About everything in the world

How to check if a port is open. How to connect to open ports Connect by ip and port

Sometimes the user has a situation when it is necessary to open one or another port of the computer for video games, complex programs or special Internet clients. But how to check if this port is currently open? There are several options for solving such problems.

I. CHECKING OPEN PORTS ON THE LOCAL COMPUTER

Method 1. In order to check open ports on the local (your) computer, you can use the "Command line" of the Windows operating system (

To call this line, you must press the key combination Win + R and write the command "cmd", then click "OK".

In the window that opens, write the special command "netstat -a" and see the list of open ports on your computer.

Method 2. If you are connected to the Internet, then you can check if the port is open on the website

whatsmyip.org/port-scanner/

This resource will determine your IP address by itself, and you can scan ports through a special field " Custom Port Test».

Enter the port you are interested in and click the " Check Port”, after which you will receive a response whether this port is open or closed.

II. CHECKING OPEN PORTS ON A REMOTE COMPUTER

Now let's look at how to check if a port is open on a remote computer or server. Use the same "Command Prompt" in Windows, but now write the telnet command in the format:

telnet IP address port

Press the "Enter" key. If there is no "Could not open ..." entry, then the requested port is open, otherwise it is closed.

We briefly looked at how to check if a port is open on a computer. If you have any questions, then ask them in the comment box.

What does the port test result mean?

Status Port closed

It is currently not possible to connect to this port. Malware or intruders cannot use this port to attack or obtain confidential information (The material 4 best free antivirus for Windows 10 will help you). If all unknown ports have the "closed" status, this means that the computer is well protected from network threats.

If the port should be open, then this is a bad indicator. The reason for the unavailable port may be incorrect configuration of network equipment or software. Check the access rights of programs to the network in the firewall. Make sure the ports are forwarded through the router.

The result "port closed" can also be obtained if the port is open, but the response time of your computer on the network (ping) is too high. Connecting to the port in such conditions is almost impossible.

Status Port open

You can connect to this port, it is available from the Internet. If that's what you want, great.

If the reason why the port may be open is unknown, then it is worth checking running programs and services. Perhaps some of them quite legally use this port to work with the network. There is a possibility that the port is open due to the operation of unauthorized/malicious software (The article How to turn on protection against potentially unwanted programs in Windows Defender will help you). In this case, it is recommended to check the computer with an antivirus.

F.A.Q.

What are the ports? What are they needed for?

The ports that PortScan.ru checks are not physical, but logical ports on a computer or network device.
If a program or service plans to work with a network, it opens a port with a unique number through which it can work with remote clients/servers. In fact, the network program reserves a certain number for itself, which allows you to understand that the incoming data is intended for this particular program.

In human language, it would sound something like this: "I, the server program, open port number 1234. If data arrives on the network cable with port number 1234, this is me."

What port numbers can the program open?

Ports are identified by numbers from 0 to 65535 inclusive. Any other port cannot be opened, respectively, and check too. These are limitations of the TCP/IP protocol.

It is worth noting that the client program must always know the port number to which it needs to connect on the server or other remote network device. For this reason, ports ranging from 0 to 1023 are reserved for the most popular protocols.

So, for example, while surfing the Internet, your browser connects to port 80 on the remote server where the site is located. In response, the browser receives a set of code and data, which it downloads and displays as a web page.

For what situations is it possible to check open ports?

Checking open ports is possible if your computer has been assigned an external IP address. You can find out more about this from your ISP.

It is worth considering that if your computer is connected to the Internet not directly, but through a router (router), then the results of the check refer specifically to the router. Checking the port status for a computer within such a subnet is possible only if port forwarding is available.

What is port forwarding?

Port Forwarding (sometimes Virtual Servers) is a special setting on the router that allows you to redirect external requests (from the Internet) to computers on the local network. In essence, this is a way to specify to which local computer to forward data and connection requests that come in on a specific port.

Let's say you have a game or web server at home connected via a router to the Internet. All computers connected to the same router are on the same network, so they can connect to this server. However, outside, from the Internet, it will no longer be possible to connect to your server without port forwarding.

If your computer is directly connected to the Internet (without a router/router), you do not need to perform port forwarding. All your open ports must be accessible from the Internet (of course, if you have a dedicated IP).

How to find out what ports are open on a computer?

For Windows: Start → "cmd" → Run as administrator → "netstat -bn"
For Linux: In the terminal, run the command: "ss -tln"

How to close the port?

