Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Friday, August 31, 2012

List of open ports in a OS

Linux distributions
As with FreeBSD, the obvious choice of tool to use for listing open ports is netstat. Most Linux distributions use a different version of the utility, however — maintained separately from the Linux distribution, as an independent software development project.One consequence of that fact is that the command line options used to achieve the same results may be different with FreeBSD than with Debian, Ubuntu, or Fedora Core Linux systems. On a typical Linux system, this command will list open network ports and the processes that own them:
  netstat -lnptu
The output should look something like this:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address  State   PID/Program name
tcp        0      0*        LISTEN  2458/cupsd
tcp        0      0*        LISTEN  2353/postgres
tcp6       0      0 :::22           :::*             LISTEN  2335/sshd
udp        0      0*                2458/cupsd
As you can see from this output, the Debian GNU/Linux system on which I ran that command has only four open ports — two for CUPS, so that the computer can communicate with the network printer; one for PostgreSQL so that it can be contacted by applications in development; SSH, so that I can access it remotely, from my laptop.

Microsoft Windows XP Microsoft Windows also offers a netstat command that can be executed from the command line to get a list of open ports. The standard MS Windows version of netstat is slightly more limited than its Unix-like system counterparts, but still suffices to get a listing of listening services:
  netstat -a | find "LISTENING"
The output of this command should look something like this:
TCP    hostname:epmap           hostname:0               LISTENING
TCP    hostname:microsoft-ds    hostname:0               LISTENING
TCP    hostname:10110           hostname:0               LISTENING
TCP    hostname:netbios-ssn     hostname:0               LISTENING
. . . with “hostname” replaced by the system’s hostname, of course.
the following command will list all ports in use on the machine:
netstat -a
The output contains the protocol, local address, foreign address and current state
Netstat documentation on
Designed for testing ports:
"Portqry.exe is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. Portqry.exe runs on Windows 2000-based computers, on Windows XP-based computers, and on Windows Server 2003-based computers. The utility reports the port status of TCP and UDP ports on a computer that you select. "
Portqry.exe reports the status of a TCP/IP port in one of the following three ways:
  • Listening

    A process is listening on the port on the computer that you selected. Portqry.exe received a response from the port.
  • Not Listening

    No process is listening on the target port on the target system. Portqry.exe received an Internet Control Message Protocol (ICMP) "Destination Unreachable - Port Unreachable" message back from the target UDP port. Or if the target port is a TCP port, Portqry received a TCP acknowledgement packet with the Reset flag set.
  • Filtered

    The port on the computer that you selected is being filtered. Portqry.exe did not receive a response from the port. A process may or may not be listening on the port. By default, TCP ports are queried three times, and UDP ports are queried one time before a report indicates that the port is filtered.
Portqry.exe can query a single port, an ordered list of ports, or a sequential range of ports.
The following command tries to resolve "" to an IP address and then queries TCP port 25 on the corresponding host:
portqry -n -p tcp -e 25
The following command tries to resolve "" to a host name and then queries TCP ports 143,110, and 25 (in that order) on the host that you selected. This command also creates a log file (Portqry.log) that contains a log of the command that you ran and its output.
portqry -n -p tcp -o 143,110,25 -l portqry.log
The following command tries to resolve my_server to an IP address and then queries the specified range of UDP ports (135-139) in sequential order on the corresponding host. This command also creates a log file (my_server.txt) that contains a log of the command that you ran and its output.
portqry -n my_server -p udp -r 135:139 -l my_server.txt
Portqry.exe is available for download from the Microsoft Download Center. To download Portqry.exe, visit the following Microsoft Web site:
telnet [ipaddress] [portnumber]
Fill in the address/port. If you connect, you know the port is open, assuming it's a TCP service. Doesn't work for UDP
You could also use nmap to see all of the open ports on a given machine.

No comments: