• Subscribe to the low volume list for updates.

TCP Port Scan

A simple TCP Port Scan to quickly determine the status of an Internet facing service or firewall. Uses the powerful Nmap port scanner. Note that this scan will test for common services only (21) FTP, (22) SSH, (23) Telnet, (80) HTTP, (110) POP3, (143) IMAP, (443) HTTPS and (3389) RDP. Nmap version detection ( -sV ) is not enabled.

With a valid membership play at the next level on our full featured Online Nmap Port Scanner.


Remove limits & captcha with membership

Common TCP Ports

   21    FTP File Transfer Protocol is a very common service from the early days of the Internet. Allowing transfer of files. A key point on today's modern Internet is that FTP is not an encrypted protocol.
   22    SSH Secure Shell is a protocol from remote access to systems usually in a "Terminal Shell". It is an encrypted protocol that performs a similar function to the clear text telnet.
   23    Telnet Legacy remote management service. Access to text shell on remote system. No encryption.
   80    HTTP Hyper Text Transport Protocol is the service that delivers web pages to a browser.
  443   HTTPS The Secure version of HTTP, this performs the same service of web page delivery but is encrypted using SSL or TLS.
 3389  RDP Remote Desktop Protocol is a way to remotely access Windows based systems, giving the user a full desktop environment of the remote computer.

What is this TCP Port Scan?

The TCP Port Scan will test an IP Address for common open ports. This technique of testing for listening services is known as a port scan. Try our advanced online port scanner that is able to scan any IP Address or IP range and all 65535 ports.

Test Firewall through Port Status

By reviewing the results of a TCP Port Scan, it is usually possible to determine whether a Firewall is present and blocking all traffic to ports that are not available. If some ports are in a closed state and some filtered, this indicates a firewall or router may be blocking traffic but is not necessarily configured correctly, as closed ports, in most cases, should be filtered by the firewall.

The example below shows ports that are listed as closed responded to the scan with a TCP RST. This indicates there is no service listening on that port. The filtered services did not respond, and the open port responded with a full three-way handshake. Check out the Nmap Tutorial for a more in depth explanation.

Nmap scan report for falcon (172.16.2.100)
Host is up (0.00042s latency).
PORT    STATE  SERVICE
21/tcp  filtered ftp
22/tcp  closed ssh
23/tcp  filtered telnet
80/tcp  open   http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds

IPv6 Port Scan

It is very important when port scanning targets to test both IPv4 and IPv6 addresses. A system administrator needs only to make a small mistake that can have big consequences. A well configured firewall may protect a system from connections on the IPv4 interface but without a matching IPv6 firewall the host may be vulnerable.

:~$ dig +short -t aaaa scanme.nmap.org
2600:3c01::f03c:91ff:fe18:bb2f

Starting Nmap 7.70 ( https://nmap.org ) at 2021-03-12 00:48 UTC
Nmap scan report for scanme.nmap.org (2600:3c01::f03c:91ff:fe18:bb2f)
Host is up (0.070s latency).

PORT     STATE  SERVICE
21/tcp   closed ftp
22/tcp   open   ssh
23/tcp   closed telnet
80/tcp   open   http
110/tcp  closed pop3
143/tcp  closed imap
443/tcp  closed https
3389/tcp closed ms-wbt-server

Nmap done: 1 IP address (1 host up) scanned in 0.32 seconds

API for the TCP Port Scan (BETA)

In addition to the web form on this page, there is another way to quickly check the port status of the four ports. With this simple API, curl or any other HTTP based tool or software can be used to get the status of ports and often the presence of a firewall. Output is of content type text.

https://api.hackertarget.com/nmap/?q=8.8.8.8&apikey=**apikeyrequired**

The API is simple to use and aims to be a quick reference tool. Like all our IP Tools there is a limit of 50 queries per day or Remove limits with a Full Membership..

For those who need to send more packets upgrade to HackerTarget.com Enterprise Plans.

Have you seen our other Free IP and Network Testing tools.

Discover. Explore. Learn.

Next level testing with advanced Security Vulnerability Scanners.

Trusted tools. Hosted for easy access.