system reported only one of the four open ports detected by Nmap. IP fingerprints may be connected to the Internet, while Nmap is connected to the firewall-protected machine. IP Fingerprint claims that it can see through firewalls. For this purpose, they use the SYN stealth technique.
The DDoS attack strategy is widely used. Connect() and Syn() are also available for advanced port scanning. These two methods are interesting because they are the preferred methods hackers use to try to get into your network. According to the IP Fingerprint website, they can bypass a firewall. The Syn() method is a popular strategy for DDoS attacks. A geolocation tool and a Whois function are also available on the website.
- Available online through your web browser without any installation required.
- It can scan any port range you want.
- Supports complex scans including SYN, ACK, and FIN
- You can scan it using a fragmented packet to prevent detection.
Free Port Scanner 3.5
You can get a copy of Free Port Scanner 3. 5 for Windows from majorgeeks.com. The program creators do not provide information about where they distribute it, so you can only get it from third-party software download sites.
Once you download the installer, you will find an executable file on your desktop. Double-click the file to start installing the program.
When prompted, select “I accept the license agreement” and follow the instructions.
- Scanning for open ports is a range of consecutive port numbers.
- Open ports are displayed
- Give an overview of the security
This utility allows you to scan port ranges to check all ports on your system simultaneously. When you start the application, it detects your IP address and offers a default list to scan. If you query many ports, scanning will take a long time.
If you want to scan the ports of another device (for example, your Wi-Fi router), it also takes longer because you need to specify your public IP address. To scan your computer, you should enter your network IP address in the corresponding field.
You can choose to show closed and open ports, and you can choose to show TCP or UDP ports. Since no documentation is included, it is impossible to tell what testing method the app uses. By default, Free Port Scanner 3.5 only tests TCP ports.
- A simple port scanner for Windows that is easy to use. It automatically detects open ports on a computer.
- Detects your IP address so you can quickly scan websites
- Includes a description of which ports are open for use by the service
- The interface is old and clunky when scanning for open and closed network ports.
- Slower than most other port scanners tested on our list.
- Advertisements are included.
Zenmap is a freely available network testing and security auditing tool. Zenmap is its user-friendly interface. It allows you to check on various factors about your system, including ports and services.
- You can install it on any operating system (Windows, Linux, BSD/Unix, etc.)
- Automatic discovery
- Scanning for open ports
- Monitoring security
There are not many tests available, but the system does an excellent job of giving you several choices. The utility scans every port on every machine on your network, as long as it is running Windows. The following tests are run on the open ports found by Nmap.
The basic test uses ping and a quick system check before scanning for ports. There is also a ping-free option where no packets are sent. You can run a full scan of all TCP or UDP ports. A full scan uses the SYN stealth method, which means the port never completes a handshake sequence.
These types of scans are not recorded as connection attempts. A comprehensive scan takes approximately two hours per device. Zenmap provides a wide range of information and works for any individual router or computer, which means it is not just for IT administrators.
- It allows administrators to discover open ports, which You may use for malicious purposes.
- One of the most popular free networking tools is Nmap. It has a light command line interface (CLI) version called Nmap. You can use it for basic ping tests and advanced scanning capabilities.
Port Checker 1.0
Softpedia ensures that all the software it provides is safe by verifying the code before distributing it. If you’re concerned about viruses, you should be careful when downloading free applications from third-party websites.
- A portable executable file
- One scan per port
- Displays the status of the port
There is no Windows compatibility for this free tool. You need to download a zip file that contains the executable. Unzip the zip file and double-click on it to launch the application. The interface is simple and easy to understand. Enter an IP address and select a port from a drop-down menu.
One drawback is that you cannot scan for a specific port, only the ports listed. Another limitation is that you cannot enter port numbers in ranges. Enter your local IP address to see which ports are open on your computer and your external IP address to find out which ports are open on a router.
- Very barebones, lightweight application
- You can use it from a USB stick, which makes it easy to carry around.
- Cannot specify a port range
- There are no filtering features available
- Do not use the automatic discovery of IP addresses.
What is My IP: A port scanner for Windows
A popular web service called What Is My IP? Allows you to find out your IP address. It also offers several other valuable features, including a port scanner and an online tool for testing DNS servers.
