• Home
  •  > 
  • Education and science
  •  > 
  • How to find out open ports by IP. How to check for TCP connections (open ports on a Windows computer)

How to find out open ports by IP. How to check for TCP connections (open ports on a Windows computer)

The (listening, for connections) port is used to provide connections between multiple programs. Some ports are occupied by system services and therefore cannot be used by other services.

Port 80 is for the HTTP protocol to connect to the Internet, and the POP3 mail protocol uses port 110. If 80 is closed, it is therefore impossible to transmit data over the Internet. Therefore, sending and receiving mail is prohibited with port 100 closed.

System programs are assigned ports numbered from 0 to 1023. User programs use numbers from 1024 to 49151 to connect. Ports from 49152 to 65535 are called dynamic and are used for temporary client-server connections.

Ports are in the following states:

  • ready to receive packages;
  • the port is blocked by a firewall, the state cannot be determined;
  • locked and not associated with applications, can be opened;
  • the condition cannot be determined.

Method 1: Online services

This is a very simple way to check if a port is open on the computer you are using.

By default, you are prompted to select frequently used ports and check them. This:

  • 25565 for the game "Minecraft";
  • 8621 commonly used by Ace Stream for TV broadcasts;
  • 80 for HTTP protocol;
  • 7777;
  • 27016;
  • 8080 to connect to the server.

How to check if a port is open on a computer? All you need to do is select the one you are interested in and wait for a response. In addition, you can:

  • check your IP;
  • get detailed information about the site;
  • find out the connection speed;
  • find out site traffic;
  • check the existence of the email.

Method 2: CurrPorts

You can check if the port is open using third-party software CurrPorts.


Intended for network monitoring, displays a list of all currently open ports on the local computer. As a result, the following information is displayed:

  • port number;
  • process name;
  • full process path;
  • version;
  • file description;
  • creation time;
  • the name of the user who created it.

In addition, using the program you can close unwanted TCP connections, terminate processes on specified ports, and copy information about ports to a file. The software is designed for Windows, starting from version XP.

Method 3: netstat

One quick way to check whether a port is open on a computer or server is from the command line using the netstat utility.


Allows you to monitor incoming and outgoing network connections and view the routing table. Available for unix-like operating systems and Windows OS.

Using some parameters, you can filter the information displayed on the screen.

  1. The routing table is displayed using netstat -r (the -r or --route parameters are added to the command name).
  2. The interface table is output in the form netstat -i or netstat --interfaces.
  3. To display network statistics you need to add -s.
  4. Verbose output is provided using the -v option.
  5. To display the timer, add the -t parameter;
  6. Continuous input is specified with -c.
  7. To print the address and port numbers in numeric format without names, issue netstat -n.
  8. Displays the connection by protocol, and is specified as "-p protocol_name".

Method 4: telnet

Another effective way to check if a port is open is to use telnet.


As a rule, the utility is available on most systems. To check the availability of addresses use:

Telnet IP_address

It is possible to enable debugging mode and display detailed information during operation. To do this, add the -d parameter, specify the address and port number. For example:

Sudo telnet -d localhost 22

To check if a port is open via IP:

Telnet address_IP port_number

You can test the site, collect requests, and see all the transferred data with the command:

Telnet site_address ru 80 GET /

Thus, the page is returned, the headers that the browser displays.

Method 5: tcping

How to check if a port is open on a computer? You can use the tcping command. It is only available for Windows servers. The utility must be downloaded before use.

Diagnostics of port availability is carried out in the form:

Tcping [-tdsvf46] [-i interval] [-n times] [-w interval] [-b n] [-r times][-j depth] [--tee filename] [-f] destination

Designation of some options:

  • 4 - use of IPv4;
  • 6 - use of IPv6;
  • n - number of sent pings (default 4);
  • i - interval between sending pings (default 1);
  • w - interval between responses (default 2);
  • d - display the date and time of the request;
  • f - forced sending of at least 1 byte;
  • g - stop after a specified number of unsuccessful pings;
  • v - print version and exit;
  • --tee _filename_ - duplicating the result into a text file;
  • --append - if --tee is used, instead of overwriting the contents of the file, the new information is appended to the existing one;
  • port - port number;
  • h - use http mode;
  • u - display the URL on each line;
  • post - use POST instead of GET in http mode;
  • head - use HEAD instead of GET;
  • shortcut call to http mode.

Method 6: nmap

How to check if a port is open on a router?


This is easy to do using the nmap utility. You can set the occupancy of a certain port of an IP address as follows:

Nmap -sP IP_address/port_number

General command syntax:

Nmap [scan types] [options] (specifications)

It is not necessary to set the keys - in this case, all open ports and programs that listen to them will be checked.

To find out the software used:

Nmap -sV site

If you need to scan several sites, they are indicated separated by a space.

