How to check closed ports. How to check for TCP connections (open ports on a Windows computer)
To understand how a pair of computers that communicate with each other using the TCP/IP protocol works, you need to know that for their interaction, a communication channel (Session) is established through which they will transmit information to each other. So that the computer sending the data is sure that it is reaching the appropriate program on the right computer, and the receiving computer understands that the received data came from the right computer and for the right program, communication is established according to the server-client scheme on a pre-agreed communication channel. This communication channel is called "Port".
The program on the server is configured in such a way that it is in request mode from the client program. In other words, it “listens” to a predetermined port (communication channel). The client is configured to send requests exclusively to a pre-agreed port. For convenience, they are numbered from 0 to 65535.
There are generally accepted ones that are assigned to frequently used and popular programs, for example, The Bat and Outlook Express mail programs use port 110. In general, this port is reserved for all programs that connect to mail servers. So, browsers have their own port reserved – 80. It is intended for viewing from all browsers.
In the process of working with a computer, especially with anti-virus programs that protect access to the Internet, the need arises to independently enable a network game or program to connect with other users. To do this, you need to make sure that the port requested by such an application is free from other applications, and also prevent the antivirus program from blocking this port.
To do this, using the “Run” command, which is available after activating the “Start” button, enter the netstat console command. To check the open port yourself and at the same time view
When an application or service on a computer works with the network, a logical port is opened, reserving a number through which information is transferred to remote servers or clients. According to the TCP/IP protocol, a number is taken from 0 to 65535. And the meaning of these actions is that it is unique for each application and unambiguously determines “who” the received data belongs to.
But the selected number is not always available - it may be busy or open by another program. And sometimes it becomes necessary to enter this “number” manually. In order not to sort through everything, the user can quickly check the ports for openness, then selecting any free one. But alas, not everyone has an idea of how this can be done. Let's talk about the simplest and easiest verification methods:
- standard method;
- use of online verification service sites;
- analysis of port availability through specialized utilities/applications.
To solve the problem, it is not at all necessary to resort to tricks or third-party applications. You can take advantage of the system’s capabilities, which also allow you to find out the answer to the question: is the port open?
To do this you will need to launch the command line. This can be done either using the “Run” window or through the search. In versions of Windows 7 and below, click “Start”, in 8.1 - the Start button. Enter and find cmd, this is the command line. You need to run it using the right mouse button, as an administrator. Then you can enter one of two commands:
- netstat -a - shows open (listening, active - established, waiting - time_wait) and closed ports;
- netstat -aon | more - list of available ones.
The second option is convenient in that it can be used to find out which program is bound to a particular port. To do this, look in the PID column - there is a number indicated there that is the process identifier. Launch the task manager or go to the “Details” tab (for Windows 8 and 8.1) and look for the number in the “Process ID”. If the name of the application is unfamiliar or seems suspicious, then right-click on it and select “Open location”.
Checking the port for availability using online services
If your computer has access to the Internet, then you don’t even have to bother with the command line and other “wisdom”, instead finding one of the many special service sites that check the openness of ports in just a few mouse clicks. You just need to enter the required number in the column and click the “Check” button. The results are as follows:
Port closed
It is impossible to connect using it. Various malware or hackers will also not be able to use the port to hack, attack or obtain data from the computer. A high level of protection from network threats is precisely characterized by the fact that all unknown ports must be closed. But a large number of “numbers” open to external access - bad indicator.
However, the reason for the unavailability of a port may be incorrect configuration of the application or network equipment working with it. Just in case, you can check the firewall for network access and installed programs.
A port can also be closed due to a very slow connection: a situation where it is actually open, but the response time on the network is too high. Then connection becomes problematic or completely impossible.
Port is open
Selected ID number available for connection and internet. If that's what you need, great. But when it actually should be closed, it is necessary to find out the reason for the “openness”.
First of all, running applications and services are checked. It may be used by some of them to log out and work online. But there is a small chance that the open port is being used externally or is the result of active virus activity. In this case, checking with an antivirus will also not be superfluous.
