• Open ports by default. All ways to check if a port is open on a server

    We are often asked how to check if a port is open using standard Windows operating system tools. This is not at all difficult to do and even a novice user can do it. Let's figure it out.

    Sometimes a user has a situation when it is necessary to open one or another computer port for video games, complex programs or special Internet clients. But how can I check if it is open? at the moment this port? There are several options for solving such problems.

    I. CHECKING OPEN PORTS ON A LOCAL COMPUTER

    Method 1. In order to check open ports on your local (your) computer, you can use “ Command line» Windows operating system. To call this line, press the Win+R key combination and enter the command “ cmd", then press " OK».

    In the window that opens, enter the special command “ netstat -a» and view the list of open ports on your computer.

    Method 2. If you are connected to the Internet, you can check whether the port is open on the website whatsmyip.org/port-scanner . This resource will determine your IP address itself, and you can scan ports through a special field “ Custom Port Test».

    Enter the port you are interested in and click the " Check Port", after which you will receive an answer whether this port is open or closed.

    II. CHECKING OPEN PORTS ON A REMOTE COMPUTER

    Now let's look at how to check if a port is open on a remote computer or server. Use the same " Command line" V Windows system, but now write telnet command in format:

    telnet IP address port

    Press the " Enter" If there is no entry " Couldn't open...", then the requested port is open, otherwise - closed.

    We briefly looked at how to check if a port is open on a computer. If you have any questions, please ask them in the comments field.

    About ports, and it will clarify the situation.

    Everyone has been using simulators for a long time ( local network ), after some providers at the beginning of the new decade disconnected all their subscribers from the local network, leaving them only with an Internet connection.

    It was from that moment that the popularization began imitators, because without them, it was impossible to play with a neighbor with any toy. And from that moment on, the question about " opening ports"became more popular, and many “pseudo-sysadmins” tried to post up-to-date guidance on how to open ports on their hardware. But not everyone knows what and how to do it correctly.

    What is " Open port"? Yes, everything ingenious is simple - any computer on the network has a certain identifier (name, MAC address, IP), so, according to IP a certain packet arrives at the router, but it doesn’t just arrive via IP, and by special channel (port), through which the program sends/receives requests from the external network. According to the standard, this packet will not pass beyond the router, since by default (hereinafter referred to as default), the port on which the program runs is closed, and in order to receive the packet, it must be opened.

    What they write on the Internet - you can open ports, regardless of what network equipment is installed - all this is nonsense! Any knowledgeable system administrator will tell you that IPs are divided into two types - " White" And " Grey", and only on one can you open ports to receive "packets" from outside. Grey- this is when IP can move from hand to hand many times (also referred to as dynamic), White- or real (in other words static) can be assigned only for one user, and will not change hands.

    It is according to the “White” IP that you should open ports on your equipment. To get your “White” IP you need reverse to your provider, and after that, he will assign an IP to you. This service everywhere is paid, and depending on the region it can range from 50 rubles/month.

    Let's say we bought real IP from your provider, and now you need to start setting up. Let's look at the settings for 4 popular router models (ASUS/TP-Link/D-Link/Zyxel):

    Setting up an ASUS router


    Opening ports on a real (white) IP in an ASUS router

    Note: setup was carried out on the equipment ASUS RT-N12 C1 with firmware 3.0.0.4.260 (black interface)

    1. 192.168.1.1 ), with login and password ( admin/admin
    2. In the left menu select " Internet" (or WAN) -> Port Forwarding(or Virtual Server/Port Forwarding)
    3. Enable this option by checking the box next to " Enable Port Forwarding: Yes".
    4. Choose from ready-made templates specified ports, or enter your own:
      • Service name- you can be anything
      • Port range- you can enter either one port (for example 80) or a range (27000:27099)
      • Local IP
      • End port- just like in “Range”, you need to enter it depending on what was entered first - one or a range.
      • Protocol- TCP/UDP/BOTH /OTHER - select one (TCP/UDP ports select)
    5. After entering the data, click on the plus sign (to the left of the filling form).
    6. And after entering the data, click “Save”.
    Note:

    Setting up a D-Link router


    Opening ports on the real (white) IP in the D-link router

    Note: setup is done on the router D-link DIR 615 with white interface of the latest firmware 2.5.20 .

    1. Connect to your router via a browser ( 192.168.0.1 . or in some 192.168.1.1 ), with login and password ( admin/admin). You can find out about this at back side router or in its instructions.
    2. In the left menu select Between firewall/Virtual servers .
    3. We choose from ready-made templates, or enter our own (by selecting " Costom"):
      • Service name- you can be anything
      • Protocol- select the desired protocol.
      • External port (initial)
      • Internal port (initial)
      • Internal IP
    4. Apply", and then through " System" - select the item "", and only after that the ports should open.
    Note: Interface items and names may differ depending on the model and firmware network equipment(router).