You can scan a range of addresses like this:

Nmap -sP x-y

where x is the address from which the range begins, y is where it ends.

The utility has a Zenap graphical shell. In addition to the fact that it performs all the functions of nmap, it can build a network map.

Now we will deal with the question of what open ports are. This issue should be sorted out if Internet traffic begins to “suddenly go away” into the unknown. First of all, you should look at where, what program and what exactly it uses. Based on such information, the situation can be corrected.

Network Applications

There is a situation when an application that uses the network to run does not want to work. If so, it is worth which program uses for its own work. Situations when you need to find out the list of open ports occur quite often.

To view the list, you must use either a third-party or a standard utility for Windows and Linux operating systems: netstat. It is launched from the usual command line. First, call the command line. This can be achieved in two ways. For the first option, go to the Start menu and click on Run.

In the window that appears, enter “cmd”, then press “Enter”. Another method is to launch the required command line “with your own hands”, that is, by going to the “System32” folder, use the “cmd.exe” program.

Netstat

To find out which ones, in the next step we run the “netstat” utility. To do this, enter “netstat” into the command line that you launched earlier, then press “Enter”.

Those users for whom this information is not enough can access the capabilities of this utility by running it with the special switch -h, in other words, try entering “netstat -h” into the command line. If you use the “netstat -b” key, the utility will show open ports, as well as applications that use these ports for their own work.

There is another useful key “netstat 5”. If you use it, you will see not only open ports, but also the ability to stream information updates, new data will be displayed every 5 seconds. To stop the appearance of information with the specified key, you must use the keyboard shortcut “Ctrl+C”.

Studying the information received

The command prompt window will show open ports. It will look like this: directly divided into 4 parts. The left column will display the protocol name, the second - the domain, and after the colon the open port itself, the third part - the external address, the fourth - the state.

Opening ports on Windows

Next we'll look at Windows. Users can perform the operation of opening ports on Windows 7 and Vista by using standard tools of the operating system itself without using special software from third-party developers.

Click the “Start” button to bring up the main menu of the system, go to the “Control Panel” item in order to initiate the procedure for opening ports in the Windows firewall.

Select the “Security” item and go to the “Windows Firewall” section. Select the item called “Advanced options”, which is located on the left side of the application window. After this, enter the administrator password. It must be entered in the appropriate field after the authorization window appears.

Expand the link that talks about allowing the program to run through the Windows Firewall, and select the section about the rules for incoming connections. We indicate the item called “Create a rule”, run the “Add port” function to perform the operation of opening the specified port. Click the “Next” button and enter a name that allows you to associate the specified open port.

For this purpose, the corresponding “Name” field is provided. Enter the number of the selected port in the corresponding “Port” field and click the “Next” button. We indicate the desired one (it can be TCP or UDP) in the next one, which is dedicated to ports and protocols. Apply the checkbox for the “Allow connection” item by moving to the next “Actions” window.

Final stage

Apply the checkboxes for all the fields in the next dialog box called “Profile”, click the “Done” button to apply the selected changes. Click the button called “Change Scope” to select the option for the number of computers that have permission to use the selected port. Specify the required value.

We repeat the above procedures for each of the ports that are to be opened. Reboot the computer to apply the selected changes. It should be remembered that the described algorithm of actions will allow you to open ports only in the firewall of a personal computer, but is not related in any way to the permissions of a specific Internet connection provider.

To solve such problems, you need to contact a representative of your provider company directly. When connecting to the Internet, the system allocates ports to programs that work with the network through which data is received and sent. Ports can be not only open, but also closed.

To understand how a pair of computers that communicate with each other using the TCP/IP protocol works, you need to know that for their interaction, a communication channel (Session) is established through which they will transmit information to each other. So that the computer sending the data is sure that it is reaching the appropriate program on the right computer, and the receiving computer understands that the received data came from the right computer and for the right program, communication is established according to the server-client scheme on a pre-agreed communication channel. This communication channel is called "Port".

The program on the server is configured in such a way that it is in request mode from the client program. In other words, it “listens” to a predetermined port (communication channel). The client is configured to send requests exclusively to a pre-agreed port. For convenience, they are numbered from 0 to 65535.

There are generally accepted ones that are assigned to frequently used and popular programs, for example, The Bat and Outlook Express mail programs use port 110. In general, this port is reserved for all programs that connect to mail servers. So, browsers have their own port reserved – 80. It is intended for viewing from all browsers.

In the process of working with a computer, especially with anti-virus programs that protect access to the Internet, the need arises to independently enable a network game or program to connect with other users. To do this, you need to make sure that the port requested by such an application is free from other applications, and also prevent the antivirus program from blocking this port.

