NetStat.exe
The first tool of note is one many admin and support folk might have heard of; the Windows command line utility called netstat.exe. Netstat.exe, located in the Windows ‘System32’ folder, allows you to view ports that are open or in use on a particular host, but should not be confused with a network port scanner which actually probes a host for open ports.
To view which ports are listening (open) on a local host using netstat, from the command prompt type the following:
netstat –an ¦find /i “listening”
Check open port using PowerShell
Since Microsoft is pushing PowerShell and CMD has become a legacy system, we should be using PowerShell for most of our working. Let’s check whether a remote network port is open and listening or not.
- Open PowerShell by going to Run –> powershell
- Run the following command
tnc google.com -port 80
PortQry.exe
Another really interesting tool to be aware of is PortQry.exe. PortQry.exe is available for download from the Microsoft Download Center and runs as a standalone command line application.
PortQry.exe allows you to scan open ports on a local or remote host. Once you have downloaded and extracted portqry.exe to your machine, open a command prompt, and type portqry.exe followed by a given parameter from the folder that contains the executable.
For example, typing “portqry.exe –local” will show TCP/UDP port usage for the local host. The information shown when using this parameter is similar to that of netstat.exe, however it also shows port statistics such as the number of port mappings and the number of ports in each state.
To view the TCP/UDP open port state of a remote host, type “portqry.exe –n [hostname/IP]” where [hostname/IP] is replaced with the hostname or IP address of the remote host. You can also specify to scan for a particular port using the “-e [port_number]” parameter, a particular range of ports using the “-r [start_range:end_range]” parameter, or a group of ports in a particular order using the “-o [port1, port2, port3]” parameter.
TCPView.exe
Similar to netstat.exe is TCPView.exe which offers a more detailed representation of netstat.exe information in a graphical user interface (GUI). TCPView.exe is available for download from the Microsoft SysInternals website and runs as a standalone application that does not require installation. Using TCPView, not only can you scan open ports but you can also view local and remote TCP connection information such as packets sent and received, the protocol being used, as well as the initiating process.
Using Telnet to Test Open Ports
One of the biggest perks of Telnet is with a simple command you can test whether a port is open. Issuing the Telnet command telnet [domainname or ip] [port] will allow you to test connectivity to a remote host on the given port.
Issue the following command in the Command Prompt:
telnet [domain name or ip] [port]