    Setting up a TP-Link router


    Opening ports on the real (white) IP in the TP-Link router

    TP-LINK TL-WR940N / TL-WR941ND with firmware 3.13.31 .

    1. Connect to your router via a browser ( 192.168.0.1/192.168.1.1 ), with login and password ( admin/admin). You can find out about this on the back of the router or in its instructions.
    2. In the left menu select Forwarding (Forwarding) -> Virtual servers (Virtual Server).
    3. After opening the section " Virtual servers"You should see a page with a list of open ports. In order to open the port you need, here you need to click on the “Add new” button and fill out the form:
      • Service port– external port. Here you need to enter the port (or a range of ports separated by a hyphen, for example, 10100-10200)
      • Internal port– an internal port that will be used by programs on your computer.
      • IP address
      • Protocol
      • State (Status) – port status.
    4. After entering the data, you can click " Save" (Save).
    Note: The interface items and names may differ depending on the model and firmware of the network equipment (router).

    Setting up a ZyXEL router


    Opening ports on the real (white) IP in the ZyXEL router

    Note: setup is done on the router ZyXEL Keenetic with firmware 2.0 .

    1. Connect to your router via a browser ( 192.168.0.1/192.168.1.1 ), with login and password ( admin/admin or admin/1234). You can find out about this on the back of the router or in its instructions.
    2. In the left menu select "Safety"(in the form of a shield) -> .
    3. After opening the section " Network Address Translation (NAT)"Click on the "Add" button and add according to the template:
      • Interface– select the required interface.
        Attention! The value of the Interface field must be specified correctly. Depending on whether your ISP uses authentication (PPPoE, L2TP or PPTP), the meaning of this field may vary. If authorization with the provider is not used, you should always select the Broadband connection (ISP) interface. If your provider uses PPPoE to access the Internet, then you should select the appropriate PPPoE interface.
        If you are given simultaneous access to the provider’s local network and the Internet (Link Duo), you need to select the Broadband connection (ISP) interface to forward a port from the local network, and select a tunnel interface (PPPoE, PPTP or L2TP) to forward a port from the Internet.
      • Protocol– you can specify a protocol from the list of presets that will be used when forwarding the port (in our example, TCP/21 is used – Transmission FTP files). When you select TCP or UDP in the Protocol field, you can
      • TCP/UDP ports- specify the port number or range of ports.
      • Redirect to address- indicate the local IP address of the computer.
    4. After entering the data, you can click " Save".
    Note: The interface items and names may differ depending on the model and firmware of the network equipment (router).

    Summing up, we can draw the following conclusion - that in order to forward ports and save your nerve cells, it is better to immediately buy from your provider static (white) IP, since on gray - port forwarding will not be possible. If everything was done successfully, then the visibility of the ports can be checked at , or at . From the experiment with routers, I was able to do everything correctly on only three out of four routers (except Zyxel).

    When an application or service on a computer works with the network, a logical port is opened, reserving a number through which information is transferred to remote servers or clients. According to the TCP/IP protocol, a number from 0 to 65535 is taken. And the meaning of these actions is that it is unique for each application and unambiguously determines “who” the received data belongs to.

    But the selected number is not always available - it may be busy or open by another program. And sometimes it becomes necessary to enter this “number” manually. In order not to sort through everything, the user can quickly check the ports for openness, then selecting any free one. But alas, not everyone has an idea of ​​how this can be done. Let's talk about the simplest and easiest verification methods:

    • standard way;
    • use of online verification service sites;
    • analysis of port availability through specialized utilities/applications.

    To solve a problem, it is not at all necessary to resort to tricks or third party applications. You can take advantage of the system's capabilities, which also allow you to find out the answer to the question: is the port open?

    To do this you will need to launch the command line. This can be done either using the “Run” window or through the search. IN Windows versions 7 and below click “Start”, in 8.1 - the Start button. Enter and find cmd, this is the command line. You need to run it using the right mouse button, as an administrator. Then you can enter one of two commands:

    1. netstat -a - shows open (listening, active - established, waiting - time_wait) and closed ports;
    2. netstat -aon | more - list of available ones.

    The second option is convenient in that it can be used to find out which program is bound to a particular port. To do this, look in the PID column - there is a number indicated there that is the process identifier. Launch the task manager or go to the “Details” tab (for Windows 8 and 8.1) and look for the number in the “Process ID”. If the name of the application is unfamiliar or seems suspicious, then right-click on it and select “Open location”.

