Check Port Open
Test port connectivity, verify service availability, and troubleshoot network issues.
What is Port Checking?
Ports are virtual endpoints for network connections. The Check Port Open tool helps you:
✅ Test Connectivity - Check if ports are accessible
✅ Verify Services - Confirm services are running
✅ Troubleshoot - Diagnose network issues
✅ Security Audit - Find open ports
✅ Validate Config - Test firewall rules
Accessing Check Port Open
From Web Tools Tab
- Open any host connection
- Click "Web Tools" tab
- Select "Check Port Open" from left menu
Interface Overview
┌────────────────────────────────────────────────────┐
│ Check Port Open │
├────────────────────────────────────────────────────┤
│ Host: │
│ ┌──────────────────────────────────────────┐ │
│ │ example.com │ │
│ └──────────────────────────────────────────┘ │
│ │
│ Port: │
│ ┌──────────────────────────────────────────┐ │
│ │ 443 │ │
│ └──────────────────────────────────────────┘ │
│ [Check Port] │
├────────────────────────────────────────────────────┤
│ Result: │
│ │
│ ✓ Port 443 is OPEN on example.com │
│ │
│ Response Time: 42ms │
│ Service: HTTPS (Web Server) │
│ Status: Accessible │
└────────────────────────────────────────────────────┘
How to Use
Step 1: Enter Host
Enter hostname or IP address:
example.com
192.168.1.100
2001:db8::1
www.example.com
Step 2: Enter Port
Enter port number (1-65535):
Common ports:
80 (HTTP)
443 (HTTPS)
22 (SSH)
3306 (MySQL)
Step 3: Execute Check
Click "Check Port" or press Enter
The tool will:
- Resolve hostname to IP
- Attempt TCP connection
- Measure response time
- Report status (open/closed/filtered)
- Identify common services
Step 4: Interpret Results
✓ Port OPEN
- Port is accessible
- Service is listening
- Firewall allows connection
✗ Port CLOSED
- Port is not listening
- Service not running
- Connection refused
? Port FILTERED
- Firewall may be blocking
- No response received
- Cannot determine state
Common Ports
Web Servers
80 - HTTP
Service: Web server (unencrypted)
Common: Apache, Nginx, IIS
443 - HTTPS
Service: Web server (encrypted)
Common: All modern websites
8080 - HTTP Alternate
Service: Alternative HTTP port
Common: Development servers, proxies
8443 - HTTPS Alternate
Service: Alternative HTTPS port
Common: Admin panels, APIs
Remote Access
22 - SSH
Service: Secure Shell
Use: Remote server access
Security: Keep closed except from trusted IPs
23 - Telnet
Service: Telnet (insecure)
Use: Legacy remote access
Security: DISABLE (use SSH instead)
3389 - RDP
Service: Remote Desktop Protocol
Use: Windows remote desktop
Security: Keep closed except from trusted IPs
5900 - VNC
Service: Virtual Network Computing
Use: Remote desktop
Security: Use VPN or SSH tunnel
Mail Servers
25 - SMTP
Service: Mail sending
Use: Server-to-server email
Security: Often blocked by ISPs
110 - POP3
Service: Mail retrieval (unencrypted)
Use: Downloading email
Security: Use encrypted version (995)
143 - IMAP
Service: Mail access (unencrypted)
Use: Email client access
Security: Use encrypted version (993)
465 - SMTPS
Service: SMTP over SSL
Use: Encrypted mail sending
587 - SMTP Submission
Service: Mail submission
Use: Client mail sending
Security: Supports STARTTLS
993 - IMAPS
Service: IMAP over SSL
Use: Secure email access
995 - POP3S
Service: POP3 over SSL
Use: Secure email download
Database Servers
3306 - MySQL/MariaDB
Service: MySQL database
Security: ⚠️ Should NOT be publicly accessible
Recommendation: Use SSH tunnel or VPN
5432 - PostgreSQL
Service: PostgreSQL database
Security: ⚠️ Should NOT be publicly accessible
Recommendation: Bind to localhost only
27017 - MongoDB
Service: MongoDB database
Security: ⚠️ Should NOT be publicly accessible
Recommendation: Enable authentication
6379 - Redis
Service: Redis cache
Security: ⚠️ Should NOT be publicly accessible
Recommendation: Bind to localhost, use password
1433 - Microsoft SQL Server
Service: MSSQL database
Security: ⚠️ Should NOT be publicly accessible
Recommendation: Firewall to specific IPs
File Transfer
21 - FTP
Service: File Transfer Protocol (insecure)
Security: ⚠️ Use SFTP (port 22) instead
22 - SFTP
Service: SSH File Transfer Protocol
Security: ✓ Secure, encrypted
69 - TFTP
Service: Trivial FTP (no auth)
Security: ⚠️ Very insecure, disable
445 - SMB
Service: Windows file sharing
