Port tests: Checking open ports with a port check

Open ports are not only com­mu­ni­ca­tion points between your systems and the Internet or other computers, but also points of attack from malware and hackers. Regularly checking for open ports ensures that only the ports you actually need are open. In this article, we will tell you which methods are available for checking open ports.

Re­gard­less of whether you only deal with networks and computers casually or regularly, sooner or later, you will come across the term “port”. Just like ports and harbors are transit and control points for goods, so-called network ports form the gateways for data that is trans­mit­ted between computers and the Internet or other computers.

Port numbers are part of an IP address and enable data packets to be assigned to a specific IP and certain services. In con­junc­tion with an IP address, a port thus gives the complete des­ti­na­tion or sender address of an ap­pli­ca­tion.

Since many processes run si­mul­ta­ne­ous­ly in operating systems, apps, and other services, and data is trans­ferred in parallel, several open ports are required. A core function of ports is to relieve systems, to use different ports at the same time with several con­nec­tions, and to assign data packets to the correct ap­pli­ca­tion. To dis­tin­guish ports, they are numbered from 0 to 65,535, meaning that each computer has a total of 65,536 ports.

Certain ports are reserved for specific ap­pli­ca­tions (i.e. mail server or websites), as well as for important transport protocols such as HTTP, FTP, and Telnet. These reserved ports are des­ig­nat­ed by the IANA (Internet Assigned Numbers Authority) and are called stan­dard­ized or well-known ports. Others are intended for reg­is­tered services and dynamic clients. In addition, there is a large number of ports that are dy­nam­i­cal­ly allocated from a pool.

The way ports work is rel­a­tive­ly simple. Transport protocols such as UDP (User Datagram Protocol) and TCP (Trans­mis­sion Control Protocol) transfer data packets by assigning them to a specific address con­sist­ing of an IP and port number. The des­ti­na­tion address can be an app, a service, a website, or any other program such as a web browser. Open ports of target addresses “listen” for requests that originate via a port from private or public IPs. The target ap­pli­ca­tion learns the sender port when the con­nec­tion is es­tab­lished and sends the desired data packets back to the sender address.

Since unwanted network con­nec­tions between local computers and the Internet are to be avoided as much as possible, the router IP usually comes between local IPs and des­ti­na­tion addresses. The public router IP, which also appears as the sender of data packets, is thus ex­ter­nal­ly visible and ad­dress­able. The packet filter and firewall also ensure that packets that cannot be assigned to a local ap­pli­ca­tion are rejected. The router forwards correctly addressed packets to the sender service using the IP and port number.

Regular port scanning is an important process. System ad­min­is­tra­tors in par­tic­u­lar use port scanning to monitor data traffic in small or large networks and to close security gaps. A port check assesses whether data packets are being sent via des­ig­nat­ed ports, whether firewalls are blocking important ports un­in­ten­tion­al­ly, and whether unused open ports should be closed. Various methods and tools are available for a port check, which we will introduce below.

Port scanners work in a similar way to the command prompt. This is software that examines open ports and au­tho­rized services. In addition, port scanners are able to examine network security and structure. Port scanners send data packets to a des­ti­na­tion address for analysis and evaluate the resulting responses in order to check ports.

However, we advise you to be cautious when using port scanners. These are not only used by system ad­min­is­tra­tors, but also by hackers to identify security gaps for malware and attacks. Analysis data from a port scan is sensitive, because your data is of interest to potential attackers. The use of port scanners helps to close security gaps, but the data collected must be handled re­spon­si­bly. In addition, a port check must only be carried out on your own system or with the per­mis­sion of the system owner, as this can legally be con­sid­ered an attempted attack without consent.

Advanced Port Scanner is freeware that can be used to test ports and list network devices (i.e. computers, routers, smart devices), including open or closed port ranges. The focus of the analysis is on TCP ports, but can be expanded to include ad­di­tion­al ports and protocols. Ad­di­tion­al functions of the scan software include remote commands via RDP and Radmin, as well as port and network sharing.

Nmap is the classic, free port scanner primarily aimed at IT experts. Nmap was orig­i­nal­ly pro­grammed for Linux, but it is now used as a port scanner for all systems. Ex­pe­ri­enced users can use Nmap as a command line console, while the clearer, graphical Zenmap interface is available for in­ex­pe­ri­enced users. Note that Nmap can only be used to scan your own local ports. An Nmap port scan of foreign target addresses without consent can be seen as the pre­lim­i­nary stage of a system attack!

A third al­ter­na­tive for a port check are free online tools that detect open ports on your computer and thus, potential security gaps. It should be noted that port scanning with the cmd command netstat -ano or with software such as Nmap primarily involves local ports. In order to determine the public port sharing of your router, however, this must be addressed from the outside. Online port scanners use a test website for this purpose and primarily scan standard ports. Analysis data is output as a list of results.

The dnstools.ch website scans a whole range of standard ports, such as FTP, DNS, POP3, IMAP, SMTP or RPC, specif­i­cal­ly analyzes in­di­vid­ual ports, and examines whether the for­ward­ing of the router’s public ports to local ap­pli­ca­tions is working correctly. The online tool shows the analysis results in a clear list that can be exported as a file. Other scanning tools include DNS queries, ping, and tracer­oute.

Nmap is not only available for download as a powerful port scanner, but also offers an online tool for checking ports. This can be used to examine TCP ports that are open ex­ter­nal­ly and to list the as­so­ci­at­ed services.

The TCP Open Port Scanner from Geekflare enables a fast, efficient scan of outwardly open ports in your network. The online tool uses Nmap as the analysis software for the port scan.

The WhatIsMyIP.com website is primarily used to display publicly visible IP addresses of users and to check the ef­fec­tive­ness of VPN con­nec­tions. The website also offers various other tools, including a port scanner. In­di­vid­ual ports can be tested by entering the cor­re­spond­ing port number.