How else can you check if the port is open?
If the first and second methods are not suitable for some reason, then you can approach the problem differently: there are a huge number of different useful programs that, for a fee or free of charge, will provide comprehensive information on the ports available on the computer. At the same time, on the Internet you can find utilities that are quite simple both in terms of use and the information they provide. Examples of such applications include Free Port Scanner And CurrPorts- both of them are free.
How to close it?
Having figured out how to check whether a port is open, the user may be interested in another question: if it is still active, then how to close it if necessary? It's actually not that difficult.
The main thing is to find and eliminate the reason that makes it accessible. If this is a program process or a running service, then it must be found through the task manager and closed or stopped. But it also happens that ordinary applications have nothing to do with it... then there is every reason to carefully check your computer with an antivirus for the possible presence of malicious software. If access to the Internet is via a router, find and delete unnecessary port forwarding rules. And for additional protection, you can install a more advanced firewall.
Video
In this video you will learn how to check open ports and determine who is using them.
Didn't get an answer to your question? Suggest a topic to the authors.
Now we will deal with the question of what open ports are. This issue should be sorted out if Internet traffic begins to “suddenly go away” into the unknown. First of all, you should look at where, what program and what exactly it uses. Based on such information, the situation can be corrected.
Network Applications
There is a situation when an application that uses the network to run does not want to work. If so, it is worth which program uses for its own work. Situations when you need to find out the list of open ports occur quite often.
To view the list, you must use either a third-party or a standard utility for Windows and Linux operating systems: netstat. It is launched from the usual command line. First, call the command line. This can be achieved in two ways. For the first option, go to the Start menu and click on Run.
In the window that appears, enter “cmd”, then press “Enter”. Another method is to launch the required command line “with your own hands”, that is, by going to the “System32” folder, use the “cmd.exe” program.
Netstat
To find out which ones, in the next step we run the “netstat” utility. To do this, enter “netstat” into the command line that you launched earlier, then press “Enter”.
Those users for whom this information is not enough can access the capabilities of this utility by running it with the special switch -h, in other words, try entering “netstat -h” into the command line. If you use the “netstat -b” key, the utility will show open ports, as well as applications that use these ports for their own work.
There is another useful key “netstat 5”. If you use it, you will see not only open ports, but also the ability to stream information updates, new data will be displayed every 5 seconds. To stop the appearance of information with the specified key, you must use the keyboard shortcut “Ctrl+C”.
Studying the information received
The command prompt window will show open ports. It will look like this: directly divided into 4 parts. The left column will display the protocol name, the second - the domain, and after the colon the open port itself, the third part - the external address, the fourth - the state.
Opening ports on Windows
Next we'll look at Windows. Users can perform the operation of opening ports on Windows 7 and Vista by using standard tools of the operating system itself without using special software from third-party developers.
Click the “Start” button to bring up the main menu of the system, go to the “Control Panel” item in order to initiate the procedure for opening ports in the Windows firewall.
Select the “Security” item and go to the “Windows Firewall” section. Select the item called “Advanced options”, which is located on the left side of the application window. After this, enter the administrator password. It must be entered in the appropriate field after the authorization window appears.
Expand the link that talks about allowing the program to run through the Windows Firewall, and select the section about the rules for incoming connections. We indicate the item called “Create a rule”, run the “Add port” function to perform the operation of opening the specified port. Click the “Next” button and enter a name that allows you to associate the specified open port.
For this purpose, the corresponding “Name” field is provided. Enter the number of the selected port in the corresponding “Port” field and click the “Next” button. We indicate the desired one (it can be TCP or UDP) in the next one, which is dedicated to ports and protocols. Apply the checkbox for the “Allow connection” item by moving to the next “Actions” window.
Final stage
Apply the checkboxes for all the fields in the next dialog box called “Profile”, click the “Done” button to apply the selected changes. Click the button called “Change Scope” to select the option for the number of computers that have permission to use the selected port. Specify the required value.
