RE: verifying an open or closed port on an ip address

["Norberto Meijome" <sysadmin () lef com au>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

True, telnet is probably the easiest way to check...but since telnet is
a TCP connection, it would only report TCP ports...if you want to test
if you have something waiting on port UDP/677 you will need some of the
other tools (send UDP packet, and then wait for a reply).

Also, don't forget that depending on your firewall settings, you could
get a 'not listening' from where you are testing, but the same port
could be open to traffic originated from another IP. To be thorough, you
should run the full test (with the port scanning tool of your choice)
from your LAN, DMZ and outside your firewall. (of course you should know
what your firewall is doing, but testing to confirm is always good).

Cheers,
Beto
- -- 
Norberto Meijome

"The only people that never change are the stupid and the dead", Jorge
Luis Borges.

NOTICE: The contents of this email and its attachments are confidential
and intended only for the individuals or entities named above. If you
have received this message in error, please advise the sender by reply
email and immediately delete the message and any attachments without
using, copying or disclosing the contents. Thank you.


> -----Original Message-----
> From: David Bettermann [mailto:security_01 () nerv de] 
> Sent: Friday, 8 August 2003 8:07 AM
> To: security-basics () securityfocus com
> Subject: Re: verifying an open or closed port on an ip address
>
>
> Hi Ian,
>
> > I am looking for a windows compatible utility or method, preferably 
> > command line, where I can verify whether a port on an ip address is 
> > reachable or not.  I want to be able to do individual ports and not 
> > port scans.  Say for instance I wish to verify that port 
> 677 is closed 
> > to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility 
> > that would do something like:
>
> > Check 172.16.0.1 port 677
>
> how about a quite simple "telnet 172.16.0.1 677" issued from 
> the command line?
>
> > and tell me whether that port was reachable.
>
> Command times out / reports an error: port closed
>
> Telnet connects: well, there's something listening on that 
> particular port... and may even be greeting you with an 
> identifying banner.
>
> [...]
>
> > There may be a simple way to do this...
>
> maybe someone's got an even simpler solution?
>
> cu :)
>
> David B.
>
> -- 
> Thank you for calling $PROVIDER helpdesk. If your cupholder 
> is broken, please press 1. If you want an actual knowledgable 
> support person, please enter the IP representation of a /28 netmask.
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)

iQEVAwUBPzL2vzDkbFCByVaIAQIz9Qf+MY31vRfLwVDCzfcirt5rHuW8MblIJ9s9
VSBO/hzmgonu/tak4xuHQpROmWyQ0JaIUjvSRt2ECyvGFV0WG8HQDysbtz1UJY8s
lHrWY1DOoFBqvx3SX1qN38pk2bCdIJmi+i9EwFTQzwPktcJSmDUT24QXS5J9PXpx
0pPBXpcqrHKEuNnnXP4vV+SYzco7uUhafDNgdco/XNUSviZ5NcT0D5K2pvL6UFzb
kSE4lAOQO16e09zKCR7KRQ0omhmpCxsDSuU4Z4m0owSve525rrubDIiMAnwBH6dU
zFjjDckPkWBtsdkQ1bzFmCDXQMf1vElfAaZP0RmKeoNJL/cfScAZMQ==
=swHk
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
----------------------------------------------------------------------------