Security: ⚠️ Close on internet-facing servers
Other Services
53 - DNS
Service: Domain Name System
Use: Name resolution
Security: Restrict to trusted IPs for queries
67-68 - DHCP
Service: Dynamic Host Configuration
Use: IP address assignment
Security: Internal network only
123 - NTP
Service: Network Time Protocol
Use: Time synchronization
161-162 - SNMP
Service: Simple Network Management
Use: Device monitoring
Security: ⚠️ Use SNMPv3, restrict access
Port States
Open
Meaning:
- Service is listening on port
- Accepts connections
- Firewall allows traffic
Example:
Port 443 on example.com: OPEN
Response: Connection successful
Time: 42ms
What to do:
- ✓ Expected service: Good
- ✗ Unexpected service: Investigate and close
Closed
Meaning:
- No service listening on port
- Port explicitly refused connection
- Host is reachable
Example:
Port 3306 on example.com: CLOSED
Response: Connection refused
Time: 15ms
What to do:
- Expected to be open: Start service
- Expected to be closed: Good (secure)
Filtered
Meaning:
- Firewall dropping packets
- No response received
- Cannot determine if service exists
Example:
Port 22 on example.com: FILTERED
Response: Timeout
Time: >5000ms
Causes:
- Firewall blocking
- Network routing issue
- Host unreachable
What to do:
- Check firewall rules
- Verify host is online
- Test from different location
Timeout
Meaning:
- No response within time limit
- Host may be down
- Network issue
Example:
Port 80 on example.com: TIMEOUT
Response: No response
Time: >10000ms
What to do:
- Verify host is online
- Check network connectivity
- Increase timeout if remote
Security Considerations
Only Open Necessary Ports
Bad (too many open):
Port 21 (FTP): OPEN ❌ Use SFTP
Port 22 (SSH): OPEN ✓ OK (from trusted IPs)
Port 23 (Telnet): OPEN ❌ Insecure
Port 80 (HTTP): OPEN ✓ OK
Port 443 (HTTPS): OPEN ✓ OK
Port 3306 (MySQL): OPEN ❌ Should be internal only
Port 8080: OPEN ⚠️ Why?
Good (minimal):
Port 22 (SSH): OPEN ✓ Restricted to admin IPs
Port 80 (HTTP): OPEN ✓ Public web
Port 443 (HTTPS): OPEN ✓ Public web
All others: CLOSED ✓ Secure
Close Dangerous Ports
Disable immediately:
- Port 21 (FTP) - Use SFTP instead
- Port 23 (Telnet) - Use SSH instead
- Port 69 (TFTP) - No authentication
- Port 135-139 (Windows NetBIOS) - Exploitable
- Port 445 (SMB) - Ransomware target
- Port 3389 (RDP) if publicly exposed - Brute force attacks
Restrict Database Ports
Never expose directly:
❌ MySQL (3306): Accessible from internet
❌ PostgreSQL (5432): Public
❌ MongoDB (27017): No auth, public
❌ Redis (6379): Public
Use instead:
✓ SSH tunnel: ssh -L 3306:localhost:3306 user@server
✓ VPN: Connect to VPN first
✓ Firewall: Allow only specific IPs
✓ Cloud: Use private network
Port Scanning Ethics
⚠️ Important:
- Only scan servers you own
- Get permission before scanning others
- Scanning without permission may be illegal
- Respect network policies
- Don't abuse the tool
Legal scanning:
- ✓ Your own servers
- ✓ With explicit permission
- ✓ Bug bounty programs (with rules)
- ✓ Authorized security audits
Illegal scanning:
- ✗ Servers you don't own
- ✗ Without permission
- ✗ Malicious intent
- ✗ Excessive/abusive scanning
Use Cases
1. Server Configuration Validation
After server setup:
Check expected open ports:
✓ Port 22 (SSH): OPEN
✓ Port 80 (HTTP): OPEN
✓ Port 443 (HTTPS): OPEN
Check should-be-closed ports:
✓ Port 21 (FTP): CLOSED
✓ Port 23 (Telnet): CLOSED
✓ Port 3306 (MySQL): CLOSED
✓ Port 27017 (MongoDB): CLOSED
2. Firewall Rule Testing
Test firewall configuration:
Before firewall rule:
Port 3306: OPEN (bad)
Add firewall rule:
iptables -A INPUT -p tcp --dport 3306 -j DROP
After firewall rule:
Port 3306: FILTERED (good)
3. Service Availability Check
Monitor service uptime:
Check critical services:
- Port 80 (Web): OPEN → Site accessible
- Port 443 (HTTPS): OPEN → SSL working
- Port 22 (SSH): OPEN → Can connect
Alert if any become CLOSED
4. Network Troubleshooting
Debug connectivity issues:
User reports site down:
1. Check port 80: TIMEOUT
2. Check port 443: TIMEOUT
3. Diagnosis: Server offline or network issue
Check DNS:
nslookup example.com
Ping: timeout
Conclusion: Server is down
5. Security Audit
Find exposed services:
Scan common ports:
- Port 21: CLOSED ✓
- Port 22: OPEN (restrict to trusted IPs)
- Port 23: CLOSED ✓
- Port 80: OPEN ✓
- Port 443: OPEN ✓
- Port 3306: OPEN ❌ (close immediately!)
