About Online Port Scanning - Discover Open TCP & UDP Ports
What is a Port?
Port is a term used in computer networking. It is the virtual point where the network connection starts and ends. Ports are software-based and managed by the computer's operating system. Each port is associated with a specific service or process. We can recognize it as a logical construct used to specify a network service or a particular function at the software level.
Ports facilitate computers to differentiate among different kinds of traffic. The email traffic lands on a different port (port 25), and web traffic lands on a different (port 80) even though both reach the computer over the same network connection.
The incoming packet's headers define which port it should be forwarded. Each network request contains the port, IP address, and the network protocol to complete the request's destination network address.
There are two types of network ports on each computer.
- TCP (Transmission Control Protocol) ports
- UDP (User Datagram Protocol) ports
What is a port number?
A number is assigned to each port, so the ports are standardized and adopted across all the network-connected devices. Mostly each port is reserved for serving a specific protocol. For example, all Hypertext Transfer Protocol (HTTP) messages go to port 80.
The IP(Internet Protocol) address enables network communication on a specific device, and the port numbers specify the particular service to target on those devices. TCP and UDP headers indicate the port number to which network traffic is forwarded.
Common network port numbers
Port numbers range from 1 - 65,535. Although not all are commonly used. But some widely used ports and their associated networking protocols are
- Ports 20 and 21 for File Transfer Protocol (FTP)
- Port 22 for Secure Shell (SSH)
- Port 23 for Telnet Protocol
- Port 25 for Simple Mail Transfer Protocol (SMTP)
- Port 53 for Domain Name System (DNS)
- Port 80 for Hypertext Transfer Protocol (HTTP)
- Port 110 for Post Office Protocol, version 3 (POP3)
- Port 123 for Network Time Protocol (NTP)
- Port 143 for Internet Message Access Protocol (IMAP)
- Port 161 for Simple Network Management Protocol (SNMP)
- Port 443 for HTTP Secure (HTTPS)
- Port 445 for Server Message Block (SMB)
- Port 500 for Internet Security Association and Key Management Protocol (ISAKMP)
- Port 3389 for Remote Desktop Protocol (RDP)
The first 0 to 1023 TCP ports are well-known and reserved for applications, and IANA keeps them standardized. These are reserved ports.
The TCP ports from 1024 – 49151 are available for services or applications. You can register them with IANA. These are considered semi-reserved.
However, ports 49152 and higher are free to use. Nearly anyone can use them. These are public ports.
Can ports make network connections more efficient?
Various data types are transferred from one computer to another. Ports are the helping hands that tell computers how to treat those data.
Ports provide a diverse functionality for communicating multiple requests on the same network address over the same WiFi connection. In that way, more than one connection can be constructed using a single network.
For example, Mike transfers a file to David using FTP protocol. Suppose David's computer passes that file to its email application. The email application will not recognize it and will not process it because it is not built to serve that function. Because Mike's file transfer uses port 21, designated for FTP, David's computer can receive and store the file if it lands on port 21.
Meanwhile, at the same time, David's computer can load HTTP webpages using port 80 and emails using port 25. However, the web page files, emails, and files transferred from Mike flow to David's computer over the same WiFi connection.
Firewalls and Ports
A firewall is a security program that allows or blocks network traffic based on a specified set of rules. It's a wall between trusted and untrusted traffic.
The hackers try to send malicious traffic to random ports, hoping they are "open" (which means they can receive traffic). The firewall, by default, blocks traffic to all the ports expects some predefined ports that are in everyday use, like ports 25 (email), 80 (web traffic), 443 (web traffic).
What is a Port Scanner?
According to the SANS Institute, port scanning is one of the most popular techniques hackers use to discover vulnerabilities and exploit services to break into systems.
A port scanner is a network scanner that quickly finds the open ports on a computer network. It displays which ports on a network are available to communicate.
Port Scanning Basics
A port scanner sends a TCP or UDP network packet to ask the current status of the port. The three types of responses are
- Open/Accepted: That means that the port is available to receive the traffic.
- Closed/Not Listening: The port is currently in use and not open to receive the traffic.
- Filtered/Dropped/Blocked: That means that the port blocked all kinds of traffic and did not even bother to respond.
How to use the Open Port Checker tool - Port Scanner for port scanning?
The Port Scanner Tool checks the most common ports used by Windows services, Ubuntu servers, favorite games, or other software. For port scanning, perform the following steps.
- Open the tool: Open Port Checker tool - Port Scanner.
- We have a predefined list of all commonly used available ports. Enter any domain or IP address, and the tool checks which ports are active and open and accepting requests on your IP or domain.
- Define the custom ports for checking if they are open for external requests.
- The port scanner tool either gives you the port is open if available or timed out if it's unavailable or blocked.
Why should you run a port scan?
Checking open ports is also necessary to avoid any external attacks on your IP. Malicious client applications (ex. scripts, bots, malware) frequently exploit code detected in the server software that lets them get unauthorized entrance on the remote machine.
The attackers explore a wide range of IPs and request them on different ports to check vulnerability to attack. Therefore, it's always better to keep those ports open which you think are secured by your Software or Hardware, Firewall, or an Anti-virus program.
TCP VS UDP Ports Scan
The general protocols used for port scanning are
- TCP (Transmission Control Protocol)
- UDP (User Datagram Protocol)
TCP is a connection-oriented protocol that requires the network endpoints to establish a connection between them before transmitting the message.
On the other hand, UDP is a connectionless protocol that enables the host to send a message to another host without establishing a connection with the destined address. UDP ports usually do not require a response or acknowledgment from the destined address.
Therefore, a TCP port scan is preferred because it usually provides relevant feedback to the scanner, whereas UDP port scans do not necessarily provide appropriate feedback.
Predefined lists of all available used ports.
