cmd Portscan - Test devices on the network for their services. (2024)

Network devices use specific network ports for communication. As an example, port 80 or 443 is used to call up a web page of a web server. In order to establish a connection with a web server, it listens on the corresponding port, in the case of a web server on 443. Theoretically, any port could be used by the web server operator for establishing a connection, nevertheless, port numbers are standardized and certain numbers should be used for certain protocols, such as port 80 for unencrypted web server access: http and 443 for encrypted web server access: https.

Aim of this article

query specific devices over the network,
whether these answer to certain network ports

Effort

Reading time: approx. 4 Minutes

Prerequisite

Windows-PC in the network

For testing a certain port in PowerShell the command "Test-NetConnection" can be used, see also PING Port - Windows cmd: PsPing - PowerShell Test-Netconnection. To test which ports are open on a particular device, which network services the device is offering as, the command line tool Nmap can be used:

With the help of the command line tool Nmap, among other things, ports can be scanned very easily. Nmap can be downloaded free of charge from the manufacturer's site: nmap.org/download.html and is also available for Windows in addition to Linux. For Windows, the .zip archive can be downloaded, extracted and started without installation, in addition in the prompt:

To scan all ports of the IP address 192.168.1.5, the following command can be used after changing to the directory with the unpacked nmap files (cd folder name):

nmap 192.168.1.5 -p-

Output:

[+]

cd C:\temp\nmap-7.91-win32C:\temp\nmap-7.91-win32>nmap 192.168.1.5 -p-Starting Nmap 7.91 ( https://nmap.org ) at 2020-11-26 17:18 Mitteleuropäische ZeitNmap scan report for scratch.test (192.168.1.5)Host is up (0.0090s latency).Not shown: 65515 closed portsPORT STATE SERVICE22/tcp open ssh80/tcp open http83/tcp open mit-ml-dev90/tcp open dnsix111/tcp open rpcbind443/tcp open https3000/tcp open ppp3001/tcp open nessus3306/tcp open mysql5983/tcp open unknown6379/tcp open redis6380/tcp open unknown8081/tcp open blackice-icecap8082/tcp open blackice-alerts8086/tcp open d-s-n8123/tcp open polipo9081/tcp open cisco-aqos9082/tcp open unknown40799/tcp open unknown54327/tcp open unknownMAC Address: 00:00:xx:xx:xx:xx (ASRock Incorporation)Nmap done: 1 IP address (1 host up) scanned in 79.68 seconds

The scanned device is my NAS, on which I have installed all kinds of services. In addition to known ports, unknown ports are also displayed. The unknown ports are different services where I used arbitrary port numbers. The used port number is not a guarantee that the protocol used is the one that should be used according to the standard. The command can also be used to test a server on the Internet for its services.

Windows integrated: PowerShell

Alternatively, although much slower, Windows PowerShell can also be used for the port scan:

Net.Sockets.TcpClient instead of Test-NetConnection

Test-NetConnection is nice to check a port, a bit faster is the test via Net.Sockets.TcpClient. Here is an example to scan the first 1024 ports of the IP address 192.168.1.5:

1..1024 | % {write-host ((new-object Net.Sockets.TcpClient).Connect("192.168.1.5",$_)) "Port $_ opened"} 2>$null

Legend:

1..1024Start and end port for the test
192.168.1.5here is an example of the IP address of the computer to be scanned.


Output:

PS C:\Users>1..1024 | % {write-host ((new-object Net.Sockets.TcpClient).Connect("192.168.1.5",$_)) "Port $_ opened"} 2>$null Port 22 opened Port 80 opened Port 83 opened Port 90 opened Port 111 opened

If you have tested the command line, you will notice that the scan is extremely slow. In the example, 1024 of the possible 65535 ports are scanned. This is because one port is tested after the other.

PowerShell >= 7

As of PowerShell version 7, it is possible to use the "-Parallel" parameter in Foreach, which means that several ports can be checked simultaneously: in parallel, which increases the speed enormously. However, Powershell cannot keep up with nmap in terms of performance. In addition, PowerShell 7 is unfortunately not yet available as standard in the current Windows versions and must be installed separately.

If you have installed PowerShell 7, you can use the following command for the portscan:

1..65335 | % -ThrottleLimit 500 -Parallel {write-host ((new-object Net.Sockets.TcpClient).Connect("192.168.1.5",$_)) "Port $_ is open!"} 2>$null

In older PowerShell versions this is also possible, but not in one line:

PowerShell > 4

PowerShell versions smaller than 7 can map the function via a RunspacePool, as an example for a PowerShell PortScanner I found on GitHub

github.com/BornToBeRoot/PowerShell_IPv4PortScanner/blob/master/Scripts/IPv4PortScan.ps1

Conclusion

If you want to get an overview of the local network, you can list all devices of the local network with simple commands, see: Find IP addresses in the network even if their firewall is enabled. The commands listed here can be used to test individual devices for open ports (services): Nmap.

cmd Portscan - Test devices on the network for their services. (2024)

FAQs

How do I check ports on my network device? ›

If you would like to test ports on your computer, use the Windows command prompt and the CMD command netstat -ano. Windows will show you all currently existing network connections via open ports or open, listening ports that are currently not establishing a connection.

