In this article, we will look at scanning server ports for running services. In some cases, this helps to identify problems with the services running on the server.
Network Mapper (nmap) is usually used for port scanning. This program allows you to determine open TCP and UDP ports. To install it, use the following command:
Ubuntu / Debian
apt-get install nmap -y
yum install nmap -y
After installation, you can start checking the running services on the server. For example, let’s check the Google public DNS server:
As we can see from the results of the check, two ports are open on the server on which the DNS services (port 53) and the webserver (port 443) are running.
Also, for checking, you can use various keys that determine how to scan:
-p-: scan for all 65535 ports
-sT: scan TCP connections
-O: scan to determine the operating system running on the server
-v: verbose scan
-A: aggressive scan, scan everything
-T [1-5]: to set the scan speed
-Pn: if the server is blocking ping
-sU: scan UDP ports
More details about the operation of this program can be found on the project website.
Some scans may require root user privileges:
sudo nmap -sU 220.127.116.11
Also, remember that in some countries, port scanning is illegal and punishable by law.
If you need to check a specific port, you can use telnet. The command syntax will be as follows:
telnet IP-address port
telnet 18.104.22.168 443
In the above example, we were able to establish a connection to port 443 on the server. To terminate the connection, use the key combination Ctrl+], and then enter quit or press Ctrl+d.
If the port is closed or not in use, you will receive a message similar to the following:
By default, a telnet client is available in most Linux distributions, but there may be a situation when you need to check the port using Windows OS. In this case, you can use a third-party application – for example, Putty or the telnet client built into the OS. To enable it, go to Control Panel – Programs and Features – Turn Windows features on or off. In the window that opens, check the Telnet Client check box.