- An online tool
- Both free and paid versions are available
- Scan ranges or non-consecutive lists of ports
This free online port scanner offers several valuable features. First, it is fast: results for multiple port ranges are delivered in seconds. However you can also create custom lists, but these two options are only available to paying site members.
What is it exactly?
One of the best features of My IP is the ability to check only one IP address, which is something that no other tool in this field offers. It offers port and service-related tests.
Usually, this is referred to as a “package” – for example, if you select the “Games” package, the scan will include ports used by popular online games.
Essential checks standard email and FTP servers; Web covers HTTP, HTTPS, and File Transfer Protocol (FTP) servers; and Malicious examines ports associated with malicious software and hackers.
- For a web-based port scanner, this is incredibly fast.
- Port scanners for game ports based on popular games and apps.
- Can scan based on a single IP address or a custom port number range.
TCPView is a freeware utility that allows users to view open TCP/IP connections on a local network. It does not require any installation and works without requiring user interaction. It is designed to work on both 32bit and 64bit operating systems. It supports IPv4 and IPv6 protocols.
- It scans both TCP and UDP ports.
- A list of processes
- Process-specific ports are identified.
TCPView includes processes that listen for ports and update the display every second. To slow down the snapshot rate, click the Snapshot Rate menu item and select a lower value. To increase the rate, select a higher value.
New processes are added to the list as green records. Terminated processes are highlighted as red records. Processes with new status are highlighted in yellow. Additionally, the display shows the number of packets and byte counts for each port. TCPView does not support UDP ports.
- Identifies which ports are used by each service running locally
- The tool provides detailed information about services, protocols, remote addresses, and wait times for troubleshooting.
- It’s lightweight and runs fast without consuming too many resources.
- It uses color coding so that it’s easy to identify which ports are open.
Spiceworks IP Scanner
The Spiceworks’ IP scanner consists of the web interface and the software client. You can access the web interface from any browser, but you need to download the software client for Windows computers.
- An on-site agent is required
- Specifications of the device
- Provides a list of all open ports
The data collected by your agent on your computer is transferred to the cloud server. The encrypted communication between your agent and the server is used for logging in and viewing your scan results. You must first register and create an account before accessing the Dashboard.
The installed program is supported by Ubuntu and Debian Linux, Windows, and Mac OS. The freeware tool provides comprehensive information about all computers on the network or your computer if you don’t have one yet. The Spiceworks tools are free but ad-supported, so you’ll see ads occasionally.
Once you download the program and sign in, you can access the Dashboard through a browser. You’ll not be able to access it through Safari. IP Scanner scans your network for all devices that are connected to it.
It reports the address MAC, the IP address, the hostname, the manufacturer, the operating system, and a list of open ports for each device. You can use Spiceworks’ port scanners and testers if you don’t have a local network.
With this tool, you don’t need to install any software on your computer; it works on any operating system. The port scanners check the status of multiple ports on the computer for the IP address you enter.
- You can install the agent on any operating system (Windows, Linux, or Mac).
- A better tool for long-term monitoring
- A good user interface makes it easy to see all ports, services, etc.
- It takes some time to set up but once installed. It works fine.
- Advertisements are included
- Doesn’t support Safari
- Offline use is not supported.
Engineer’s Toolset Open Port Scanner – Trial
Among over 60 network management tools available in the Engineer’s Toolkit from SolarWinds, the Open Port Scanner is one of them. To use it, click here.
The Engineer’s Toolset from SolarWinds Key features:
- Searches a network to see if there are any nearby devices
- Examines each discovered device for its ports.
- Listing only open ports for simplicity
- Available ports are those that are not currently in use by any application. Used ports are
- A straightforward and easy-to-read layout.
The Open Port Scanning Tool scans all devices within an IP address range. You can enter a comprehensive range of IP addresses to get a full system scan.
In addition to scanning the local network, this tool also acts as a discovery tool by logging all active IP addresses before scanning the ports of newly discovered devices. The program displays the results in a simple format. The address entered must be in the same format as an IP address.
Hackers, whether ethical or unethical, consider Nmap their Swiss Army knife.
Nmap, or Network Mapper, is one of the most effective tools for scanning networks. It is an open-source utility that can perform virtually all types of network scans.