First of all, you need to eliminate the cause - the running program or service that opened this port; it needs to be closed/stopped. If the reason for the open port is not clear, check the computer with an antivirus, remove unnecessary port forwarding rules on the router and install an advanced firewall (Firewall).

A port in computer networks is a natural number that is written in the header of the OSI protocol. It is intended to identify the receiving process of a packet on a single host.

Typically, there are several processes running in user space on the host with the OS installed at the same time, and each of them is running a specific program. If these programs affect a computer network, the "shell" from time to time receives an IP packet through it, which is intended for one of the programs.

How it works?

If the program uses network communication, this process can occur as follows:

  • The OS is asked for a specific port number. In this case, the system can either provide it to the program or prohibit transmission (this happens if this port number is already used by another application).
  • An unspecified port number is requested from the OS, to any free one. The system itself selects it and provides it to the program.
  • IP addresses of the recipient and sender hosts (required that a route be built between them);
  • Protocol number;
  • Numbers of both ports (receiver and sender).

If the connection is via TCP, then the sender's port is used both by the receiver's OS to send an acknowledgment of received data, and by the receiver's process to send a response.

Open and closed ports

From the sender's side, the host and port number act as an analogue of the return address, which is indicated on the envelopes. Such a number is called reverse.

In cases where a process on a host consistently uses the same port number, that port is considered open. For example, a program connected to a server might always use 80 or 8080 to communicate. When a process fails, it is considered closed.

Port numbers

All ports have their numbers registered in the prescribed manner. Each of them is designed for its specific purpose. So, when working on the Internet, you can often see port 8080. Why is this functionality needed?

According to the official data, this port runs over the TCP protocol and is intended for use with HTTP. Unofficially, it is also used by the Tomcat servlet container written in Java.

TCP port 8080 may use a specific protocol for communication, depending on the application. A protocol is a set of formalized rules that explains how data is transmitted over a network. It can be thought of as a language that is used between computers to help them communicate more effectively.

The HTTP protocol, which runs over 8080, defines the communication format between internet browsers and websites. Another example is the IMAP protocol, which defines the communication between IMAP mail servers and clients, or finally, which specifies the format used for encrypted messages.

Data transfer

Thus, TCP port 8080 uses the transmission control protocol. It is one of the main protocols in TCP/IP networks. While IP deals only with packets, TCP allows two hosts to establish a connection and exchange data streams. It guarantees their delivery, and also that the packets will be delivered to port 8080 in the same order in which they were sent. Guaranteed communication over 8080 is the key difference between TCP and UDP. UDP 8080 would not guarantee a connection in the same way.

How to open port 8080 in Windows 7?

To do this, go to the Start menu and find the Control Panel. In it, you need to click on the "Network" submenu and find "Firewall" in it. In the "Exceptions" tab, find the "Add Port" item. A dialog box will open asking you to enter the port number. Make sure TCP is specified in the settings, and then select OK.

How to close port 8080? To do this, just configure the connection to another specific port.

Advanced HTTP and TCP Proxy Configuration

The HTTP protocol works on top of the TCP protocol, but provides additional information about the purpose of the message. For this reason, the two proxies are configured differently.

HTTP traffic includes the destination host and port for the message. It is sent over a TCP connection with a TCP endpoint, i.e. between a specific host and port. Typically, an HTTP message points to the same endpoint as a TCP connection. If you change the client configuration to use an HTTP proxy, the connection is made to a different host and port than the one specified in the HTTP URLs. This means that the TCP endpoint in the message is different from the one it is connected to.

For example, if an HTTP request is sent to the page http://192.0.2.1:8080/operation, the request includes "192.0.2.1:8080" in the "Host" header of the HTTP message that is sent to port 8080 on host 192.0. 2.1.

However, if you configure an HTTP client to use a proxy, the underlying TCP connection goes to the TCP endpoint for it, while the messages still contain the original endpoint.

For example, if you configure the client to send its messages to a proxy server at 198281.100.1 port 3128 and the client sends a request for http://192.0.2.1:8080/operation, the message still contains "192.0.2.1:8080" in the "Host" header, and now also in the "Request-Line" field. However, this message is now sent over a TCP connection to 198.51.100.1:3128. Thus, an HTTP proxy can receive messages on one port (proxy port 8080) and can forward them to several different services based on the recipient information.

How to set up to accept connections on port 8080?