We repeat the above procedures for each of the ports that are to be opened. Reboot the computer to apply the selected changes. It should be remembered that the described algorithm of actions will allow you to open ports only in the firewall of a personal computer, but is not related in any way to the permissions of a specific Internet connection provider.
To solve such problems, you need to contact a representative of your provider company directly. When connecting to the Internet, the system allocates ports to programs that work with the network through which data is received and sent. Ports can be not only open, but also closed.
From the translator. Hello, today I want to publish a translation of an article with a list of services that will help you find open ports on servers. I hope that the article will be useful.
If you host your web applications on an administered server or shared hosting, then you have nothing to worry about. However, for a virtual or dedicated server, you must provide every security option for your server.
Having unnecessary ports open is a bad idea that an attacker can take advantage of in a variety of ways. 
Below are free online services that will help you find out if ports are open so you can check and block them if they are not in use.
Note: if you run a port scanner for your site's DNS, and it is behind a proxy such as CloudFlare or SUCURI, it may not return accurate information. Use the real server IP address.
Port scanner from MX ToolBox
MX Toolbox tries to check the 15 most frequently used ports with a timeout of 3 seconds and gives results which ones are open and which ones are not.
Online port scanner
This tool is a personal project of Javier Yanez, which allows you to scan ports for IPv4 and IPv6 addresses for free.
Port scanner from T1 Shopper
Scans one or a range of ports listening on a server with a specified IP. This is useful if you only want to scan selected ports.
Port scanner from Hacker Target
Performs a quick scan of the six most common ports (FTP, SSH, SMTP, HTTP, HTTPS, RDP) with an NMAP port scanner.
Port scanner from DNS Tools
Quickly scans some common ports such as FTP, SMTP, DNS, Finger, POP3, SFTP, RPC, IRC, IMAP, VNC, etc.Sources: Wikipedia, Microsoft, portscan.ru
How to find out which ports are open on a computer?
- For Windows: Start → “cmd” → Run as administrator → “netstat -bn”
- In an antivirus program such as Avast, it is possible to view active ports in the Firewall: tools -> Firewall -> Network connections.
Also useful netstat commands:
To display both the Ethernet statistics and the statistics for all protocols, type the following command:
netstat -e -s
To display the statistics for only the TCP and UDP protocols, type the following command:
netstat -s -p tcp udp
To display active TCP connections and the process IDs every 5 seconds, type the following command:
nbtstat -o 5
To display active TCP connections and the process IDs using numerical form, type the following command:
nbtstat -n -o
The following status values are valid for TCP sockets:
| CLOSED | Closed The socket is not in use. |
| LISTEN (LISTENING) | Waits for incoming connections. |
| SYN_SENT | Actively trying to establish a connection. |
| SYN_RECEIVED | The initial connection synchronization is in progress. |
| ESTABLISHED | The connection has been established. |
| CLOSE_WAIT | The remote party has disconnected; waiting for the socket to close. |
| FIN_WAIT_1 | The socket is closed; disconnecting the connection. |
| CLOSING | The socket is closed, then the remote side disconnects; waiting for confirmation. |
| LAST_ACK | The remote side disconnected, then the socket is closed; waiting for confirmation. |
| FIN_WAIT_2 | The socket is closed; waiting for the remote side to disconnect. |
| TIME_WAIT | The socket is closed, but is waiting for packets still on the network to be processed |
List of most commonly used ports
| № | Port | Protocol | Description |
|---|---|---|---|
