In Windows, using the command line, how do you check if a remote port is open?

Question

What is a simple way in Windows to test if traffic gets through to a specific port on a remote machine?

Iszi · Answer 1 · 2017-05-25T16:19:49.057

Which version of Windows? For Windows 8/Server 2012 and later, the following works in PowerShell:

Test-NetConnection 128.159.1.1 -Port 80

Some Googling will also turn up alternatives which use the .NET Framework directly (since PowerShell lets you do that) for systems running lower versions of Windows that won't have Test-NetConnection available.

If you're not averse to using third-party utilities, Nmap is also a very good friend to have and it works from the command line.

score 87 · Accepted Answer · edited Apr 24 '24 at 21:47

I found a hiddem gem the other day from Microsoft that is designed for testing ports:

Portqry.exe

"Portqry.exe is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. Portqry.exe runs on Windows 2000-based computers, on Windows XP-based computers, and on Windows Server 2003-based computers. The utility reports the port status of TCP and UDP ports on a computer that you select. "

score 29 · Answer 3 · answered Jul 02 '09 at 18:05

Use the telnet command to connect to the server on the specified port, and see if a connection can be established.

Success:

$ telnet my_server 25
220 my_server ESMTP Postfix

Fail:

$ telnet my_server 23632
Connecting To my_server...Could not open connection to the host, on port 23632:
Connect failed

score 9 · Answer 4 · answered Jul 02 '09 at 18:07

9

Telnet will work for TCP.

Netcat is a better tool for these sorts of things, including UDP, watch out though, some AV softwares consider it an 'evil hacker tool'

answered Jul 02 '09 at 18:07

whatsisname

301

score 2 · Answer 5 · answered Oct 25 '16 at 12:48

2

Use netcat Windows port:

>nc -zvv www.google.com 80
www.google.com [108.177.96.103] 80 (http) open
sent 0, rcvd 0
>

>nc -zvv www.google.com 888
www.google.com [108.177.96.147] 888 (?): TIMEDOUT
sent 0, rcvd 0: NOTSOCK
>

answered Oct 25 '16 at 12:48

rustyx

1,979

score 1 · Answer 6 · answered Oct 27 '22 at 23:16

As @iszi's answer suggested, using the free nmap utility downloadable from nmap.org is a viable option. It could scan for UDP or TCP ports. Example:

nmap -n -P0 -p "80,443" microsoft.com duolingo.com

where

-n           never do DNS resolution
-P0          do not ping to test 'up' state
-p           this is the list of desired ports
"22,80,443"  check in SSH, HTTP and HTTPS in TCP

The port list should be inside quotes in Windows because the comma is interpreted as space in the shell.

Result:

Nmap scan report for microsoft.com (20.53.203.50)
Host is up (0.21s latency).
Other addresses for microsoft.com (not scanned): 20.81.111.85 20.103.85.33 20.84.181.62 20.112.52.29
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https
Nmap scan report for duolingo.com (184.72.124.184)
Host is up (0.068s latency).
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https
Nmap done: 2 IP addresses (2 hosts up) scanned in 0.62 seconds

Port 22 is not open on the tested hosts.

Reference: https://nmap.org/book/man.html

score 0 · Answer 7 · answered Jul 11 '12 at 13:05

0

the following command will list all ports in use on the machine...

netstat -a

The output contains the protocol, local address, foreign address and current state

Netstat documentation on microsoft.com

answered Jul 11 '12 at 13:05

Baldy

193

score -4 · Answer 8 · answered Jul 02 '09 at 18:03

-4

'netstat' is you friend.

answered Jul 02 '09 at 18:03

quosoo

101

In Windows, using the command line, how do you check if a remote port is open?

8 Answers8

Linked