You can use it to find out if your computer is connected to the Internet; see what services are running on a remote host; test security vulnerabilities, find vulnerable systems; and much more.
- Select a target selection, such as a single IP address, a hostname, a range, etc.
- Select a port number, such as one specific port or a range of ports.
- Detect specific services and operating systems.
- Perform NSE scripts.
- Nmap’s ability to scan various ports is one of its best features. Here is a list of the most common ones.
NMap can be daunting for beginners because many scanning combinations get mixed results.
|TCP Connect (-sT)||Complete Three-Way Handshake (SYN, SYN/ACK, ACK)|
|TCP SYN (sS)||Send SYN, RST/ACK response is not listening; SYN/ACK is listening|
|TCP FIN (sF)||Closes the port by sending the FIN, followed by the RST response|
|TCP Xmas Tree (SX)||Send FIN, URG, PSH, and RST responses to close the port|
|TCP Null (sN)||No Flags. Response RST = closed port|
|TCP ACK (PT)||Send ACK. Verification of packet filtering through the firewall.|
- A firewall doubles as a security tool, helping administrators identify suspicious network traffic.
- A massive open source community is one of the best free security tools available.
- It offers a graphical user interface (GUI) version called Zenmap, which makes it easier for new users to use.
- It’s easy to use and doesn’t require any special skills to master.
- New users may find Nmap challenging to use
- It May be overkill for simple troubleshooting tasks
Official Site and where you can download it:
Advanced IP Scanner
A free network scanner for Windows is Portable and easy to use. Advanced IP Scanner does not require any installation. You get one of the most powerful scanners by pressing the play button. Advanced IP Scanner displays a list of network devices and information such as IP, port, manufacturer, MAC address, etc.
Typical features include:
- Network shares are easy to access.
- Remote Desktop Protocol (RDP) and Radmin are used to access computers remotely.
- Turn on and off computers remotely.
- Identify the MAC addresses.
- Export all scan results to an a.csv file.
This scanner scans all devices in a targeted network within seconds and provides easy access for them to be shared via HTTP, HTTPS, SFTP, or even shared folders on the device.
- It is free to download.
- It’s easy to use and ideal for smaller networks.
- It provides information on IP addresses, MAC addresses, and manufacturer names.
- It’s easy to use and understand.
- You cannot choose between different export formats.
- Advanced IP Scanner cannot create graphs for traffic or device usage.
- Using an external VPN service is not the best option for enterprise networks because it requires additional configuration and management.
Another exciting feature of the tool is that it detects remote desktop connections and lets you manage them remotely from the platform.
Official Site and where to download:
Angry IP Scanner
A Free and Open Source Network Scanner called IPscan is available for download. It is lightweight, requires no installation, and is relatively easy to use.
- You can use it to scan for devices within a specific IP address range, obtain a device’s NetBios information, detect web servers and customize openers.
- You can export the results in different formats, including TXT (plain text), CSV (comma-separated values), XML (extensible markup language), and IP-Port list (IP address and port.
- It uses multiple threads for faster scanning.
- By default, the tool has some common fetchers such as ping, hostname, and ports, but you can add additional fetchers using plugins.
- It’s GUI-based, but you can use the command line interface (CLI) to access some additional features.
At its most basic level, Angry IP Scanner checks if devices connected to the network are working correctly. It can also resolve domain names, determine MAC addresses, scan for open ports, and perform OS fingerprinting. Plugins allow you to add additional features to the program.
- A tool that’s one of the simplest to use on the market.
- Perfect for home networks and small networks
- It can produce outputs in different formats, giving more flexibility than command line tools.
- Provides DNS and hostname metrics for your domain name
- The interface doesn’t work well for large networks.
- Graphing capabilities are lacking.
Where can I get an official site, and where can I download it?
Free IP Scanner by Eusing
Eusing Software develops free software for Windows users. The Freeware IP Scanner is one such application. It is a lightweight standalone scanner that can scan 100 devices per second. Only Windows operating systems support it.
- Using multi-threading technology and fast scanning.
- A Free IP Scanner can scan multiple targets simultaneously without consuming many resources.