To do this, using the “Run” command, which is available after activating the “Start” button, enter the netstat console command. To check the open port yourself and at the same time view

But, before we begin and begin to identify open ports and the programs that hang on them, I would like, for general understanding, to explain in the simplest language, and tell briefly about what a port is and the type of programs that work like “ Server – Client»

What is the port and type of Server – Client programs?

As you understand, I will not delve very deeply into the essence of the issue and talk in technical, complex language about what a port is, why it is needed, etc. I will try to briefly and in understandable language explain to interested people what it is and why!

If we talk about malware, the situation looks like this. There are two programs " Program - Server" And " Program – Client"The operating principle of such things is as follows:

Program – Server: Always runs on a computer that needs unauthorized access.

Program – Client: Launched by the creators themselves or simply by the user to control a remote computer!

Man using " Client» sends the commands it needs, which the server understands. The server, in turn, accepts commands and performs appropriate actions on the remote computer.

Such malicious things that we are talking about at the moment are called “BackDoor” One of the types of malicious software.

I think this is clear. The server runs on the computer that needs to be robbed, the client runs on the computer from which the attack occurs.

How are connections made?
In order for the “Client” to be able to connect to the “Server” and gain access to a remote computer, the “Server” opens some “PORT” and waits for a connection from the client. Any port can be opened, but in the range “From 0 to 65535” these are the limitations of the TCP/IP protocol

When the “Server” starts, the following happens: The server program opens a certain port, for example “3123” when a request comes from the client to port “3123”, the server understands that it is for him and processes the received data.

By the way: The client must always know exactly what port the server is on.

Since there are also legal programs that use certain ports, for example, email clients, they always take port 25 for sending mail and 110 for receiving. There are many other popular programs and for this reason the range “0 to 1023” is reserved for all popular things.

Therefore, malware rarely uses port numbers from the range “0 to 1023.” If you notice that, for example, port 3123 is open, and you did not help open it, you should make sure that the port is being used by a legitimate program, otherwise you should find and terminate the program that opened this port...

How to find out open ports and programs that use them?

As I said above, we will find out open ports using Windows without using third-party programs, much less online services. To work, we only need the command line.

We run “cmd.exe” and get a list of open ports, as well as the “PID” of processes that use the ports. To do this, use the “netstat” command with the parameters “-a -o” and for convenience, save the result of the command to the “*.txt” file on the “C:\” drive

The final command is:

Default

netstat -a -o > C:\Port.txt

netstat -a -o>C:\Port. txt

After pressing the “Enter” key, you will need to wait a little, not long.

After executing the command, the file “Port.txt” will appear on drive “C”. In this file we can find out the open ports and the “PID” of the processes that occupy the ports.

Looking through the file, you will notice more than one open port on the computer, and some of them are very suspicious. In the screenshot below, I marked the port “3123” that is already familiar to us; I suggest you look at what program it was opened by.

To get the name of the process by its “PID”, use the “tasklist” command and see what kind of crap has opened this port on our computer.

For reference: It was possible to initially use the “netstat” command with the “-a -b” ​​parameters, in which case we would immediately get the names of the processes.

The result of executing the “tasklist” command is also saved to a file on disk for easy viewing.

Default

tasklist > C:\ PID.txt

tasklist>C:\PID. txt

As a result, we get the file “PID.txt” and knowing that port “3123” was opened by a program with “PID - 3264”, we find it and look at the process name.

As you can see, I didn’t try to imagine the name of the program “123.exe”, I decided to just call it “123” and that’s it))

Collecting file and port information :

After receiving a list of open ports, you can find out more information about them. Just use the search “google.ru” and see what they write about this or that port, and then draw conclusions.

Also search the Internet for the names of processes that seem suspicious to you.

You can find a lot of information and find out whether such and such a process is a threat or not. The fact is that some system processes can also open some port for their own purposes and there is no need to kill them, since this can lead to some kind of malfunction in the operation of the entire system.

In conclusion.
We found out - How to find out open ports, on the computer using the command " netstat» You can get more information in the help for this command itself.

As I said above, you could simply use the command parameters “-a -b” ​​and not worry about getting the process name with the “tasklist” command. I did this on purpose to briefly demonstrate for general understanding the operation of the “tasklist” command.

I hope I was able to clearly answer the question, How to find out open ports. And you will no longer have difficulties if you need to find out open ports and programs that use them.

Using standard Windows tools, you can check whether the port that the program uses to operate is closed.
In order to check open/closed Windows ports, you must use the command line. To launch it, press the key combination “Windows + R”. After these steps, a window will open. You need to enter “cmd” in it. After that, press the “Enter” key.

A black window will appear on the screen, which experts call the Windows command line. Now you can run the utility itself, which will allow you to view the list of closed ports. Enter "netstat" into the command.

After entering, press the "Enter" key. The Command Prompt window will display information about all open ports on your computer. It will appear after the domain name of your personal computer and is separated from it by a colon. Please note that everything ports, which are not listed in this list are private. And if the port that your application uses is on this list, then it will need to be closed so that the application can function normally.