So the "Host" header was added in HTTP/1.1. HTTP/1.0 connections do not include it. For this reason, connections that do not go through a proxy do not include the host and port for the message. However, HTTP/1.0 information sent through the proxy still contains the target host and port in the "query string". Therefore, the absence of the "Host" header does not cause a problem for the proxy.

To enable the TCP proxy, you must change the client configuration from a real-time TCP endpoint to a replacement endpoint. Unlike HTTP, this protocol does not provide a built-in proxy capability. That is, if you connect to a proxy server via TCP, there is no mechanism for passing information to the final destination.

How to setup multiple connection using 8080?

The only way for a TCP proxy to allow connections to multiple systems (that is, destination endpoints), no matter what traffic is sent over those connections, is to listen on a different port for each of the systems. This allows you to connect and maintain information about which of its port numbers corresponds to each endpoint. The client is then configured with a proxy port corresponding to each system it needs to connect to. to listen and their corresponding endpoints are configured in statements in the proxy configuration file, RTCP_install_dir/httptcp/registration.xml. First of all, you need to check port 8080 - if it is open by default, further settings will be done in a few minutes.

In this example, 198.51.100.1 is the IP address of the proxy server. Any traffic sent to port 3333 to the proxy server is sent to port 8080 at www. example. com:

Therefore, you must change the client configuration file whenever you add a new traffic destination. This limitation does not apply to HTTP proxies.

Interaction between HTTP and TCP

To understand how ports are handled in HTTP and TCP proxies, suppose you have two services, at 192.0.2.1:8080 and 192.0.2.1:8081, and a proxy running at 198.51.100.1. If they differ by IP address instead of by port number, this example will be the same, except for the corresponding address for each service. If they expect HTTP traffic on the same HTTP proxy port, requests to both TCP endpoints can be sent to it. When HTTP sees that a message is addressed to 192.0.2.1:8080, the proxy redirects the message to that address, or applies whatever rules it has for that service. The same procedure is applied to 192.0.2.1:8081 using the same port.

If the two services are instead listening for TCP traffic, the two TCP proxy ports defined by the two elements must be opened in the config file:

The client configuration for the first service is changed from "192.0.2.1:8080" to "198.51.100.1:3333" and for the second service from "192.0.2.1:8081" to "198.51.100.1:3334". The client sends a message (TCP packet) to the first service at the first address.

The proxy receives it on this port (3333) but does not know what data is being sent on this connection. All it knows is a connection to port 3333. So the proxy consults its configuration and sees that traffic to that port should be redirected to 192.0.2.1:8080 (or that a rule for that service should be applied to it). If you cannot forward all your HTTP traffic because the client configuration does not support HTTP proxy configuration, you must use an HTTP reverse proxy.

In it, instead of the target URL, you specify the one you need. This process is similar to configuring a TCP proxy, in which you specify it as the TCP endpoint for a message on the client system and create a forwarding rule.

The difference is that you add a type attribute to the rule that defines HTTP, as in the following example: .

How is the traffic going?

The proxy server is now configured to only accept HTTP traffic on the assigned port and can apply richer filtering. For example, a server might filter traffic to a stub that doesn't have a specific path in its URL, or that doesn't use a specific HTTP method such as POST. However, because the stub doesn't always work, the server still needs the target from the element to be able to send traffic to the system. For example, suppose a client needs to connect to a service at 192.0.2.1:8080 and use an HTTP reverse proxy at 198.51.100.1:3333.

Before a client can use a proxy server, the client configuration for that service must be changed from a URL such as http:// 192.0.2.1:8080/ operation to http:// 198.51.100.1:3333/ operation. The request that is sent to this new URL hits the proxy.

The request message contains the TCP endpoint for the proxy (198.51.100.1:3333) in the Host header, not the system address, because the client does not know it is sending a redirected message. This simplified client role defines the nature of such a connection. So the proxy uses the elements to know that a request arriving on port 3333 requires one of the following: it must be redirected to the live system at 192.0.2.1:8080 and the "Host" header in the message must be updated. The message must apply all the rules of that service, such as routing to a stub.

The Wi-Fi router is configured in its control panel, through the web interface. Therefore, access to change the configuration can be obtained through any browser. To do this, just open the page 192.168.0.1 or 192.168.1.1 (depending on the router model). Next, you will need to enter a username and password. By default, both of these options are set to admin.

If the default username and password are not suitable, and you have not changed these details, they may have been changed by the wizard when connecting or setting up the Internet. For security purposes, some providers change the default login details. In this case, they can be found in the contract or at the bottom of the router, on a separate sticker.