The Free IP Scanner pings the IP (and optionally subnet) to determine if any hosts are currently connected. It can also convert hostnames into IP addresses, find closed and open ports and retrieve NetBIOS data.
The last one can show the hostname, workgroup, active logged users, the device’s MAC address, and much more. You can export all the results to a TXT file. Free IP Scanner is easy to use but does not provide advanced features. It only shows what is already present in the OSI layers 3 and 4.
- It runs as a standalone executable, which makes it perfect for USB toolkits.
- Scanning allows you to configure which IP addresses you want to scan for open ports.
- Stores information in a plain text log file.
- Operating systems other than Windows are not supported.
- On more extensive enterprise networks, the interface may feel cluttered.
Most hackers prefer a fully versatile network analysis tool. NetCat is more than just an IP scanning tool; it goes far beyond identifying hosts and services. However, it is also a tiny Unix networking analyzer used by and against hackers. It is small but very potent. NetCat is one of the best tools for debugging and investigating networks.
- Connect to a remote server through any port or service using SSH.
- Identifying the software that the target uses.
- Open ports, scan, listen, and forward.
- You must create tunnels with specific network parameters, including the source port/interface, the listening port/interface, the destination IP address, and the remote hostname.
- Make sure there are back doors into the target so You can access them easily.
- Copy files from the target computer to the source computer.
NetCat allows you to connect to any device on your local network. It primarily uses TCP/UDP to write and read from network connections. In short, it can establish TCP/UDP connections between two devices using an available port. The most popular applications for this tool are Reverse Shells, Network Traffic Redirection, Port Scanning, Forwarding, Debugging Scripts, and Service Banner Grabbing.
- The software is available on Windows, Linux, and Unix platforms
- Easy to use, simple syntax
- It doubles as a security tool, letting users probe endpoints and create their back doors.
- Supports file transfers from one computer to another.
- Slitheris Network Discovery
- NetCat may be too complex for users who want a simple IP scanner.
LanSweeper IP Scanner
A network scanner is an application to scan networks and locate devices connected to them. LanSweeper includes a built-in IP scanner that allows you to quickly scan your local area network (LAN) and find out what devices are currently online.
Once you’ve located the device(s), you can view detailed information about each one, including the operating system version, manufacturer, serial number, MAC address, and much more.
- You can scan IP addresses automatically or on request.
- Import the results into Excel.
- Remotely shut down computers.
- LAN Wake-On Manager
- Find MAC addresses, IP addresses, login times, user accounts, device up times, etc.
- You get access to detailed device information for up to 100 devices.
LanSweeper is one of the best tools for managing your wireless networks. Its powerful features include managing multiple Wi-Fi networks, monitoring traffic, identifying rogue access points, and much more. With LanSweeper, you can easily configure your wireless networks, view device details, and perform troubleshooting tasks. You can also set up alerts to know if any issues arise.
- Ideal for BYOD networks, it automatically discovers devices through customized search filters.
- It provides the hostname, manufacturer, hardware statistics, and NetBIOS info.
- A good option for discovering assets within small networks without agents
- You can only free up to 100 managed resources.
MyLanViewer Network/IP Scanner
An advanced network scanner for Windows operating systems. It scans the target network and displays the IP address, MAC address, NIC vendor, OS version, logged users, and shares found in an easy-to-read list.
- Scanning of NetBIOS
- Traceroute and Whois tools
- Wake-on-LAN and remote shutdown manager.
- Scanner and monitor for wireless networks
- Share files between computers
- Session termination for users
- Information about net stats is displayed
- Find out which DHCP servers are rogue.
MyLANViewer network/ip scanner can monitor all the scanned networks (even if they are not visible) and notify you when you find a new network.
- A tool that provides whois, traceroutes, WOL (Wake On Lan), and remote shutdown options, perfect for small networks and home lab environments.
- It offers file management features, allowing you to share or unshare files in a group quickly.
- Great for detecting rogue DHCP servers and resolving IP conflicts.
- Large networks may be difficult to navigate because they contain too many options. Nested menus might help.
Komodo Labs’ Slitheris Network Scanner
Komodo Labs’ Slitheris Network Scanner is an advanced IP scanner for Windows. Its free version allows you to scan up to 50 networks but can be expanded with its premium license.
What can Slitheris do?
- A real-time visual ping sweep allows you to see what the ping sweep is currently doing visually.
- OS detection and fingerprinting identify different operating systems without requiring user authentication and credentials.
- To identify different devices, figure out which type of device they are. For example, if they’re a printer, they’re probably a desktop computer. If they’re virtual machines, then they’re probably.
- Determine the age of the device by matching its MAC address against a database of known devices.
- An alarm sounds when SMB is enabled or disabled on devices to improve security.
- It detects stealth devices using the ARP cache.
- A tool scans for web GUI access devices using port scanning on HTTP and https.
This tool takes IP scans to a whole new level. It’s fast and discovers information that most scanners cannot. It doesn’t require any credentials or agents. Slithering Networks’ Network Discovery uses multi-treaded technology to quickly find every device on the network and uses ARP pinging to discover hidden devices.
- The excellent user interface makes it easier for people to scan more extensive networks using simple visual elements.
- It has deep and device management features, making it a good choice for small managed service providers.
- A visual layer to ping sweeps helps you quickly identify which machines are experiencing connectivity issues.
- Only available for up to 50 networked devices
Which one is better: an online port scanner or an installed version?
You can find out if someone else is trying to access your computer remotely by checking the IP address of the connection. Most operating systems provide an application called netstat that lists open connections. In Windows, go to Start > Run and type “cmd” (without quotes), then press Enter. Type “netstat-anp | findstr /i:”””. In Linux/Unix, type “sudo netstat -tulpn | grep”.
Free online port checkers
There are some other free online port checker tools that you might want to try out:
- You Get Signal
- Ping. EU Port Check
- A port scan using Nmap shows which ports are open on a target host.
- A port scan reveals which ports are open on a target host
These online services are easy to use and perfect for small businesses that don’t want to spend too much time or money monitoring their security.
What are ports?
If you’re new to networking technology, a basic understanding of ports is essential. PORTS are addresses, and many are used to perform specific functions that experienced networking pros can remember off the top of their heads.
The Internet Assigned Names Authority, also known as the IANA, manages the allocation of port numbers to specific protocols as a global standard. They also assign IP addresses and prevent duplicate entries. The IANA register lists the entire port number range from 0 to 65,535. Well-known ports include those associated with standard internet services such as HTTP, HTTPS, SMTP, pop3, IMAP, FTP, ssh, telnet, and others.
The following range is reserved for private ports. Applications running behind firewalls may use these ports instead of public ones. Finally, the last range is reserved for ephemeral ports. Services that do not require persistent connections can use these ports. For instance, Steam games often use port 1725. Most programmers can use any port number between 49152 and 65534.
These are called private or ephemeral ports. Servers can listen on a well-known port before switching to a private port by agreement with the connected client. The server can listen to that well-known port during the first transaction to accept other connections.
List of ports
Here’s a list of standard ports and their related services.
Types of port scans
|20||FTP (File Transfer Protocol) data channel|
|21||FTP (File Transfer Protocol) control channel|
|22||SSH (Secure Shell)|
|25||SMTP (Simple Mail Transfer Protocol)|
|53||DNS (Domain Name System)|
|69||TFTP (Trivial File Tranfer Protocol)|
|80||HTTP (Hypertext Transfer Protocol)|
|109||POP2 (Post Office Protocol v 2)|
|110||POP3 (Post Office Protocol v 3)|
|115||SFTP (Secure File Transfer Protocol)|
|123||NTP (Network Time Protocol)|
|143||IMAP (Internet Message Access Protocol)|
|161||SNMP (Simple Network Management Protocol)|
|162||SNMP (Simple Network Management Protocol) Trap|
|179||BGP (Border Gateway Protocol)|
|194||IRC (Internet Relay Chat)|
|443||HTTPS (Hypertext Transfer Protocol Secure)|
|464||Kerberos reset password|
|465||SMTPS (Simple Mail Transfer Protocol over SSL)|
|530||RPC (Remote Procedure Call)|
|544||kshell (Kerberos remote shell)|
|554||RTSP (Real Time Stream Control Protocol)|
|993||SSL-based Internet Message Access Protocol (IMAPS)|
|995||SSL POP3 (Post Office Protocol 3)|
Open and closed ports are blocked and unblocked.