    Checking the port for availability using online services

    If your computer has access to the Internet, then you don’t even have to bother with the command line and other “wisdom”, instead finding one of the many special service sites that check the openness of ports in just a few mouse clicks. You just need to enter the required number in the column and click the “Check” button. The results are as follows:

    Port closed

    It is impossible to connect using it. Various malware or hackers will also not be able to use the port to hack, attack or obtain data from the computer. High level protection against network threats is precisely characterized by the fact that all unknown ports must be closed. But large number"numbers" open to external access - bad indicator.

    However, the reason for port unavailability may be incorrect setting application or network equipment running with it. Just in case, you can check your firewall for network access and installed programs.

    A port can also be closed due to a very slow connection: a situation where it is actually open, but the response time on the network is too high. Then connection becomes problematic or completely impossible.

    Port is open

    Selected identification number available for connection and internet. If that's what you need, great. But when it actually should be closed, it is necessary to find out the reason for the “openness”.

    First of all, they check running applications and services (services). It may be used by some of them to log out and work online. But there is a small chance that open port is used externally or is a consequence of the active activity of viruses. In this case, checking with an antivirus will also not be superfluous.

    How else can you check if the port is open?

    If the first and second methods are not suitable for some reason, then you can approach the problem differently: there are a huge number of different useful programs, which will provide comprehensive information on the ports available on the computer, for a fee or free of charge. At the same time, on the Internet you can find utilities that are quite simple both in terms of use and the information they provide. Examples of such applications include Free Port Scanner And CurrPorts- both of them are free.

    How to close it?

    Having figured out how to check whether a port is open, the user may be interested in another question: if it is still active, then how to close it if necessary? It's actually not that difficult.

    The main thing is to find and eliminate the reason that makes it accessible. If this is a program process or a running service, then it must be found through the task manager and closed or stopped. But it also happens that regular applications nothing to do with it... then there is every reason to thoroughly check your computer with an antivirus for the possible presence of malicious software. If you access the Internet through a router, find and delete unnecessary port forwarding rules. And for additional protection You can install a more advanced firewall.

    Video

    In this video you will learn how to check open ports and determine who is using them.

    Didn't get an answer to your question? Suggest a topic to the authors.

    Using standard means Windows, you can check whether the port that the program uses to operate is closed.
    In order to check open/closed Windows ports, you must use the command line. To launch it, press the key combination “Windows + R”. After these steps, a window will open. You need to enter “cmd” in it. After that, press the “Enter” key.

    A black window will appear on the screen, which experts call the command Windows string. Now you can run the utility itself, which will allow you to view the list of closed ports. Enter "netstat" into the command.

    After entering, press the "Enter" key. In the window command line information about all will be displayed open ports your computer. It will be listed next to domain name your personal computer and is separated from it by a colon. Please note that everything ports, which are not listed in this list are private. And if the port that your application uses is on this list, then it will need to be closed so that the application can function normally.

    Please note

    If the information provided is not enough for you, you can explore all the capabilities of the “netstat” utility by running it with the –h switch. This means entering the command “netstat -h” at the command prompt. Then in the window that appears you will see help for the "netstat" program.

    Useful advice

    There is also a utility called "Windows Worms Doors Cleaner", which can not only show open and closed TCP/UDP ports, but also close the open port itself. Thus, you can further protect your computer from various threats on the Internet, as well as numerous viruses. The "NetStat Agent 2.0" program can replace the built-in "netstat".

    Sources:

    • NetStat Agent 2.0

    Sometimes a user who wants to control his system as completely as possible needs to clarify which s connections are currently open from his computer. This operation takes no more than a few seconds.

    Instructions

    First of all, you can use netstat from the standard Windows set XP. To execute it, log into Windows and type “netstat 5” (without quotes). After executing the command, you will see an update every 5 seconds (you can specify any) containing information about open connections, programs using them and ports.

    Sources:

    • what port do I have open?

    There are many programs running on the computer at the same time. If program uses an Internet connection and is allocated a specific port. Sometimes the user needs to control which port is used by one or another program.

    Instructions

    The need to determine which ones are used program(or what program uses ports), usually occurs when a computer is suspected of being infected with a Trojan program. If you notice something suspicious, open the command line: “Start” - “All Programs” - “Accessories” - “Command Prompt”.

    Type tasklist in the command line and press Enter. You will receive data about all processes running in the system. Pay attention to the PID - process identifier. It will help determine which program uses one port or another.

