• Subscribe to the low volume list for updates.

Port Scanner Tutorial

What is a Port Scanner : An introduction


A port scanner is a program used in network security testing, monitoring, and troubleshooting. An online port scanner is a scan that is able to externally test your network firewall and open ports because it is sourced from an external IP address. It is powered by a simple port scanner program that is hosted on another system usually with an easy to use web interface.

Network Basics

To understand what a port scanner does, we need to first understand the basics of how the network works. The network could be a local area network in a home or office, or it could be the Internet.

A network includes systems with addresses, and on those systems are Services.

The address is the IP Address. The Service could be many things but is basically software running on the system and accessible over the network on a port number. For example it could be a web server, email server or gaming server.

Port Scanner Tutorial & Tips Contents

An IP Address such as 192.168.1.3 will have a service run on it, this service will listen on a port, for example a web server on port 80, or a mail server on port 110. See below for a list of common ports. Note there are 65535 TCP ports on every IP address.

DNS

Known by hostname, DNS record or domain name. It is a reference to the IP address using an easier to remember name. For example; www.google.com is easier to remember than 74.125.237.17.

When you type www.google.com into a browser you are directed, via the domain name system (DNS), to 74.125.237.17 on port 80. The port 80 is done by the browser automatically. If you type https:// into the browser, you go to a different port --> port 443. This is the standard port for the encrypted SSL protocol.

Common Ports

Here are some common ports found when using a port scanner.

   25    SMTP Email
   22    SSH Secure Shell is a protocol from remote access to systems usually in a "Terminal Shell". It is an encrypted protocol that performs a similar function to the clear text telnet.
   53    DNS The Domain Name System is one of the most common UDP services. It matches host names with IP addresses. DNS is a core part of the Internets plumbing.
   80    HTTP Web Server. The service that delivers web pages to a browser.
  443   HTTPS Web Server. The Secure version of HTTP, this performs the same service of web page delivery but is encrypted using SSL or TLS.
  445   Windows Communication Protocol. File Sharing etc.
 8080  Proxy Server
  110   POP3 Email Server
  143   IMAP Email Server

A more complete list of ports can be found at Wikipedia.

Testing a Home Router or Small Business for Open Ports

The diagram below shows a number of devices behind a typical broadband router. It is necessary to know if any ports are open on the Internet facing interface, as these are accessible by anyone on the Internet.

Open ports on a broadband router could be management ports. These allow a remote user to change the configuration of the router. Another form of an open port on the broadband router is a port that is forwarded to internal systems.

What is Port Forwarding

Port forwarding allows internal hosts to provide services on the Internet facing device. Port forwarding is often used in gaming or to host something such as a web server or email server on the broadband Internet connection.

Home Network Port Scanner

NMAP Port Scanner

The Nmap port scanner is the worlds leading port scanner. It is very accurate, stable and a large amount of options. For more information and installation instructions head over to the Nmap Tutorial: from basics to advanced tips page or nmap.org

Sample Nmap Scan from HackerTarget.com

Starting Nmap 7.60 ( https://nmap.org ) at 2021-09-16 23:10 UTC
Interesting ports on 123.123.123.123:
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
25/tcp open smtp 
80/tcp open http Apache httpd 
443/tcp closed https
Service Info: OS: Linux

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 64.27 seconds

We have scanned the IP Address: 123.123.123.123

Understanding Port Scanner Results

From outside the firewall, a Port Scanner can test every port on the servers IP address. There are 65535 total TCP ports on every IP address. There are also 65535 ports on the UDP protocol.

Open Port

An open port is one that has allowed a full three-way TCP connection to be established. The port scanner, in this case, has found a port that responded as available to the scan, and the connection established. Secondary data from an open port is known as a banner. A banner is a text response that includes the type and sometimes version of the server listening.

Closed Port

A Closed Port indicates that the port scan on that port was allowed through the firewall (or NAT device) but no port was listening. Instead, the device responded with a TCP RST or RESET.

Filtered Port

Filtered Ports are those that did not respond at all. These are typical of the response from a firewall. The actual firewall simply drops the port scan packet and does not respond in any way.

In Conclusion

Now that you have an understanding of what a port scanner is, head the Online Nmap Scan testing page and run a Free port scan. The advantage of using our server is that it is external facing to your network and will see what any other external attacker on the Internet will see.

You can also install Nmap yourself and run it against your network. The results will likely be different to that of the external facing scan.

Know when your attack surface changes
Hosted Nmap scanning allows you to scan any IP adddress to find open services and firewall configuration.

Use NMAP ONLINE today