How To check open ports for remote Hosts
Sometime while working with machine we need to know about open ports on some specific remote machines. So in Linux/Unix machines we have many tools which could be used to check open ports. In this post we will try to cover How To check open ports. We going to talk about various tools which could check open ports on remote machines.
So we have some commands to check remote open ports. We can start with Telnet.
Telnet :- Open ports
We can use telnet command to check open ports on remote hosts, like below. . .
telnet google.com 80 telnet google.com 443
ssirohi@jarvis:~$ telnet google.com 80 Trying 184.108.40.206... Connected to google.com. Escape character is '^]'. ^] telnet> q Connection closed. ssirohi@jarvis:~$ telnet google.com 443 Trying 220.127.116.11... Connected to google.com. Escape character is '^]'. ^] telnet> q Connection closed.
Like above we can use telnet command to know is specific port is open on remote host or not, like if we found ports is not open we will not get this output like below for long time.
Gssirohi@jarvis:~$ telnet google.com 1234 Trying 18.104.22.168... ^C
We can also use nmap command, which is same also have capabilities to do many things, but we can also use it to check open ports ,advantage is this command could check multiple ports in once, like below.
ssirohi@jarvis:~$ nmap -p 443,80,1234 google.com Starting Nmap 7.60 ( https://nmap.org ) at 2020-02-09 13:19 GMT Nmap scan report for google.com (22.214.171.124) Host is up (0.0053s latency). rDNS record for 126.96.36.199: any-in-2678.1e100.net PORT STATE SERVICE 80/tcp open http 443/tcp open https 1234/tcp filtered hotline Nmap done: 1 IP address (1 host up) scanned in 1.26 seconds
NC: Netcat command
There is another command to work on this named NC which usually called Netcat. We can use this command for many purpose but we can use this to know open ports on remote hosts, like a below command and output.
ssirohi@jarvis:~$ nc -v -w 2 google.com 80 Connection to google.com 80 port [tcp/http] succeeded! ssirohi@jarvis:~$ nc -v -w 2 google.com 443 Connection to google.com 443 port [tcp/https] succeeded!
In above command we can see I tried to check remote hosts open ports and able to see ports is open and we can connect it easily.
But what if we try to connect remote port which is not open, we can connect it with same nc command like below.
ssirohi@jarvis:~$ nc -v -w 2 google.com 1234 nc: connect to google.com port 1234 (tcp) timed out: Operation now in progress
In above command we used to connect through 1234 port of Google with timeout of 2 seconds and after this Operation now in progress comes which seems we are not able to connect port in mentioned time, We can increase that time in case of doubt.
We can also use nping command which comes with nmap package, which we can also used for ping specific port on remote host, this is basically nothing just try connect port on host and host reply on it, see below examples with output
ssirohi@jarvis:~$ nping --tcp -c 1 -p 80,443,22 google.com Starting Nping 0.7.60 ( https://nmap.org/nping ) at 2020-02-09 13:52 GMT SENT (0.0743s) TCP 192.168.0.10:18926 > 188.8.131.52:22 S ttl=64 id=22716 iplen=40 seq=1132398406 win=1480 SENT (1.0745s) TCP 192.168.0.10:18926 > 184.108.40.206:80 S ttl=64 id=22716 iplen=40 seq=1132398406 win=1480 RCVD (1.2687s) TCP 220.127.116.11:80 > 192.168.0.10:18926 SA ttl=124 id=27159 iplen=44 seq=3755754046 win=60720
SENT (2.0758s) TCP 192.168.0.10:18926 > 18.104.22.168:443 S ttl=64 id=22716 iplen=40 seq=1132398406 win=1480 RCVD (2.0847s) TCP 22.214.171.124:443 > 192.168.0.10:18926 SA ttl=124 id=46827 iplen=44 seq=2668323131 win=60720 Max rtt: 194.093ms | Min rtt: 8.860ms | Avg rtt: 101.476ms Raw packets sent: 3 (120B) | Rcvd: 2 (88B) | Lost: 1 (33.33%) Nping done: 1 IP address pinged in 2.12 seconds
In above output, i hope you could notice we try to ping on 22,80 and 443. But as because of obvious reasons 22 port is blocked. Through this way we can also try to check open ports on any remote host with multiple port in one command.
I must say , there could many more ways to check open ports. I would try to involve them to in this post in future.