    Type netstat –aon at the command prompt and press Enter. You will see a list of current connections. In the column " Local address» at the end of each line is the port number. The PID column contains process identifiers. After looking at the port number and its corresponding PID, go to the list of processes and use the ID number to determine which process is using this port.

    If you cannot figure out which program it belongs to by the name of the process, use one of the appropriate ones in in this case programs. For example, the Everest program, also known as Aida64. Launch the program, open the “Operating System” tab, select “Processes”. In the list of processes, find the one you need and look at its launch line. This will help determine which program the process belongs to.

    Use the program for the same purpose AnVir Task Manager. It allows you to monitor all suspicious processes, including processes of programs connecting to the Internet. All suspicious processes are highlighted in red in the program list.

    If you see that the port is being used by a program unknown to you, then if there is a current connection in the “External address” column (command netstat –aon) you will see the IP address of the computer with which the connection was established. The “Status” column will contain the value ESTABLISHED – if the connection is currently present; CLOSE_WAIT if the connection is closed; LISTENING if program waiting for connection. The latter is typical for backdoors - one of the varieties Trojan programs.

    Sources:

    • what ports does skype use

    A firewall, also known as a firewall and firewall, is designed to control incoming and outgoing Internet traffic. The security of your network depends on how correctly the firewall is configured.

    Instructions

    IN operating system Windows has a built-in firewall, but its capabilities are very limited, so it is better to use a third-party program. One of best programs This type is Outpost Firewall.

    Before starting setup, open the main program window. Select “Options” - “System”, then find the “Global rules and rawsocket access” section at the bottom of the tab and click the “Rules” button in it.

    In the window that opens, click the “Add” button. In the “Select an event for the rule” field, check the boxes “Where is the protocol”, “Where is the direction” and “Where is the local port”. Below, in the “Rule Description” field, select “Undefined” with the mouse in the “Where is the protocol” line and select the TCP protocol in the window that opens.

    In the “Rule Description” field, click “Undefined” in the “Where is the direction” line, select “Incoming (from a remote computer to your computer)” in the connection type. In the same field, click “Undefined” in the “Where is the local port” line and enter the port number that needs to be closed.

    In the “Select actions for the rule” field, check the “Block this data” checkbox. Click "OK" - the selected port is closed for incoming connections. You can close it for outgoing ones too, by selecting in the settings described just above, instead of an incoming connection, an outgoing one - “Outgoing (from your computer to remote computer)».

    If you are using a regular firewall Windows, check the exclusion list: “Start” – “Control Panel” – “ Windows Firewall" - "Exceptions". Uncheck "Remote" if you do not use it. You can disable exceptions altogether by checking the checkbox on the “General” tab in the “Do not allow exceptions” line.

    The firewall in Windows 7 has more capabilities than in Windows XP; it can be used to control both individual ports and specified ranges. Create a rule for outgoing connections, when starting the rule creation wizard, select “All programs”. Click “Next”, in the window that opens, select “Block connections”. Click “Next” again, select a profile and specify a rule name. Then in the rule properties specify ports, which the firewall should block. The rule for incoming connections is created in the same way.

    Internet applications send data through special ports. Network port- allocated system resource executing on a specific network host. If the port is closed, the program will not be able to access the network, and therefore will not be able to perform its functions correctly.

    Any computer that connects to the Internet is immediately assigned an individual network address. Every application that uses an Internet connection uses one of the available ports. All information about the connection ports used can be obtained on your computer; for this you will need:

    Personal computer or laptop (Our online store has a large supply of powerful laptops.);

    — Internet connection.

    Instructions

    • Netstat -a – Displays all connections to open ports.
    • Netstat -o – Displays the additional process ID that a specific connection is using.
    • Netstat -n – real IP addresses and port identification data will be displayed.
    1. 3. To obtain information about computer connections, you can use a third-party software. Completely replaces command line capabilities and has additional functions TCPView utility. This utility is Microsoft product and you can download it on the manufacturers’ official website. After you download and install the TCPView program, run it and in the main application window you will receive a list of all processes that use the Internet. All information about ports will be available initially, study the program interface to obtain detailed information about connections.
    2. 4. Currently, there are many other programs on the Internet that are capable of performing this operation. For example, the Nmap utility or Advanced Port Scanner, many of these programs can be found freely available on the Internet.
    3. 5. To define connection ports, there are various internet resources. For example, one of the most common resources is located at http://2ip.ru/. To check open ports third party programs you need to go to this website and in the “Tests” section select “Security of your computer”. Click the "Check" button and wait for the operation to complete.
    Read more: