Re: verifying an open or closed port on an ip address
Sorry, I lost the original posting - netcat is a great tool for what you want. It's kind of like using telnet to connect to a port, but it works for both UDP and TCP ports and you can pipe commands through it. Versions are available for both Windows and Unix. You can find it at the www.atstake.com web site - poke around there for free utilities... On Sat, 2003-08-09 at 13:30, Birl wrote: As it was written on Aug 7, thus [EMAIL PROTECTED] spake unto security-basics...: Ian: Date: Thu, 7 Aug 2003 13:44:58 -0400 Ian: From: [EMAIL PROTECTED] Ian: To: [EMAIL PROTECTED] Ian: Subject: verifying an open or closed port on an ip address Ian: Ian: Hello, Ian: Ian: I am looking for a windows compatible utility or method, preferably Ian: command line, where I can verify whether a port on an ip address is Ian: reachable or not. I want to be able to do individual ports and not Ian: port scans. Say for instance I wish to verify that port 677 is Ian: closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a Ian: utility that would do something like: Ian: Ian: Check 172.16.0.1 port 677 Ian: Ian: and tell me whether that port was reachable. Ian: Ian: So if I have two networks and I use this command from one I can Ian: determine whether a port is reachable on another. To determine Ian: whether a security measure is failing or not. Ian: Ian: There may be a simple way to do this... Ian: Ian: Thanks Ian: Ian I dont understand why you wouldnt portscan. You could tell nmap (or in your OS, WinNmap) to just probe a single IP's UDP (or TCP) port. nmap is designed to be flexable. It's what I use when testing for a specific port. Thanks Scott Birl http://concept.temple.edu/sysadmin/ Senior Systems AdministratorComputer Services Temple University *******+******** --- -- James V. Fields ---
Re: verifying an open or closed port on an ip address
As it was written on Aug 7, thus [EMAIL PROTECTED] spake unto security-basics...: Ian: Date: Thu, 7 Aug 2003 13:44:58 -0400 Ian: From: [EMAIL PROTECTED] Ian: To: [EMAIL PROTECTED] Ian: Subject: verifying an open or closed port on an ip address Ian: Ian: Hello, Ian: Ian: I am looking for a windows compatible utility or method, preferably Ian: command line, where I can verify whether a port on an ip address is Ian: reachable or not. I want to be able to do individual ports and not Ian: port scans. Say for instance I wish to verify that port 677 is Ian: closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a Ian: utility that would do something like: Ian: Ian: Check 172.16.0.1 port 677 Ian: Ian: and tell me whether that port was reachable. Ian: Ian: So if I have two networks and I use this command from one I can Ian: determine whether a port is reachable on another. To determine Ian: whether a security measure is failing or not. Ian: Ian: There may be a simple way to do this... Ian: Ian: Thanks Ian: Ian I dont understand why you wouldnt portscan. You could tell nmap (or in your OS, WinNmap) to just probe a single IP's UDP (or TCP) port. nmap is designed to be flexable. It's what I use when testing for a specific port. Thanks Scott Birl http://concept.temple.edu/sysadmin/ Senior Systems AdministratorComputer Services Temple University *******+******** ---
RE: verifying an open or closed port on an ip address
Nmap for Windows works great...You can access the command line with it but, as with most to-Windows ports with GUIs, the GUI builds the command line for you which is great for beginners. It also shows you the command line it will run once you select the scanning options you want through the tabbed windows, so you can start to learn what the arguments do even before knowing they exist. The helpfile/documention is really easy to understand if you're new to this kind of stuff. And the really technical stuff you probably won't need to worry about yet... -- Chris Wanstrath : [EMAIL PROTECTED] LW Consulting : www.lw-consulting.net -Original Message- From: Bradley Adams [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 5:00 PM To: [EMAIL PROTECTED] Subject: Re: verifying an open or closed port on an ip address In-Reply-To: [EMAIL PROTECTED] A great tool that I use for this type of information gathering is NMAP. Go to http://www.insecure.org It does a lot more than what you want however it has a simple command that you can use to see if a single port is open on an IP address and you can use other types of pings other than ICMP such as ACK and SYN. check it out. There is a windows version available however I don't know if it does command line. You can always install cygwin and emulate a unix/linux box on your windows box... go to http://www.cygwin.com then you can use the cygwin unix emulation command line version of NMAP. l8tr Bradley Adams [EMAIL PROTECTED] You will hardly know who I am or what I mean Linux... Power in the hands of a few ---
RE: verifying an open or closed port on an ip address
