Hello World!! As IT Admins and Support Engineers, we have been hearing about and working on opening certain ports for external access and more. Ports are also very critical from security perspective. I have often had the need to check if a port is open both as a security requirement and from an operational requirement. So here I document how to get this information.
How to check Open/listening ports on Windows
- Netstat
Type the command in command prompt as Administrator:
- “a” displays all connections and listening ports.
- “b” shows all executables that are involved in creating each listening port.
- “o” provides the owning process ID that is related to each of the connections.
- “n” shows the addresses and port numbers as numericals.
netstat -bano | more
2. Telnet
This is a quick and easy method used to check open ports on Remote machines. Either install Putty on your machine or turn on the Telnet feature on your Windows machine.
- On Putty– Enter the IP address of the remote machine and the port
number you want to check, then select Telnet in the options. Click Ok- If you
only see a cursor, it means the port is open. Alternatively, if you get a
message Connection refused, the port is closed. - Using Telnet Feature– Open command prompt and type command telnet followed by the ip address and port number of the remote machine. If the port is open you will get a blinking cursor and if the port is closed you will get message saying connect failed.
3. PortQuery.exe
This is a really handy tool and does the required job. You can check the Open/Listening ports on both local and even Remote machines. PortQry.exe is available for download from the Microsoft Download Center and runs as a standalone command line application. Once you have downloaded and extracted Portqry.exe to your machine, open a command prompt, and type portqry.exe followed by a given parameter from the folder that contains the executable.
Eg,
In command prompt go the directory where the PortQry files are located in C:PortQryv2
- Local Machine- Type portqry.exe –local
This will show TCP/UDP port usage on the local host. The information shown when using this parameter is similar to that of netstat.exe, however it also shows port statistics such as the number of port mappings and the number of ports in each state.
- Remote Machine- To view the TCP/UDP open port state of a remote host,
Type portqry.exe –n [hostname/IP]
where [hostname/IP] is replaced with the hostname or IP address of the remote host. You can also specify to scan for a
particular port using the -e [port_number] parameter,
particular range of ports using the -r [start_range:end_range] parameter, or
Group of ports in a particular order using the -o [port1, port2, port3] parameter.
List of Common Ports, Name and Protocols
| Port | Name of the Service | Transport protocol |
| 20,21 | FTP | TCP |
| 22 | SSH | TCP and UDP |
| 23 | Telnet | TCP |
| 25 | SMTP | TCP |
| 50,51 | IPSec | / |
| 53 | DNS | TCP and UDP |
| 67,68 | DHCP | UDP |
| 69 | TFTP | UDP |
| 80 | HTTP | TCP |
| 110 | POP3 | TCP |
| 119 | NNTP | TCP |
| 123 | NTP | TCP |
| 135-139 | NetBIOS | TCP and UDP |
| 143 | IMAP | TCP and UDP |
| 161,162 | SNMP | TCP and UDP |
| 389 | Lightweight Directory Access | TCP and UDP |
| 443 | HTTPS | TCP and UDP |
| 465 | SMTP over SSL | TCP |
| 989 | FTP Protocol (data) over TLS/SSL | TCP and UDP |
| 990 | FTP Protocol (data) over TLS/SSL | TCP and UDP |
| 993 | IMAP over SSL | TCP |
| 995 | POP3 over SSL | TCP |
| 3389 | Remote Desktop | TCP and UDP |
This is really helpful. Specially the parameters usage for netstat command. Also I wasn’t aware about the port query tool. Thanks for telling about it too.