A closed port is not the same as an open one, nor is it the same as an unblocked one. An open port is related to a procedure. These processes are offered as part of a service, and they continuously check to see if a package addressed to a particular port has come into your system. For this reason, you should generally understand port numbers.
Since the ports are well-recognized, any person who wants to write his variation of a particular service merely needs to check for packets coming in on that service’s port.
When a message with an incorrect port number arrives, the server will send a reply telling the client what port number was expected.
The client then closes the connection. If a port is open, the server repeatedly checks for that port. A server closes a port by sending a message to the client, notifying it that the port has been closed (and thus stopping the server). A “closed port” means no looping program waits for that port number to arrive in a packet. A blocked port can be either open or shut. A firewall performs the blocking.
Suppose a daemon is waiting for a specific port. In that case, the daemon will wait indefinitely if the firewall denies packets addressed to that specific address.
The port is open but blocked in that example; to unblock that port, one must modify the firewall rules to allow traffic directed to that port to pass through. If a daemon waits for messages on a specific port, it will not run until someone sends a packet addressed to that port. To send such a packet, one must forward the port to the machine where the daemon is waiting. In this case, the term “forwarding” applies.
Types of port scans
Basic port checkers
A typical port scan attempts to establish a connection to every IP address on the network. When a host responds to an ICMP echo request, the scanning software assumes that the host is running a service on that port. To determine whether a particular port is open or closed, the attacker must send a packet to the target machine and wait for a reply.
Hackers may prefer specific ports.
Some viruses are programmed to utilize a specific port number, which antivirus companies discover. In such cases, firewalls are updated, and the virus’s success is halted. The hackers will then attempt to rewrite it on another port.
The antivirus industry will most likely give the malware a new name.
It would be best to remember that when using many services, the initial communication takes place on a well-known port before being transferred to an ephemeral port.
Viruses are automatic processes, so they tend to use specific ports. If you notice that one of these private ports is open, then it could mean that your PC is already infected.
A strobe search focuses on a range rather than all 65536 ports. Because scanning all ports routinely raises the alarm, limiting the search to a smaller number of ports can keep an attack under the radar. Each new connection attempt is logged, so a surge of connection attempts indicates something is wrong – intrusion prevention systems automatically shut down all activity from that IP.
An in-depth stealth scan
Hackers sometimes use stealth to avoid being detected by firewalls. They may use strobe scanning techniques, sending many connection requests at low speeds. Other stealth methods include incomplete connections or connection requests sent in multiple packets.
Three messages are exchanged during the connection process. A client sends a request, and a server responds with a response. An acknowledgment (ACK) confirms that the server received the request. Typically, servers only allow clients to send one request every five seconds to prevent denial-of-service attacks. When the client receives the ACK, it can respond immediately.
An SYN flood attack causes a computer to raise the alert. However, only one connection attempt per port is recorded.
Most systems only record SYN/SYNACK/ACK connections through the TCP connect() command.
When a connection is successful, the system records the connection as active. Inactive connections are not logged. An SYN scan attempts to send an SYN packet to every port number on the network. It does so without waiting for a response. It then waits for an SYN-ACK before sending another SYN packet. If the target host responds with an SYN-ACK, the attacker assumes that the host is listening on that port. If the host doesn’t respond within a specific time, the attacker concludes that the host is down.
Scanning fragmented packets
YOu can configure firewall rules to allow certain types of traffic (e.g., HTTP) and block others (e.g., ICMP). For example, if an attacker sends a malicious HTTP request to your server, the firewall may drop the request before it gets to the application layer.
A NULL scan tests whether a given port is open or closed. It is nearly the sole means of checking UDP ports because the protocol was designed so that no replies are ever returned. Sending an empty UDP datagram may or may not result in an error response from the listener. If that port number is closed, it is far more likely to generate a reply from another protocol. The IP protocol can return a “Port Unreachable” message.
A null segment is a particular type of packet that contains no data. When a host sends such a packet, it expects the destination to respond with a “port unreachable.” A host must send out many packets to determine whether a particular port is open. The port is closed if the destination responds with a “port unreached” message. However, if the destination replies with a “port unreachable” message, the host knows that the port is open because it did not receive a “port reachable” message.
