Best Method to test Opened Ports

Question

We have a requirment where in we have to test 500+ Port opening rules. So requires a suggest on below points.

Which is the best tool to test the connectivity of the ports. Telnet will be sufficient
If there is no application is listening to a port will telnet be getting a resposne from the port.

We are checking it in Amazon VPC against Security Groups.

score 14 · Accepted Answer · edited Oct 09 '18 at 15:12

14

From within the machine netstat -ntlp / netstat -nulp will show all open TCP / UDP ports (and associated programs) respectively.

From external, nmap -sT and nmap -sU will show open TCP/UDP ports respectively.

Keep in mind that these commands might require root privileges and also make sure to whitelist the source of the scans in the firewall - or else you might find yourself locked out, if the host is using something like fail2ban.

edited Oct 09 '18 at 15:12

mana

457
6
11

answered Aug 26 '14 at 08:21

thanasisk

941
6
16

netstat shows the open ports on one server I run from it right..? I would like to check the connectivity across servers. – Ajo Mathew Aug 26 '14 at 08:34
1

use nc then - you can script it using bash - check before installing nmap as it might not be allowed from your administrators ... – thanasisk Aug 26 '14 at 08:45
That is helpful I will check it out – Ajo Mathew Aug 26 '14 at 08:47

score 1 · Answer 2 · answered Aug 26 '14 at 07:30

1

Take a look at nmap (http://nmap.org). it can do many types of scans and is avaulable for many oses. There is also a windows version and gui

answered Aug 26 '14 at 07:30

T J

41
1
6

score 1 · Answer 3 · answered Aug 26 '14 at 11:31

You can use nmap to test a port (or list of ports) on a host (or list of hosts). Example:

nmap 192.168.0.101-150 -p 22,80,443

checks three ports on each of 150 hosts and produces a nicely-formatted report. If there is no program listening at a port, nmap will show the port as "closed". The port will be shown as "filtered" if a firewall is preventing access to it from the testing computer.

You can do the same scan and produce a report with one host per line, suitable for grepping or importing to another program:

nmap 192.168.0.101-150 -p 22,80,443 -oG -

(Note the final - in the line above for output to stdout. Change to a filename if desired.)

score 1 · Answer 4 · answered Aug 26 '14 at 12:05

You should use nc (netcat) for scanning any tcp or udp ports.

The nc (or netcat) utility is used for just about anything under the sun involving TCP or UDP. It can open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, do port scanning, and deal with both IPv4 and IPv6. Unlike telnet(1), nc scripts nicely, and separates error messages onto standard error instead of sending them to standard output, as telnet(1) does with some.

Basicly,

nc -z -wX <host> <port>

-z

Specifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in con- junction with the -l option.A more compact way to use it:

-w3

If a connection and stdin are idle for more than timeout seconds, then the connection is silently closed. The -w flag has no effect on the -l option, i.e. nc will listen forever for a connection, with or without the -w flag. The default is no timeout.

For example;

nc -z -w3 example.com 22

Will scan port 22 on example.com without sending any data and timeout will be 3 seconds.

Best Method to test Opened Ports

4 Answers4