The port scanner tool
Using the port scanner tool, you can scan any server, host, or firewall for open ports, accessible
from the Internet. This tool scans the +75 commonly used ports.
The tool will also probe some of the most common protocols - i.e., the tool will initiate
communication and display the information that comes back. This applies to DNS, HTTP, HTTPS,
SMTP, FTP, POP3, and the like.
Using the tool, you can learn many valuable things about a given server. The tool scans and
reveals all passively available information about the server: Which protocols it communicates
via, which services it makes available, which types of software it runs, and in some cases even
version numbers of the individual server programs.
This is extremely valuable information - whether you want to protect your network or want to
see what your competitor is doing.
Samples
Port scan 'dns.google'
Port scan 'www.db4free.net'
Port scan 'ftp.gnu.org'
Port scan 'iamroot.tech'
What ports do the tool scan?
As mentioned, the tool scans the +75 commonly used ports. They ports are within these categories:
- Ping
- Web services (HTTP, etc.)
- Email Services (SMTP, POP3, etc.)
- Database Services (SQL server, MySQL, etc.)
- File Transfer Services (FTP)
- Remote Access Services (SSH, Telnet, RDP, etc.)
- Remote Management Services (cPanel)
- Domain and DNS Services (DNS, WHOIS)
- VPN Services (IPsec, OpenVPN, etc.)
- VoIP Services (SIP, RTP, etc.)
- Streaming Services (RTSP, RTMP)
- Monitoring Services (Prometheus, Zabbix, etc.)
- Backup and Disaster Recovery (Veeam, Acronis)
- Proxy Services (SOCKS, HTTP, Squid, etc.)
- Virtualization Platforms (VMware, Hyper-V, Proxmox)
- Version Control Systems (Git, SVN)
- Containerization and Orchestration Platforms (Docker, Kubernetes)
What is port scanning used for?
As you may sense, port scanning can be used in several different ways.
So the application of this method and this tool depends on your point
of view. Here I will only describe the application options for you
as a system administrator.
As an administrator of a server, you want to make sure that only the
absolutely necessary ports are open. Each open port constitutes an
attack vector. So as an administrator you should be completely aware
of which ports are open on your server and why they are open. This is
essential in keeping your server secure.
You should also be aware if some of your server applications send
version info back on a simple probe. If a malicious attacker can
see that you have an outdated FTP server running, it is an obvious
place to attack. You should therefore turn off these kinds of
messages - it serves no purpose to share that information.
Is port scanning legal?
Yes! Although it may be controversial, there is nothing illegal or
wrong about port scanning.
In the same way that port scanning can be used as an attack to
detect weaknesses, it is also one of the best ways to secure
and validate one's own server.
There are open ports on my machine - what do I do?
Once you know which ports are open, assess the services associated with those ports.
Determine whether these services are necessary for your system's operation.
For ports associated with services that aren't essential,
consider closing them to prevent potential unauthorized access. This can typically
be done through your system's firewall settings or by configuring the respective
service.
If you're unsure about how to proceed or suspect a security breach, either contact your
systems administrator and/or consulting a cybersecurity expert for guidance on
securing your system.