How to scan open ports using cmd? ›

Run the command "netstat -ab" in an elevated Command Prompt, PowerShell, or Terminal window to see a list of applications and their associated ports. This works in Windows 11 too.

How to check ports being used using cmd? ›

To find open ports on a computer and to check what application is using specified port, use the netstat command line: Open the command prompt (Start > Run > cmd) and use netstat -ano | find /i "<port_number>". It will show you all processes that use the specified port.

How to check if port 443 is open? ›

Check if port 443 is open:

On Windows: open the Command Prompt on your Windows machine > type telnet <IP address or domain name> 443 and press Enter.

How do I find out what services are running on a port? ›

To list what services are listening* on a particular port on a device in your environment, run the following commands in a Windows Command Line or a Linux Terminal window on the device the port is on: Windows: netstat -ano | findstr [Port Number] Linux: netstat -ano | grep [Port Number]

How to search for a port in cmd? ›

Run the "cmd" command. Type "netstat -ano" followed by ENTER. optionally, you can also use "|" (pipe) followed by the "find" command to define the result more precisely, e.g. to search for port "8080": netstat -ano | find "8080".

How to ping a port using cmd? ›

Pinging a port in Windows 10 is a straightforward process. All you need to do is open the Command Prompt window, type in the ping command followed by the IP address or domain name and the port number, and hit enter. The ping results will then be displayed in the Command Prompt window.

How to check if port 443 is open in Windows cmd? ›

Check if port 443 is open:

On Windows: open the Command Prompt on your Windows machine > type telnet <IP address or domain name> 443 and press Enter. If the command returns “Connected to <IP address or domain name>”, then port 443 is open.

References

Top Articles
GRUPOS 1 Y 2 COTIZADOS EN EL SEPE EN · 3 52486912s fernandez caceres, carmen 8036 4018 0 4018 4018 4 02520455t fernandez rozado, maria cristina 8036 4018 0 4018 4018 5 25104543c - [PDF Document]
Plan de Restauración para la cantera “Zahoreja” en …...MINERALES. 3.1 Instalaciones y servicios auxiliares Plan de Restauración para la cantera “Zahoreja” en el T.M. de - [PDF Document]
Wells Fargo Careers Log In
What happens if I deposit a bounced check?
Displays settings on Mac
Es.cvs.com/Otchs/Devoted
Bowlero (BOWL) Earnings Date and Reports 2024
Curtains - Cheap Ready Made Curtains - Deconovo UK
6813472639
7543460065
My.tcctrack
Patrick Bateman Notebook
DBZ Dokkan Battle Full-Power Tier List [All Cards Ranked]
Aldine Isd Pay Scale 23-24
Tu Pulga Online Utah
College Basketball Picks: NCAAB Picks Against The Spread | Pickswise
Atlases, Cartography, Asia (Collection Dr. Dupuis), Arch…
Integer Division Matlab
Foolproof Module 6 Test Answers
Skycurve Replacement Mat
Ficoforum
City Of Durham Recycling Schedule
4 Methods to Fix “Vortex Mods Cannot Be Deployed” Issue - MiniTool Partition Wizard
Creed 3 Showtimes Near Island 16 Cinema De Lux
Vadoc Gtlvisitme App
Best Laundry Mat Near Me
Die wichtigsten E-Nummern
Frequently Asked Questions - Hy-Vee PERKS
Haunted Mansion Showtimes Near Cinemark Tinseltown Usa And Imax
T&J Agnes Theaters
Waffle House Gift Card Cvs
Final Exam Schedule Liberty University
Srg Senior Living Yardi Elearning Login
Scottsboro Daily Sentinel Obituaries
Collier Urgent Care Park Shore
Admissions - New York Conservatory for Dramatic Arts
Alpha Asher Chapter 130
Mohave County Jobs Craigslist
More News, Rumors and Opinions Tuesday PM 7-9-2024 — Dinar Recaps
Best Restaurants Minocqua
Silive Obituary
Umd Men's Basketball Duluth
Meet Robert Oppenheimer, the destroyer of worlds
Windy Bee Favor
tampa bay farm & garden - by owner "horses" - craigslist
Every Type of Sentinel in the Marvel Universe
Hsi Delphi Forum
Grace Charis Shagmag
Bumgarner Funeral Home Troy Nc Obituaries
Jesus Calling Oct 6
Ff14 Palebloom Kudzu Cloth
Room For Easels And Canvas Crossword Clue
Latest Posts
Article information

Author: Arielle Torp

Last Updated:

Views: 6606

Rating: 4 / 5 (41 voted)

Reviews: 88% of readers found this page helpful

Author information

Name: Arielle Torp

Birthday: 1997-09-20

Address: 87313 Erdman Vista, North Dustinborough, WA 37563

Phone: +97216742823598

Job: Central Technology Officer

Hobby: Taekwondo, Macrame, Foreign language learning, Kite flying, Cooking, Skiing, Computer programming

Introduction: My name is Arielle Torp, I am a comfortable, kind, zealous, lovely, jolly, colorful, adventurous person who loves writing and wants to share my knowledge and understanding with you.