Advice! Don't forget to change your login details to your Wi-Fi router settings. You can do this in the "System Tools -> Password" menu.

Changing your password will greatly secure your network and help prevent unauthorized access or resetting. The settings will take effect after the device is rebooted.

If authorization in the control panel of the router is successful, a status page will open, which displays basic information about the router, information about wireless broadcasting Wi-Fi and the status of the current Internet connection.

Preconfiguring for Port Forwarding

Before forwarding, you need to change the settings for the distribution of local IP addresses within the network created by the TP-Link router. The device on which the open port will be used in the future must be set to an unchanged internal address. DHCP is responsible for addressing within the local network, so you need to open the menu “DHCP -> List of DHCP clients”. This window will display a list of devices connected to your network. We are looking for the desired device by name and copy its MAC address.

In the case shown in the screenshot, it was not difficult to find the necessary device, since only one device was registered on the home network. However, there are situations when a significant number of devices are connected to the network, and the name of the required computer is unknown or not displayed. In this case, you can find out the address of the computer directly through the operating system. The easiest way is to use a special command on the command line.

Press the Win+R keys to open a new program run window. Enter cmd in it and click OK.

After entering the getmac command, you will receive the necessary data that will be needed in the future to perform port forwarding on the TP-Link router.

If an error occurs while executing the command, it is recommended to repeat the operation by running the command prompt as an administrator.

After that, you need to open the menu "DHCP -> DHCP Settings". This page will display the range of IP addresses within which computers on your network are addressed. In the case in the screenshot, the start address is 192.168.0.100, the end address is 192.168.0.199. This information will be needed in the next step.

Next, you need to open the "DHCP -> Address Reservation" page and click the "Add New ..." button. Without this step, port forwarding on the TP-Link router will not bring the desired result, since the computer will be assigned a new local address each time.

In the "MAC Address" field, paste the combination that you copied from the list of DHCP clients or the command line. In the Reserved IP address field, enter any address that is in the range specified in the DHCP settings of the TP-Link router. Click the "Save" button.

The added binding of the MAC address to the IP will be displayed in the list, but for the normal operation of the address reservation, you will need to restart the Wi-Fi router, which the system will warn you about.

You can restart the TP-Link router programmatically in the "System Tools -> Restart" menu.

Opening ports on a TP-Link router

After completing these preparatory steps, you can proceed to the direct opening of ports. In order to open them on the TP-link router, go to the "Forwarding -> Virtual Servers" menu and select to add a new entry

Fill in the fields with port numbers. In the IP address field, enter the value that you have reserved for your computer. Select a protocol if necessary. In the "Status" field, leave the "Enabled" mark so that the settings take effect immediately after the Wi-Fi router is rebooted. If you want to forward the standard ports of one of the services, you can do this by selecting the required service in the last drop-down list. There is no fundamental difference between entering manually and selecting from the list, but this function can be useful if you do not remember the port number that you need to open.

The TP-Link Wi-Fi router offers the following services for which you can forward standard ports:

  • GOPHER
  • TELNET

The maximum number that can be opened on TP-Link is 65535.

In some cases, it may be necessary not to simply forward, but to dynamically open ports in response to an incoming event. You can configure this function in the next menu: "Forwarding -> Port Triggering". The most common use of this setting is to work with complex applications that receive many incoming connections (online games, Internet telephony, and video conferencing applications). To create a new Port Triggering entry, click Add New.

Instruction

You must know the ip address of the computer you want to connect to. If you know the domain name, you can determine the ip on one of the existing services. For example here: http://www.all-nettools.com/toolbox/smart-whois.php
Enter the domain name in the format www.name.ru - that is, the site name without "http://", click the "Submit" button. You will receive an ip address and all additional information about the site.

Now you need to determine which ports are open on the computer you are interested in. This is done by scanning using special programs - scanners. The most famous scanners are Nmap and XSpider. It is better for a beginner to choose the second one, on the network you can find both a demo version and a full version of the program.

Open XSpider, enter ip address, start scanning. After its completion, you will receive a list of open ports on the scanned machine. The presence does not mean that you have gained access to the remote computer and only says that this port is being used by some program. For example, port 21 is ftp, 23 is telnet, 4988 is Radmin, 3389 is Remote Desktop‎, etc. Type in the search engine "List of ports and their services", and you will get detailed information.