- Port 3389: CLOSED ✓
- Port 27017: OPEN ❌ (close immediately!)
Action items:
1. Close port 3306 to public
2. Close port 27017 to public
3. Add firewall rules
4. Restrict SSH to admin IPs
Troubleshooting
Issue: Connection Timeout
Problem: No response from port check
Possible causes:
- Host is down
- Firewall blocking
- Service not running
- Network routing issue
How to diagnose:
# Check if host is reachable
ping example.com
# Check DNS resolution
nslookup example.com
# Try from different location
# (use Check Port Open from different server)
# Check firewall logs
sudo tail -f /var/log/ufw.log
Issue: Connection Refused
Problem: Port actively refused connection
Possible causes:
- Service not running
- Service crashed
- Wrong port number
- Service bound to localhost only
How to fix:
# Check if service is running
systemctl status nginx
systemctl status mysql
# Check what's listening on port
sudo netstat -tlnp | grep :80
sudo ss -tlnp | grep :80
# Check service configuration
# Make sure it's not bound to 127.0.0.1 only
Issue: Unexpected Open Ports
Problem: Ports open that shouldn't be
How to investigate:
# List all listening ports
sudo netstat -tlnp
sudo ss -tlnp
# Find what's using the port
sudo lsof -i :3306
# Check running processes
ps aux | grep mysql
# Review firewall rules
sudo iptables -L -n
sudo ufw status
Action:
- Identify the service
- Determine if it's needed
- If not needed: Stop and disable
- If needed: Add firewall rule to restrict access
Best Practices
1. Minimize Attack Surface
Only open what's needed:
Public web server:
✓ Port 80 (HTTP)
✓ Port 443 (HTTPS)
✗ Everything else: CLOSED or FILTERED
2. Use Firewall Rules
Restrict by IP when possible:
# SSH: Only from office IP
ufw allow from 203.0.113.0/24 to any port 22
# MySQL: Only from app server
ufw allow from 10.0.1.5 to any port 3306
# Web: Public access
ufw allow 80/tcp
ufw allow 443/tcp
3. Regular Audits
Schedule port scans:
Weekly:
- Scan all servers
- Document open ports
- Investigate changes
- Close unnecessary ports
Monthly:
- Full security audit
- Review firewall rules
- Update documentation
- Test from external network
4. Monitor Changes
Alert on unexpected ports:
Expected open ports: 22, 80, 443
Alert if any other port opens
Review and close if not authorized
5. Document Everything
Keep inventory:
# Server: web-01
## Open Ports
- Port 22 (SSH): Admin access only (10.0.0.0/8)
- Port 80 (HTTP): Public
- Port 443 (HTTPS): Public
## Closed Ports
- Port 21 (FTP): Disabled, use SFTP
- Port 3306 (MySQL): Internal only via SSH tunnel
- Port 3389 (RDP): Not installed
## Last Audit
- Date: 2024-10-17
- Auditor: Admin Team
- Status: Compliant
Next Steps
- 🔄 Check Redirect - Test URL redirects
- 📋 Check Header - Inspect HTTP headers
- 🏷️ Check Meta Header - Analyze meta tags
- 🔙 Web Tools Overview - All tools