You should check out netcat. I've never used the Windows version, but the *nix version is great for scripting because you can check if a port is 'open' (example command: nc -z -n 172.16.0.1 677), and it will return true or false accordingly. It would surprise me if the Windows version did not have the same capability. Link: http://www.atstake.com/research/tools/network_utilities -- Tony Kava Network Administrator Pottawattamie County, Iowa -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, 07 August, 2003 12:45 To: [EMAIL PROTECTED] Subject: verifying an open or closed port on an ip address Hello, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 and tell me whether that port was reachable. So if I have two networks and I use this command from one I can determine whether a port is reachable on another. To determine whether a security measure is failing or not. There may be a simple way to do this... Thanks Ian :) Go to www.missingkids.com But give an' take's the gospel, an' we'll call the bargain fair, For if you 'ave lost more than us, you crumpled up the square! Mowgli's real Father... --- ---
RE: verifying an open or closed port on an ip address
you can't determine conclusively whether a port is 'open' from a remote location. what actions does your CPU take when bits arrive on an exposed network interface? If you don't know, then you can't tell whether a port is open. judging a port to be 'open' because it responds to the TCP 3-way handshake and 'closed' otherwise is wrong, even if you only care about TCP and ignore UDP. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: verifying an open or closed port on an ip address Hello, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 and tell me whether that port was reachable. So if I have two networks and I use this command from one I can determine whether a port is reachable on another. To determine whether a security measure is failing or not. There may be a simple way to do this... Thanks Ian :) Go to www.missingkids.com But give an' take's the gospel, an' we'll call the bargain fair, For if you 'ave lost more than us, you crumpled up the square! Mowgli's real Father... --- ---
Re: verifying an open or closed port on an ip address
Or telnet into it. -kai On Sat, 2003-08-09 at 17:30, Birl wrote: As it was written on Aug 7, thus [EMAIL PROTECTED] spake unto security-basics...: Ian: Date: Thu, 7 Aug 2003 13:44:58 -0400 Ian: From: [EMAIL PROTECTED] Ian: To: [EMAIL PROTECTED] Ian: Subject: verifying an open or closed port on an ip address Ian: Ian: Hello, Ian: Ian: I am looking for a windows compatible utility or method, preferably Ian: command line, where I can verify whether a port on an ip address is Ian: reachable or not. I want to be able to do individual ports and not Ian: port scans. Say for instance I wish to verify that port 677 is Ian: closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a Ian: utility that would do something like: Ian: Ian: Check 172.16.0.1 port 677 Ian: Ian: and tell me whether that port was reachable. Ian: Ian: So if I have two networks and I use this command from one I can Ian: determine whether a port is reachable on another. To determine Ian: whether a security measure is failing or not. Ian: Ian: There may be a simple way to do this... Ian: Ian: Thanks Ian: Ian I dont understand why you wouldnt portscan. You could tell nmap (or in your OS, WinNmap) to just probe a single IP's UDP (or TCP) port. nmap is designed to be flexable. It's what I use when testing for a specific port. Thanks Scott Birl http://concept.temple.edu/sysadmin/ Senior Systems AdministratorComputer Services Temple University *******+******** --- ---
Re: RE: verifying an open or closed port on an ip address
Thank you all for your answers, I have more then enough for what I need. :D Ian The Kingdom Connection Go to www.missingkids.com But give an' take's the gospel, an' we'll call the bargain fair, For if you 'ave lost more than us, you crumpled up the square! Mowgli's real Father... - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: verifying an open or closed port on an ip address Hello, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 and tell me whether that port was reachable. So if I have two networks and I use this command from one I can determine whether a port is reachable on another. To determine whether a security measure is failing or not. There may be a simple way to do this... Thanks Ian :) Go to www.missingkids.com But give an' take's the gospel, an' we'll call the bargain fair, For if you 'ave lost more than us, you crumpled up the square! Mowgli's real Father... - -- - - - -- - -- - -- - - - -- - -- -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.8 for non-commercial use http://www.pgp.com iQA/AwUBPzc7tLR5YB3MHZrzEQIDNACgvPbuSB/u/Azxd+fZYN04xXzrFWkAn3PR XbuXEvtiv6/Xt9x7kFpSumCC =oe02 -END PGP SIGNATURE- ---
RE: verifying an open or closed port on an ip address