| 1 | 20 | FTP Data | File Transfer Protocol - file transfer protocol. Data port. |
| 2 | 21 | FTP Control | File Transfer Protocol - file transfer protocol. Command port. |
| 3 | 22 | SSH | Secure SHell - “safe shell”. Protocol for remote control of the operating system. |
| 4 | 23 | telnet | TERminaL NETwork. Protocol for implementing a text interface over the network. |
| 5 | 25 | SMTP | Simple Mail Transfer Protocol - a simple mail transfer protocol. |
| 6 | 42 | WINS | Windows Internet Name Service. Service for mapping NetBIOS computer names to host IP addresses. |
| 7 | 43 | WHOIS | "Who is". Protocol for obtaining registration data about domain name owners and IP addresses. |
| 8 | 53 | DNS | Domain Name System - domain name system. |
| 9 | 67 | DHCP | Dynamic Host Configuration Protocol - protocol for dynamic host configuration. Obtaining dynamic IPs. |
| 10 | 69 | TFTP | Trivial File Transfer Protocol - a simple file transfer protocol. |
| 11 | 80 | HTTP/Web | HyperText Transfer Protocol - hypertext transfer protocol. |
| 12 | 110 | POP3 | Post Office Protocol Version 3 - protocol for receiving email, version 3. |
| 13 | 115 | SFTP | SSH File Transfer Protocol. Secure data transfer protocol. |
| 14 | 123 | NTP | Network Time Protocol. A protocol for synchronizing the computer's internal clock. |
| 15 | 137 | NetBIOS | Network Basic Input/Output System. Protocol for providing network input/output operations. Name service. |
| 16 | 138 | NetBIOS | Network Basic Input/Output System. Protocol for providing network input/output operations. Connection service. |
| 17 | 139 | NetBIOS | Network Basic Input/Output System. Protocol for providing network input/output operations. Session service. |
| 18 | 143 | IMAP | Internet Message Access Protocol. Application layer protocol for accessing email. |
| 19 | 161 | SNMP | Simple Network Management Protocol - a simple network management protocol. Device management. |
| 20 | 179 | BGP | Border Gateway Protocol, border gateway protocol. Dynamic routing protocol. |
| 21 | 443 | HTTPS | HyperText Transfer Protocol Secure) is an HTTP protocol that supports encryption. |
| 22 | 445 | SMB | Server Message Block. A protocol for remote access to files, printers and network resources. |
| 23 | 514 | Syslog | System Log. A protocol for sending and recording messages about ongoing system events. |
| 24 | 515 | LPD | Line Printer Daemon. Protocol for remote printing on a printer. |
| 25 | 993 | IMAP SSL | IMAP protocol supporting SSL encryption. |
| 26 | 995 | POP3 SSL | POP3 protocol supporting SSL encryption. |
| 27 | 1080 | SOCKS | SOCKet Secure. Protocol for obtaining secure anonymous access. |
| 28 | 1194 | OpenVPN | Open implementation of Virtual Private Network (VPN) technology. |
| 29 | 1433 | MSSQL | Microsoft SQL Server is a database management system. Database access port. |
| 30 | 1702 | L2TP (IPsec) | Protocol for supporting virtual private networks. As well as a set of data protection protocols. |
| 31 | 1723 | PPTP | Tunnel protocol for a secure connection with a point-to-point server. |
| 32 | 3128 | Proxy | At the moment, the port is often used by proxy servers. |
| 33 | 3268 | LDAP | Lightweight Directory Access Protocol - lightweight access protocol to directories (directory services). |
| 34 | 3306 | MySQL | Access to MySQL databases. |
| 35 | 3389 | RDP | Remote Desktop Protocol - remote desktop protocol for Windows. |
| 36 | 5432 | PostgreSQL | Access to PostgreSQL databases. |
| 37 | 5060 | SIP | Protocol for establishing a session and transmitting multimedia content. |
| 38 | 5900 | VNC | Virtual Network Computing is a system for remote access to a computer desktop. |
| 39 | 5938 | TeamViewer | TeamViewer is a system for providing remote computer control and data exchange. |
| 40 | 8080 | HTTP/Web | An alternative port for the HTTP protocol. Sometimes used by proxy servers. |
| 41 | 10000 | NDMP | Popular port: Webmin, SIP-voice, VPN IPSec over TCP. |
| 42 | 20000 | DNP |
