You might not know it yet but open ports–unlike most open software–are not good. In fact, you should avoid them at all costs. Let’s clarify something right off the bat. When we talk about open ports, we’re talking about potential open doors to your equipment. And when malicious people find these doors, that can use them to gain access. This is certainly not something you want. This is why port scanners were invented and we’re about to introduce you to the ten best free port scanners we could find.
We’ll begin today’s article by giving you a crash course on network ports. We’ll tell you what they are and what they are not. We’ll also explain the difference between well-known ports and other ports. We will then sidetrack a little and talk about security. We’ll let you know why you should keep unused ports closed and secure those that you do use. We will then proceed with our top 10 list of the best free port scanners. For each entry on our list, we’ll give you a brief review of the product and some of its main features.
What Is A Port Anyways?
In one sentence, ports are the network gateways into equipment. Let’s explain. Computers can do many different things at once. And several of these things may require access to the network. But typically, computers have only one network interface. Ports were invented to let different processes share a common network interface.
For example, thinks of a server that’s running both a web server and an FTP server, a very common combination. When a request comes in, how does the operating system know if it should send it to the web or FTP servers? Using ports. A request for the web server will use port 80 while a request for FTP server will use port 22.
Ports are not a physical thing, they’re just numbers from 0 to 65535 that are added to the header of data packets transmitted on a network. And they are not random either. Well, actually they are sometimes. More about his later.
Ont thing that is important for all of this to work is that everyone agrees on which port to use for what. For instance, the web server mentioned earlier expect requests to use port 80. Your web browser must then use port 80 to send the request to the web server.
The need for agreeing on which port was solved early on by standardizing ports. The Internet Assigned Numbers Authority (IANA, the same organization that also assigns IP addresses) is responsible for maintaining the official assignments of port numbers for specific uses.
Under the IANA’s control, the first 1024 ports were officially assigned to different services. Actually, this is not completely true. Some port assignments are not officially sanctioned by the IANA. They were available and some organization started using them for their purpose–often before the IANA started controlling their assignment–and, through use, their usage stuck.
Today, many of us are familiar with several of these ports. There’s port 80 for web and 21 for FTP, as mentioned earlier. We’re also familiar with port 22 for SSH or 53 for DNS. Not all of the first 1024 ports have been assigned and some are still available but their number is shrinking.
Well-known ports account for the first 1024, so what about the 64512 others? Well, ports 1024 to 49151 are what we call registered ports. Those are also controlled and assigned by the IANA. Any organization can request them for their specific purpose. This is how, for example, port 1433 became the port for Microsoft SQL server or port 47001 became the port for the Windows Remote Management Service. But the Internet being what it is, several ports in that range are used for specific purposes without having been registered with the IANA.
As for ports ranging from 49152 to 65535, they are referred to as ephemeral ports. They are temporarily used by applications to differentiate streams. Think of a web server. Several clients can connect to it at the same time. If they all used port 80, it could be hard for the server to make sure it sends responses to the right requestor. So, the initial connection is done on port 80 after which the server and client “agree” on an ephemeral port number that will be used for the remainder of their exchange.
You Should Keep Unused Ports Closed
On a computer, ports status can either be open, closed or stealth. An open port means that the computer is actively “listening” for connection requests on that port. It is an active port. A closed port, as its name implies, won’t accept incoming connections. Instead, it will respond to any request that the port is closed. Stealth ports are somewhat different. a device trying to connect to those ports won’t even get a response.
Any port that is open is an open door to the computer. And malicious users will certainly try to exploit these open doors to gain access to the computer. For instance, let’s say you have FTP port 21 open although you are not really using FTP. A hacker could then use that open port to exploit a vulnerability of the FTP software running o the computer to inject malicious software.
And if you’re not even using FTP, chance are you might not have updated the FTP server and it could very well contain exploitable vulnerabilities. This is why it is so important to ensure that unused ports are either closed or stealth.
And You Should Also Protect Those Ports You Use
As for the post you are actually using, they are still open doors and could be used for malicious activity. This is why you need to protect the open ports. It can be done in several ways, the most basic of which is keeping your operating system and other software up to date. Most software publishers release frequent patches to address discovered vulnerabilities. Another way you can protect yourself is by using firewalls and intrusion detection and/or prevention systems.