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Howdy, Well, there is always netcat which is quite literally the leatherman of networking. You can do just about anything with it including connecting to tcp and udp ports, forging packets, listening to certain ports... etc etc.. ;) - -Original Message- From: Norberto Meijome [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 6:03 PM To: [EMAIL PROTECTED] Subject: RE: verifying an open or closed port on an ip address *** PGP Signature Status: bad *** Signer: Norberto Meijome ([EMAIL PROTECTED]) Sharman Networks (Invalid) *** Signed: 8/7/2003 6:02:55 PM *** Verified: 8/10/2003 11:39:58 PM *** BEGIN PGP VERIFIED MESSAGE *** True, telnet is probably the easiest way to check...but since telnet is a TCP connection, it would only report TCP ports...if you want to test if you have something waiting on port UDP/677 you will need some of the other tools (send UDP packet, and then wait for a reply). Also, don't forget that depending on your firewall settings, you could get a 'not listening' from where you are testing, but the same port could be open to traffic originated from another IP. To be thorough, you should run the full test (with the port scanning tool of your choice) from your LAN, DMZ and outside your firewall. (of course you should know what your firewall is doing, but testing to confirm is always good). Cheers, Beto - -- Norberto Meijome The only people that never change are the stupid and the dead, Jorge Luis Borges. NOTICE: The contents of this email and its attachments are confidential and intended only for the individuals or entities named above. If you have received this message in error, please advise the sender by reply email and immediately delete the message and any attachments without using, copying or disclosing the contents. Thank you. -Original Message- From: David Bettermann [mailto:[EMAIL PROTECTED] Sent: Friday, 8 August 2003 8:07 AM To: [EMAIL PROTECTED] Subject: Re: verifying an open or closed port on an ip address Hi Ian, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 how about a quite simple telnet 172.16.0.1 677 issued from the command line? and tell me whether that port was reachable. Command times out / reports an error: port closed Telnet connects: well, there's something listening on that particular port... and may even be greeting you with an identifying banner. [...] There may be a simple way to do this... maybe someone's got an even simpler solution? cu :) David B. -- Thank you for calling $PROVIDER helpdesk. If your cupholder is broken, please press 1. If you want an actual knowledgable support person, please enter the IP representation of a /28 netmask. -- - -- -- *** END PGP VERIFIED MESSAGE *** - -- - - - -- - -- -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.8 for non-commercial use http://www.pgp.com iQA/AwUBPzc65LR5YB3MHZrzEQLbWACbBSg3BRA8Obo/iwzgcvkzl21QbVMAnjSu eT7kFSvNnTZqhVTvuV+ZqQD/ =G2+Z -END PGP SIGNATURE- ---
RE: verifying an open or closed port on an ip address
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I love it when people respond with these sorts of e-mails. I think the question is will a port accept a connection, and yes, you can determine that FOR THE MOST PART from a remote location. Answering such a simple question with such a low-level answer is a failed attempt at flaunting your knowledge. Don't try to sound so smart, instead try to give him help. - -Original Message- From: Jason Coombs [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 5:07 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: verifying an open or closed port on an ip address you can't determine conclusively whether a port is 'open' from a remote location. what actions does your CPU take when bits arrive on an exposed network interface? If you don't know, then you can't tell whether a port is open. judging a port to be 'open' because it responds to the TCP 3-way handshake and 'closed' otherwise is wrong, even if you only care about TCP and ignore UDP. - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: verifying an open or closed port on an ip address Hello, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 and tell me whether that port was reachable. So if I have two networks and I use this command from one I can determine whether a port is reachable on another. To determine whether a security measure is failing or not. There may be a simple way to do this... Thanks Ian :) Go to www.missingkids.com But give an' take's the gospel, an' we'll call the bargain fair, For if you 'ave lost more than us, you crumpled up the square! Mowgli's real Father... - -- - - - -- - -- - -- - - - -- - -- -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.8 for non-commercial use http://www.pgp.com iQA/AwUBPzc7tLR5YB3MHZrzEQIDNACgvPbuSB/u/Azxd+fZYN04xXzrFWkAn3PR XbuXEvtiv6/Xt9x7kFpSumCC =oe02 -END PGP SIGNATURE- ---
RE: verifying an open or closed port on an ip address
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 True, telnet is probably the easiest way to check...but since telnet is a TCP connection, it would only report TCP ports...if you want to test if you have something waiting on port UDP/677 you will need some of the other tools (send UDP packet, and then wait for a reply). Also, don't forget that depending on your firewall settings, you could get a 'not listening' from where you are testing, but the same port could be open to traffic originated from another IP. To be thorough, you should run the full test (with the port scanning tool of your choice) from your LAN, DMZ and outside your firewall. (of course you should know what your firewall is doing, but testing to confirm is always good). Cheers, Beto - -- Norberto Meijome The only people that never change are the stupid and the dead, Jorge Luis Borges. NOTICE: The contents of this email and its attachments are confidential and intended only for the individuals or entities named