A TCP segment contains several sections of bits set to one (1) to indicate various connection requests. These bits are set to zero (0) in a TCP NULL scan; however, they’re sent to one (1) in an XMAS scan. However, these bits are mutually exclusive. For example, if bit 0 is set to 1, then bit 2 must be set to 0. If bit 0 is not set to 1, neither must bit 2 be set to 1.
The XMAS scan usually produces an error message if the target port is open and no sound if it is closed. However, since some operating systems send it back.
A FIN TCP message closes the connection, so sending it when there are no open connections is an error. It is unique because it is sent by the operating system rather than the port’s daemon.
When a FIN message is sent without any response from the server, the daemon ignores it. However, if a FIN message is sent without response, the operating system responds by sending an RST message. An empty FIN indicates that the port is opened, while an RST means that the port is closed (or has been closed).
When receiving a malformed HTTP request, the operating system sends back an RST (reset) packet for closed ports and silence for open ports. An ACK arriving before an SYN is meaningless, so an open port ignores it.
Issues related to port scanning
Port scanners usually don’t include any additional features beyond checking ports for open connections. However, some other features are included in most port scanners that aren’t strictly part of the scanning technique.
For example, ping, traceroute, RPC checks, OS fingerprinting, and DNS resolution checks are all additional features that indicate that the port scanner’s developers were trying to create a network traffic analysis tool instead of just a simple port scanner (although both types of tools may use them).
Mapped ports, forward ports, and trigger ports
Routers that utilize Network Address Translation (NAT) perform Port Mapping (NAT). NAT allows many computers on a local area network to share one external IP address. The router translates incoming packets into an internal format before sending them out onto the LAN. Incoming responses are translated into the original packet format and sent back to the originating host.
Port forwarding is a technique used to forward traffic through a router. The router determines whether to forward a packet to another device based on the destination IP address when a packet arrives at an interface. A router must identify the destination port of a packet. A router forwards a packet to the next hop device by forwarding it to a specific port.
One example is the Port Triggering Required for Internet Relay Chat.
When a network computer contacts another for an IRC session, the two computers must agree upon a particular port number. For instance, if one computer wants to talk to another on port 6667, then the first computer would inform its gateway that it wishes to communicate on port 6667.
Then, when the second computer sends a packet to the first computer on port 6667 (the destination), the gateway forwards the packet to the first computer without changing the source port number.
In this case, the first computer receives the packet on port 6667 because the gateway did not change the source port number. However, once the connection ends, the gateway changes the source port number to 6668 so that you can forward future packets to the correct destination.
Options for port checking
To protect yourself from hackers, think like one and use white hat hacking techniques. Use a port scanner to identify services that may be used as entry points for hackers; use an installed program and an internet service to get a complete view of your ports’ activity.
FAQs on port scanners
Ports are used for communication between computers.
A port number is similar to a building’s apartment number. While an IP address can route a packet towards a particular machine, a port number identifies a process for which the packet was meant. Daemons constantly run on ports, examining incoming packets to determine whether they’re meant for them. When a daemon doesn’t exist on a given port, it’s considered “closed.”
How do I scan my computer for open ports?
You can use a port scanner to test whether any services are running on a particular port. Port scanners send packets to a specific port number and monitor the responses. They’re similar to ping but only to a specific IP address or hostname rather than the entire network.
An open port checker scans for open ports on a computer system, whereas an open port scanner checks for open ports.
A port scanner checks all of a computer’s available ports to see if any are open. A port checker checks the ports on a firewall to see if any incoming connections are allowed.
What ports do hackers typically use?
Hackers usually attack specific protocols, focusing on ports that handle them. For example, FTP servers run on TCP port 21, SSH servers run on TCP port 22, Telnet servers run on TCP port 23, SMTP servers run on TCP port 25, POP3 servers run on TCP port 110, DNS servers run on TCP port 53, RPC servers run on TCP port 135, and HTTP servers run on TCP port 443.
What is the best way to determine if a port is open on Windows 10?
To see all ports on a computer running Windows 10:
- Type cmd into the Start menu search field
- Click on Command Prompt Run as an administrator in the search results
- At the command prompt, type netstat -ab
- Look through the results of the command. Open ports are marked as LISTENING.