Port Scanner
Scan target domains or IP addresses for open ports and identify potential service vulnerabilities.
What Is Port Scanning and Why Does It Matter?
Port scanning is a fundamental network security technique used to discover open ports and running services on a networked host. TCP/IP networking uses port numbers (0–65535) to direct traffic to specific applications — a web server listens on port 443, an SSH server on port 22, and so on. By scanning ports, administrators verify which services are exposed to the internet and identify unauthorized or unnecessary services that increase attack surface.
Common Ports and Their Services
| Port | Protocol | Notes |
|---|---|---|
| 21 | FTP | File Transfer Protocol — insecure, use SFTP instead |
| 22 | SSH | Secure Shell — use key-based auth, disable password login |
| 25 | SMTP | Mail transfer — often blocked by ISPs to prevent spam |
| 80 | HTTP | Web traffic — should redirect to HTTPS (443) |
| 443 | HTTPS | Encrypted web traffic — must be open for web servers |
| 3306 | MySQL | Database — should never be publicly accessible |
| 3389 | RDP | Remote Desktop — high-value attack target, restrict access |
| 6379 | Redis | In-memory DB — often misconfigured with no auth |
| 27017 | MongoDB | NoSQL DB — must be firewalled or auth-protected |
Network Security Best Practices
- 1.Principle of least exposure: only expose ports required for public services.
- 2.Use firewall rules to restrict database ports to application servers only.
- 3.Run port scans regularly — scheduled audits catch configuration drift.
- 4.Enable fail2ban or similar intrusion prevention on SSH and other exposed services.
- 5.Replace insecure protocols: FTP → SFTP, Telnet → SSH, HTTP → HTTPS.
- 6.Use cloud security groups as a first line of defense, plus OS-level firewalls.
Frequently Asked Questions
What is port scanning?
Port scanning is the process of checking which network ports on a host are open and accepting connections. Each port number (0–65535) corresponds to a specific network service (e.g., port 80 = HTTP, port 443 = HTTPS, port 22 = SSH). Port scanners send connection requests to each port and report whether the host responds, allowing network administrators to audit service exposure.
Is port scanning legal?
Port scanning your own systems is legal and recommended for security audits. Scanning third-party systems without authorization can be illegal in many jurisdictions and may violate the Computer Fraud and Abuse Act (CFAA) in the US and similar laws elsewhere. Our tool performs external-facing port checks similar to what any internet user can do when connecting to a service.
What does an open port mean?
An open port means the host has a service actively listening and accepting connections on that port. Not all open ports indicate a security risk — web servers need port 443 open. However, unnecessary open ports (like Telnet on 23 or FTP on 21) can be attack vectors and should be closed or firewalled if not actively used.
What are the most important ports to check?
Critical ports to audit include: 22 (SSH — ensure only key-based auth), 23 (Telnet — should be closed, insecure), 80/443 (HTTP/HTTPS — expected for web servers), 3389 (RDP — Windows remote desktop, high-value attack target), 3306 (MySQL), 5432 (PostgreSQL), 6379 (Redis), 27017 (MongoDB). Database ports should never be publicly accessible.
Why do some ports show as filtered instead of closed?
A 'filtered' result means a firewall or network device is blocking the connection — the port didn't respond with either an acceptance or rejection. This is different from 'closed' where the port actively rejects the connection. Filtered ports are often behind firewalls and may or may not have a service running behind them.
How can I close open ports on my server?
To close open ports: 1) Stop the service using that port (e.g., disable FTP server). 2) Configure firewall rules to block the port (iptables on Linux, Windows Firewall, cloud security groups). 3) Bind services to localhost only (127.0.0.1) so they're only accessible locally. Always run a port scan after making changes to verify your firewall rules are working.
Related Tools & Resources
Find domain registration, ownership, and name server details.
Query A, MX, TXT, CNAME, and NS records for any domain.
Geolocate any IP address and identify its ISP and network.
Check if an IP belongs to a VPN provider or data center.
Test your internet download speed, upload speed, and ping.
Test for WebRTC and DNS leaks in your VPN connection.