Our tool provides predefined lists of all available used ports. These lists include
- 21 - File Transfer Protocol (FTP)
- 22 - Secure File Transfer Protocol (SFTP)
- 23 - Telnet
- 25 - Simple Mail Transfer Protocol (SMTP)
- 53 - Domain Name System (DNS)
- 80 - Hypertext Transfer Protocol (HTTP)
- 110 - Post Office Protocol v3 (POP3)
- 137 - NetBIOS Name Service
- 138 - NetBIOS Datagram Service
- 139 - NetBIOS Session Service
- 143 - Internet Message Access Protocol (IMAP)
- 443 - Hypertext Transfer Protocol over TLS/SSL (HTTPS)
- 445 - Microsoft-DS (Directory Services)
- 548 - Apple Filing Protocol (AFP) over TCP
- 587 - Simple Mail Transfer Protocol (Often more secure than port 25)
- 993 - Internet Message Access Protocol over TLS/SSL (IMAPS)
- 995 - Post Office Protocol 3 over TLS/SSL (POP3S)
- 1433 - Microsoft SQL Server database management system (MSSQL) server
- 1701 - Layer 2 Forwarding Protocol (L2F) / Layer 2 Tunneling Protocol (L2TP)
- 1723 - PPTP VPN (Point-to-Point Tunneling Protocol Virtual Private Networking).
- 3306 - MySQL database system
- 5432 - ARD 2.0 Database, PostgreSQL Database
- 8008 - HTTP Alternate
- 8443 - PCsync HTTPS
- 666 - Doom, first online first-person shooter
- 1725 - Valve Steam Client
- 2302 - ArmA and Halo: Combat Evolved
- 3074 - Xbox Live or Games for Windows Live
- 3453 - PSC Update
- 3724 - World of Warcraft
- 4000 - Blizzard Battlenet, Diablo II, Command and Conquer Red Alert (UDP), Warcraft II (UDP), Tiberian Sun, Dune 2000 (UDP)
- 5154 - BZFlag
- 6112 - Guild Wars, Supreme Commander, Club Penguin Disney online game for kids, Warcraft II and III (Blizzard Downloader)
- 6113 - Club Penguin Disney online game for kids, Warcraft II and III (Blizzard Downloader)
- 6114- 6116 - Warcraft II and III (Blizzard Downloader). It also uses port 3724. IANA registered for XicTools License Manager Service.
- 6117 - Daylite Touch Sync, Warcraft II and III (Blizzard Downloader). It also uses port 3724.
- 6118 - 6119 - Warcraft II and III (Blizzard Downloader). It also uses port 3724.
- 6500 - Gamespy Arcade, Unreal, Tony Hawk, Warhammer, Starwars, Civilization III and IV, BoKS Master, Command & Conquer
- 7777 - cbt
- 10093-10094 - Football Manager 2005/2006
- 12035 - Linden Lab viewer to sim on SecondLife
- 12036 - Second Life
- 12203 - Medal of Honor: Allied Asasult Default Server Port
- 14567 - Battlefield 1942
- 25565 - Minecraft Dedicated Server (IANA official)
- 26000 - CCP's EVE Online Online gaming MMORPG
- 27015 - GoldSrc and Source engine dedicated server port
- 27901–27910 - id Software's Quake II master server
- 28000 - Tribes 2
- 28960 - Call of Duty; Call of Duty: United Offensive; Call of Duty 2; Call of Duty 4: Modern Warfare, Call of Duty: World at War (PC platform)
- 515 - Line Printer Daemon (LPD), print service
- 631 - Internet Printing Protocol (IPP)
- 3282 - Datusorb
- 3389 - Microsoft Terminal Server (RDP)
- 5190 - AOL Instant Messenger protocol
- 5050 - Yahoo! Messenger
- 4443 - Pharos
- 1863 - Microsoft Notification Protocol (MSNP)
- 6891 - BitTorrent, Windows Live Messenger, MSN Messenger
- 1503 - Windows Live Messenger
- 5631 - pcANYWHEREdata, Symantec pcAnywhere (version 7.52 and later data
- 5632 - pcANYWHEREstat, Symantec pcAnywhere (version 7.52 and later) status
- 5900 - Remote Frame Buffer protocol (RFB)
- 6667 - IRC (Internet Relay Chat)
- 119 - Network News Transfer Protocol (NNTP)
- 375 - Hassle
- 425 - ICAD
- 1214 - Kazaa
- 412 - Trap Convention Port
- 1412 - InnoSys
- 2412 - CDN
- 4661 - Kar2ouche Peer location service
- 4662 - OrbitNet Message Service
- 4665 - Container Client Message Service
- 5500 - HotLine peer-to-peer file sharing, Virtual Network Computing (VNC), Tight VNC
- 6346 - gnutella-svc, gnutella (FrostWire, Limewire, Shareaza, etc.)
- 6881–6887 - BitTorrent
- 6888 - MUSE
- 6889–6890 - BitTorrent part of a full range of ports used most often
Which are the top most scanned ports?
According to the Nmap database, the top most scanned ports are
- Port 21 for FTP
- Port 22 for SSH
- Port 23 for Telnet
- Port 25 for SMTP
- Port 53 for DNS
- Port 80 for HTTP
- Port 110 for POP3
- Port 111 for Rpcbind
- Port 135 for MSRPC
- Port 139 for netbios-ssn
- Port 143 for IMAP
- Port 443 for HTTPS
- Port 445 for Microsoft-ds
- Port 993 for IMAP
- Port 995 for POP3s
- Port 1723 for PPTP
- Port 3306 for MySQL
- Port 3389 for ms-wbt-server
- Port 5900 for VCN
- Port 8080 for http-proxy
Note: The IANA maintains the complete list of the port numbers and protocol assigned to them.