Our Top 10 Best Free Port Scanners
Port scanners are your first line of defense. They will help you discover what ports are open, closed and stealth on your equipment. Scanning a device for open ports will often reveal surprises. There will be ports you didn’t even know were open. The port scanner–or port checker–will tell you what needs to be done on each device. And keep in mind that hackers will also use port scanners to find open doors to the systems they want to access.
Port scanners come it two main form. The first is a software that you install on a computer and run from there. Alternatively, some scanners are run from a web page. There are advantages and disadvantages to both.
For instance, the web-based scanners are great because they can be used from anywhere without installing anything. They will report on what ports are open to the outside of your network. There’s a drawback to this. A port could be open on a device but appear closed or stealth from outside your network because a firewall is blocking it. In such a situation, you’d still be vulnerable to an inside attack. And rest assured that those are not uncommon at all.
Your best bet is likely to use a combination of web-based and installed software scanners. Combined, they will give you complete visibility over what’s open from the outside and from within your network.
Enough said; here’s our top 10 list of the best free port scanners:
- SolarWinds Free Port Scanner
- PortChecker Port Scanner
- Open Port Scanner
- IP Fingerprints Network Port Checker
- Free Port Scanner
- Port Checker
- WhatIsMyIP Port Scanner
- Spiceworks IP Scanner
SolarWinds is one of the major players in the networking tools field. It is also well-known for publishing quite a few very useful free tools. The SolarWinds free Port Scanner is one of them. The software is only available for Windows and will run through a GUI or as a command-line tool.
By default, the scanner will scan your network to detect all the IP address. You then select to scan on all the devices or change the range setting scan a subset of your devices. You can also specify the ports to test. By default, it will only test well-known ports but you can override this specify your own range or list of port numbers. More advanced settings will let you scan only TCP or UDP ports, do a ping check, a DNS resolution, or an OS identification test.
As a result, the software will return a list the status of all tested devices. You can imagine that this could be a long list. Fortunately, the system will let you apply filters and, for instance, only list devices with open ports. Clicking on a device reveals port detail panel. Again, it will list all of the ports in the scan range and again, you can apply a filter and only show the ports that are open.
Official download link: https://www.solarwinds.com/free-tools/port-scanner
Zenmap is an open-source GUI front end to Nmap, a free network testing utility that’s been immensely popular for over 20 years. The software, which runs on Windows, Linux, BSD, and Mac OS will test much more than just ports.
Although its user interface is not very sophisticated, it does its job well. It will scan all the ports on all computers connected to your network. It will then perform follow-up tests on the open ports that it has discovered. You can also perform a complete scan, scan all TCP ports, or scan all UDP ports. There’s also an intense scan that uses a stealth methodology where the tests won’t be logged by the tested devices as a connection. Those can take a long time, though. Expect it to take over 90 minutes for one device.
3. PortChecker Port Scanner
The PortChecker Port Scanner is a web-based scanner. It’s a great tool although not all ports are checked. The service will test 36 of the most important–and vulnerable–well-known ports for accessibility from the internet. It will also test if a service is running on each open port. There’s also an option to run a shorter scan that will only test 13 ports.
The tested ports include FTP data and control, TFTP, SFTP, SNMP, DHCP, DNS, HTTPS, HTTP, SMTP, POP3, POP3 SSL, IMAP SSL, SSH, and Telnet, to name just the main ones. Scan results are displayed as a table on the web page. If you need a quick and dirty test of the most common ports, the free PortChecker Port Scanner might be just the right tool for you.
4. Open Port Scanner
The Open Port Scanner from WebToolHub is another free online port checker. The system requires that you enter an IP address and a list of ports to check. You can only enter 10 port numbers at a time so you’ll need to run it multiple times to test more. You don’t have to enter individual port numbers, though. The system will support a range–such as 21-29–as long as it is no longer than 10. It appears to be a better tool for a quick check of specific ports that as a complete vulnerability assessment tool.