Please note

If the information provided is not enough for you, you can explore all the capabilities of the “netstat” utility by running it with the –h switch. This means entering the command “netstat -h” at the command prompt. Then in the window that appears you will see help for the "netstat" program.

Useful advice

There is also a utility called "Windows Worms Doors Cleaner", which can not only show open and closed TCP/UDP ports, but also close the open port itself. Thus, you can further protect your computer from various threats on the Internet, as well as numerous viruses. The "NetStat Agent 2.0" program can replace the built-in "netstat".

Sources:

  • NetStat Agent 2.0

Sometimes a user who wants to control his system as completely as possible needs to clarify which s connections are currently open from his computer. This operation takes no more than a few seconds.

Instructions

First of all, you can use netstat from the standard Windows XP set. To execute it, log into Windows and type “netstat 5” (without quotes). After executing the command, you will see an update every 5 seconds (you can specify any) containing information about open connections, programs using them and ports.

Sources:

  • what port do I have open?

There are many programs running on the computer at the same time. If program uses an Internet connection and is allocated a specific port. Sometimes the user needs to control which port is used by one or another program.

Instructions

The need to determine which ones are used program(or what program uses ports), usually occurs when a computer is suspected of being infected with a Trojan program. If you notice something suspicious, open the command line: “Start” – “All Programs” – “Accessories” – “Command Prompt”.

Type tasklist in the command line and press Enter. You will receive data about all processes running in the system. Pay attention to the PID - process identifier. It will help determine which program uses one port or another.

Type netstat –aon at the command prompt and press Enter. You will see a list of current connections. In the “Local Address” column, the port number is indicated at the end of each line. The PID column contains process identifiers. After looking at the port number and its corresponding PID, go to the list of processes and use the ID number to determine which process is using this port.

If you cannot figure out which program it belongs to by the name of the process, use one of the programs that is suitable for this case. For example, the Everest program, also known as Aida64. Launch the program, open the “Operating System” tab, select “Processes”. In the list of processes, find the one you need and look at its launch line. This will help determine which program the process belongs to.

Use the AnVir Task Manager program for the same purpose. It allows you to monitor all suspicious processes, including processes of programs connecting to the Internet. All suspicious processes are highlighted in red in the program list.

If you see that the port is being used by a program unknown to you, then if there is a current connection in the “External address” column (command netstat –aon) you will see the IP address of the computer with which the connection is established. The “Status” column will contain the value ESTABLISHED – if the connection is currently present; CLOSE_WAIT if the connection is closed; LISTENING if program waiting for connection. The latter is typical for backdoors - one of the types of Trojan programs.

Sources:

  • what ports does skype use

A firewall, also known as a firewall and firewall, is designed to control incoming and outgoing Internet traffic. The security of your network depends on how correctly the firewall is configured.

Instructions

The Windows operating system has a built-in firewall, but its capabilities are very limited, so it is better to use a third-party program. One of the best programs of this type is Outpost Firewall.

Before starting setup, open the main program window. Select “Options” - “System”, then find the “Global rules and rawsocket access” section at the bottom of the tab and click the “Rules” button in it.

In the window that opens, click the “Add” button. In the “Select an event for the rule” field, check the boxes “Where is the protocol”, “Where is the direction” and “Where is the local port”. Below, in the “Rule Description” field, select “Undefined” with the mouse in the “Where is the protocol” line and select the TCP protocol in the window that opens.

In the “Rule Description” field, click “Undefined” in the “Where is the direction” line, select “Incoming (from a remote computer to your computer)” in the connection type. In the same field, click “Undefined” in the “Where is the local port” line and enter the port number that needs to be closed.

In the “Select actions for the rule” field, check the “Block this data” checkbox. Click "OK" - the selected port is closed for incoming connections. You can also close it for outgoing connections by selecting “Outgoing (from your computer to a remote computer)” instead of an incoming connection in the settings described just above.

If you are using a regular firewall Windows, check the list of exceptions: “Start” - “Control Panel” - “Windows Firewall” - “Exceptions”. Uncheck "Remote" if you do not use it. You can disable exceptions altogether by checking the checkbox on the “General” tab in the “Do not allow exceptions” line.

The firewall in Windows 7 has more capabilities than in Windows XP; it can be used to control both individual ports and specified ranges. Create a rule for outgoing connections, when starting the rule creation wizard, select “All programs”. Click “Next”, in the window that opens, select “Block connections”. Click “Next” again, select a profile and specify a rule name. Then in the rule properties specify ports, which the firewall should block. The rule for incoming connections is created in the same way.

Internet applications send data through special ports. A network port is a dedicated system resource that runs on a specific network host. If the port is closed, the program will not be able to access the network, and therefore will not be able to perform its functions correctly.