above. If you have received this message in error, please advise the sender by reply email and immediately delete the message and any attachments without using, copying or disclosing the contents. Thank you. -Original Message- From: David Bettermann [mailto:[EMAIL PROTECTED] Sent: Friday, 8 August 2003 8:07 AM To: [EMAIL PROTECTED] Subject: Re: verifying an open or closed port on an ip address Hi Ian, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 how about a quite simple telnet 172.16.0.1 677 issued from the command line? and tell me whether that port was reachable. Command times out / reports an error: port closed Telnet connects: well, there's something listening on that particular port... and may even be greeting you with an identifying banner. [...] There may be a simple way to do this... maybe someone's got an even simpler solution? cu :) David B. -- Thank you for calling $PROVIDER helpdesk. If your cupholder is broken, please press 1. If you want an actual knowledgable support person, please enter the IP representation of a /28 netmask. -- - -- -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) iQEVAwUBPzL2vzDkbFCByVaIAQIz9Qf+MY31vRfLwVDCzfcirt5rHuW8MblIJ9s9 VSBO/hzmgonu/tak4xuHQpROmWyQ0JaIUjvSRt2ECyvGFV0WG8HQDysbtz1UJY8s lHrWY1DOoFBqvx3SX1qN38pk2bCdIJmi+i9EwFTQzwPktcJSmDUT24QXS5J9PXpx 0pPBXpcqrHKEuNnnXP4vV+SYzco7uUhafDNgdco/XNUSviZ5NcT0D5K2pvL6UFzb kSE4lAOQO16e09zKCR7KRQ0omhmpCxsDSuU4Z4m0owSve525rrubDIiMAnwBH6dU zFjjDckPkWBtsdkQ1bzFmCDXQMf1vElfAaZP0RmKeoNJL/cfScAZMQ== =swHk -END PGP SIGNATURE- ---
Re: verifying an open or closed port on an ip address
In-Reply-To: [EMAIL PROTECTED] A great tool that I use for this type of information gathering is NMAP. Go to http://www.insecure.org It does a lot more than what you want however it has a simple command that you can use to see if a single port is open on an IP address and you can use other types of pings other than ICMP such as ACK and SYN. check it out. There is a windows version available however I don't know if it does command line. You can always install cygwin and emulate a unix/linux box on your windows box... go to http://www.cygwin.com then you can use the cygwin unix emulation command line version of NMAP. l8tr Bradley Adams [EMAIL PROTECTED] You will hardly know who I am or what I mean Linux... Power in the hands of a few Received: (qmail 8234 invoked from network); 7 Aug 2003 21:40:44 - Received: from outgoing3.securityfocus.com (205.206.231.27) by mail.securityfocus.com with SMTP; 7 Aug 2003 21:40:44 - Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing3.securityfocus.com (Postfix) with QMQP id 3DDD5A30B7; Thu, 7 Aug 2003 15:43:59 -0600 (MDT) Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Id: security-basics.list-id.securityfocus.com List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Unsubscribe: mailto:[EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] Delivered-To: moderator for [EMAIL PROTECTED] Received: (qmail 24681 invoked from network); 7 Aug 2003 11:37:59 - Message-ID: [EMAIL PROTECTED] X-EM-APIVersion: 2, 0, 1, 0 X-Priority: 3 (Normal) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: verifying an open or closed port on an ip address Date: Thu, 7 Aug 2003 13:44:58 -0400 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hello, I am looking for a windows compatible utility or method, preferably command = line, where I can verify whether a port on an ip address is reachable or not= =2E I want to be able to do individual ports and not port scans=2E Say for= instance I wish to verify that port 677 is closed to traffic on ip address = Ex=2E 172=2E16=2E0=2E1, I'm looking for a utility that would do something li= ke: Check 172=2E16=2E0=2E1 port 677 and tell me whether that port was reachable=2E So if I have two networks and I use this command from one I can determine wh= ether a port is reachable on another=2E To determine whether a security mea= sure is failing or not=2E There may be a simple way to do this=2E=2E=2E Thanks Ian :) Go to www=2Emissingkids=2Ecom But give an' take's the gospel, an' we'll call the bargain fair,=20 For if you 'ave lost more than us, you crumpled up the square!=20 Mowgli's real Father=2E=2E=2E -- - -- -- ---
Re: verifying an open or closed port on an ip address
Hi Ian, I am looking for a windows compatible utility or method, preferably command line, where I can verify whether a port on an ip address is reachable or not. I want to be able to do individual ports and not port scans. Say for instance I wish to verify that port 677 is closed to traffic on ip address Ex. 172.16.0.1, I'm looking for a utility that would do something like: Check 172.16.0.1 port 677 how about a quite simple telnet 172.16.0.1 677 issued from the command line? and tell me whether that port was reachable. Command times out / reports an error: port closed Telnet connects: well, there's something listening on that particular port... and may even be greeting you with an identifying banner. [...] There may be a simple way to do this... maybe someone's got an even simpler solution? cu :) David B. -- Thank you for calling $PROVIDER helpdesk. If your cupholder is broken, please press 1. If you want an actual knowledgable support person, please enter the IP representation of a /28 netmask. ---