Once the scan completes, which is rather quickly, the results are displayed in a table format with the status of each port as well as service registered with that port. The results table can be exported to a CSV file. And while you’re on the WebToolHub site, you may want to have a look at some of the other free tools such as an IP location checker, a backlinks checker, a WHOIS lookup facility, and a Ping test.
5. IP Fingerprints Network Port Checker
IP FIngerprints is another website where you’ll find a certain number of free and useful tools, Amongst them is the Network Port Checker. To use it, you simply enter an IP address and a range of ports to check. Although the number of scanned ports is not limited, you are warned that a number of ports in excess of 500 might take a while to scan and that a large range will start a scan that may never end.
This tool claims to be able to work around firewalls. It is done by using SYN requests. A real connection is thus never opened and many firewalls will let the SYN request through. Whether it does go through the firewall or not is not totally relevant. This is still a very good test no matter what as it is a common method used by hackers.
6. Free Port Scanner
The Free Port Scanner is a Windows freeware that can be downloaded from the Major Geeks website. You can use this tool to scan ranges of ports. The number of scanned ports is not restricted so you could decide to scan all ports if you have time to kill.
By default, the tool will want to scan your own IP address for open ports from its own default list of ports. As you’d expect, the duration of the scan is proportional to the number of ports scanned. And it is slower when testing ports on a different device. For example, testing for all ports on your router could very well take all day. Results can show open or closed ports or both. The tool has no documentation and it’s not clear what testing method is used. Also, it appears that it only tests TCP ports, not UDP.
7. Port Checker
Port Checker is a Windows tool that is best downloaded from Softpedia. The software has no installer. you simply download its zip file, extract the executable file and run it. The executable is small and not requiring installation means you can run it from a USB stick.
The tool’s user interface is plain and quite easy to use. You simply enter an IP address and select a port number from a drop-down list. The two main limitations of this tool are that you can’t scan any port, just those from the list and that it will only scan one port per run. Despite its limitations, Port Checker is a great tool when you just need to check whether a specific port is open or not.
8. WhatIsMyIP Port Scanner
Every network administrator knows WhatIsMyIP.com. The site is commonly used to check the public IP address of a host. What you may not know is that the site also has other tools. And one of them is its Port Scanner. The main asset of the WhatIsMyIP Port Scanner is its speed. Even a multiple-port scan will complete within seconds.
The web-based tool also as a quite unique feature, unlike all other similar tools: the ability to scan by “theme” They’re actually called packages rather than themes and each includes a certain number of related ports. For example, there’s a Games package that will scan ports usually used for online gaming or a Web package that includes the FTP (20 and 21), HTTP (80) and HTTPS (8080) ports. There’s even a Malicious package that includes ports commonly used by malware and hackers.
TCPView–which you can download directly from Microsoft–is very different from the other scanners on our list. Instead of checking ports, it checks every process running on a computer and list what port is associated with what process. For each process, it also lists the number of bytes and packets in and out. The approach is more thorough than scanning ports and it will truly list every open port on a computer.
TCPView will display processes and matching ports and refresh every second, every other second or every five seconds. New processes are color-coded in green while processes that just stopped remain in the list color=coded in red of a few seconds. Processes whose statuses have changed are color-coded in yellow.
10. Spiceworks IP Scanner
The Spiceworks IP Scanner is a two-component system. There’s the dashboard which is online and a small monitoring agent that you need to install on your computer. The agent sends the data it gathers to the cloud-based dashboard where you can see the scan results. Agents are available for Linux, Windows, and Mac OS. The tool is free but it is ad-supported.
The IP scanner will auto-discover all connected devices and will report will list the device’s MAC address, its IP address and hostname, the manufacturer’s name, the operating system, and–and this is the important part for us right now–a list of open ports.
There’s not really on clear winner when it comes to port scanners. We’ve shown you ten very different tools. Each has advantages and shortcomings. But with all these tools available free of charge, nothing stops you from using a combination of tools, depending on your precise needs at any given time. Personally, I’ve used them all and found that each one has some value and will be the perfect tool in certain situations.