You have received a list of open ports. The next step is to look for an opportunity to penetrate through these ports on. There are many options here, the main ones are password guessing or finding and using a suitable exploit. An exploit is a program code written for a specific vulnerability.

If you want to learn how to use exploits, download the Metasploit program. It consists of several hundred exploits, their composition is constantly . Metasploit also includes an Nmap scanner. Learning the program takes time and patience, but the result is worth it.

If you want a quick result, download two programs: GUI VNC Scanner (vnc_scanner_gui) and Lamescan. The first is a very good and fast scanner, handy when scanning a specific port. For example, port 4899, used by the Radmin remote control program.

Launch the VNC scanner, specify port 4899, select the desired country from the list and click the "Get diap list" button. A list of IP address ranges will appear in the window on the left. Select several ranges (preferably 2-3), delete the rest. Click the "Start scan" button. After the scanning process is completed, you will receive a text file IPs.txt with a list of ip-addresses of computers that have port 4899 open. Click the "Start parser" button - the list will be cleared of all unnecessary information, only ip-addresses will remain.

Launch the Lamescan program. Click on the "Settings - General" menu. Set the port number to 4899. Enter the paths to the password and login dictionaries (find them on the network). Click Done. Now click the green plus sign and enter your scanned ip-addresses in the window that appears and click the green arrow. The process of selecting a password for the specified addresses will begin. In most cases, the selection is unsuccessful, but out of hundreds of addresses, several will be with simple passwords.

Download and install the Radmin program. Run it, enter the address of the computer with the selected password. In the window that appears, enter the password (and login - if you have selected data for the program with a login and password). A blue connection icon will appear, and a few seconds later you will see the desktop of the remote computer on your screen.

Port assignment is a way to forward packets from any LAN interface port to a specified host (computer) and port on the Internet, or to forward packets from any idle port from an external (Internet address) to a specified host (computer) and port on the LAN.

The scheme of operation of this service is very simple and is usually used if it is impossible or not advisable to use NAT or HTTP proxy, or if it is better not to change the default gateway on client machines. Also, very often this scheme looks more understandable to many users than setting through NAT.

Let's look at some common examples of configuration through port assignment.

Attention! Port assignments and public mail servers, such as mail.ru, yandex.ru, gmail.com, which require connection via secure communication channels, will not work with The Bat. The problem lies in the The bat program itself, because. there you can not accept certificates and add them to exceptions so that they work normally and always. Through the assignment of ports, for example, "Mozilla Thunderbird" will work fine.

  • Mail setup.

As you know, there are two services for exchanging mail messages - POP3 (ENG) And SMTP (ENG). They use TCP ports 110 and 25 respectively. In order to allow client requests for these protocols to the Internet through a port assignment, two assignments must be created.

For example, for a POP3 server we will most likely use an unoccupied local port - 9110, and for SMTP - 9025. We will make the settings for the popular free mail - mail.ru.

Open the "Services - Port Assignment" page in the administrator console and click the "Add" button:

We select the IP of the local network card as the listening interface, port 9110. As the destination, we write the address pop.mail.ru and specify port 110:

Click the "Add" button again and specify the parameters for the SMTP server. We select the IP-local network card as the listening interface and prescribe port 9025, and as the destination we prescribe the smtp.mail.ru address and specify port 25.

Now you need to open the properties of the mail client on the client machine and set the settings for assigning ports there.

For example, for The Bat program, the setting will be as follows:

  • Setting up remote access from the Internet to a computer on a local network,
    for example, for the program R-admin (ENG) or RDP (ENG).

Usually the ports that are used for these two programs (TCP 4899 for R-admin and TCP 3389 for RDP) are already occupied by the server where UserGate is installed, so we recommend that you use any others.

Let's select port 9999 for the RDP service, and port 9998 for the R-admin program.

In our example, the local subnet is 192.168.2.X and the computer accessed from the Internet has an IP address of 192.168.2.45.

We create a rule in accordance with our current network configuration. Specify your external interface as the listening address. If you have a connection to a PPPoE, VPN or Dial-Up provider, then specify to listen on any interface, port 9998 for R-admin:

A remote connection from the Internet to a machine on the local network in this case would look something like this:

  • for R-admin, specify the external IP address of the machine with UserGate - 172.19.169.7 and port 9998.
  • for RDP, specify the external IP address of the machine with UserGate - 172.19.169.7 and port 9999.

Share with friends:
Similar posts