Check status of one port on remote host

Question

I need a command line that can check the port status on a remote host. I tried ping xxx.xxx.xxx.xxx:161 but it doesn't recognize the "host". I thought it was a "good" answer until I did the same command against a host I know has that port open. This is for a batch file on Windows that will check the status of the remote port then run a command that uses that remote port for information, then the remote port check command again, then the command that uses that port on the next server for information, and so on. I've looked everywhere and thought the ping might do it, but there must be various versions of ping, I suppose as the server I am doing this on does not show that option.

Just for chuckles, I tried a web-based remote port checker from a website - and the results were correct for both the "problem" server and the correct server. However, I can't use that in a batch run with 500+ server IPs in it.

Is there something I can do that is simple? My Perl skills are extremely rusty (use it or lose it), don't know any other Windows based languages except batch. Unix is my skill, but this must be executed from Widows Server 2003.

Someone already did this: http://serverfault.com/questions/309357/ping-a-specific-port — Vadzim, Apr 23 '14 at 09:37
As this question is closed I've answered [here](http://stackoverflow.com/questions/41522605) — npocmaka, Jan 07 '17 at 16:02
PowerShell: [How to check if port is open on a remote server with batch file and without third party software?](https://stackoverflow.com/q/41522605/55075) — kenorb, Apr 08 '18 at 23:10
The gold standard is undoubtedly `nmap` [nmap.org](https://nmap.org/), but it typically requires root for “best results”.`nmap -sT google.com` output: `... ... PORT STATE SERVICE 80/tcp open http 443/tcp open https`. For example, instead of a stealth `syn` scan (`-sS`), it falls back to a standard TCP connect scan (`-sT`). This is functionally equivalent to `netcat`, but with the nice multi-host, sped-up capabilities that it has. — Milovan Tomašević, Mar 09 '21 at 23:58

Glenn · Answer 1 · 2009-07-22T21:45:12.803

162

You seem to be looking for a port scanner such as nmap or netcat, both of which are available for Windows, Linux, and Mac OS X.

For example, check for telnet on a known ip:

nmap -A 192.168.0.5/32 -p 23

For example, look for open ports from 20 to 30 on host.example.com:

nc -z host.example.com 20-30

edited Jul 22 '09 at 21:45

answered Jul 22 '09 at 21:31

Glenn

6,455
4
33
42

Both of these are available for Windows. – Glenn Jul 22 '09 at 21:45
1

your nmap command should real "-p23" without the space. nmap treats each unit not immediately preceded by a flag as a separate scan destination – Brandon Lebedev Feb 01 '15 at 04:53
nmap: illegal option -- z See the output of nmap -h for a summary of options. – karlingen Nov 22 '16 at 11:14
18

should be `nc -zv host.example.com 20-30`. otherwise there is no output – Aryeh Beitz Nov 22 '16 at 12:04
1

The option `-z` for `nc` is not available on Linux. – valentin_nasta Jan 17 '17 at 13:58
1

@valentin_nasta yes, it is, perhaps depending on what version of netcat you are using (gnu or openbsd). Here is the relevant line from the man page for nc (openbsd version) on my Arch linux system: -z Specifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in conjunction with the -l option – pgoetz Oct 04 '18 at 20:00

score 132 · Answer 2 · edited Dec 23 '16 at 21:00

132

In Command Prompt, you can use the command telnet.. For Example, to connect to IP 192.168.10.1 with port 80,

telnet 192.168.10.1 80

To enable telnet in Windows 7 and above click. From the linked article, enable telnet through control panel -> programs and features -> windows features -> telnet client, or just run this in an admin prompt:

dism /online /Enable-Feature /FeatureName:TelnetClient

edited Dec 23 '16 at 21:00

Luke

418
4
11

answered Jan 19 '12 at 03:06

Naveen Yedugani

1,446
1
9
3

3

This is the easiest method if telnet is installed on the Windows device – shonky linux user Apr 29 '13 at 01:12
30

... and it takes 2 seconds to add it to windows (8.1 in my case) > Control Panel > Add Programes > Turn windows features on – Chris Moutray Feb 07 '14 at 06:39
14

Just for info: if the port is not open: Connecting To #####...Could not open connection to the host, on port ####: Connect failed ; And if the port is open you'll end up in telnet (CTRL+] then 'quit') – blackstrype Apr 14 '15 at 09:52

kenorb · Answer 3 · 2015-12-29T18:54:49.777

29

For scripting purposes, I've found that curl command can do it, for example:

$ curl -s localhost:80 >/dev/null && echo Connected. || echo Fail.
Connected.
$ curl -s localhost:123 >/dev/null && echo Connected. || echo Fail.
Fail.

Possibly it may not won't work for all services, as curl can return different error codes in some cases (as per comment), so adding the following condition could work in reliable way:

[ "$(curl -sm5 localhost:8080 >/dev/null; echo $?)" != 7 ] && echo OK || echo FAIL

^{Note: Added -m5 to set maximum connect timeout of 5 seconds.}

If you would like to check also whether host is valid, you need to check for 6 exit code as well:

$ curl -m5 foo:123; [ $? != 6 -a $? != 7 ] && echo OK || echo FAIL
curl: (6) Could not resolve host: foo
FAIL

To troubleshoot the returned error code, simply run: curl host:port, e.g.:

$ curl localhost:80
curl: (7) Failed to connect to localhost port 80: Connection refused

See: man curl for full list of exit codes.

edited Dec 29 '15 at 18:54

answered Nov 01 '15 at 00:10

kenorb

155,785
88
678
743

Unfortunately this doesn't work for me (at least on bash in OS X). – Mike Atlas Dec 29 '15 at 18:13
1

A custom service. FWIW it sort-of works: `curl $IP:$PORT` yields: `curl: (52) Empty reply from server` (versus `curl: (7) Failed to connect`) but much like `nc`, I can't `| grep Empty` for these output statements like one might expect (something about newlines or lack of immediate output?). I presume your line is a conditional based off of the exit code, right? I'm on El Cap; maybe in other versions or OSes the failure state exits `-1` rather than `52`? – Mike Atlas Dec 29 '15 at 18:25
Yeah that would do it. `curl -s $IP:$PORT >/dev/null; if [ $? -eq 52 ]; then echo "Connected."; else echo "Fail."; fi` – Mike Atlas Dec 29 '15 at 18:39
1

The question was about Windows, which obviously doesn't have e.g. /dev/null – Arthur Tacca Jan 09 '20 at 16:50
@ArthurTacca You can always use Windows Subsystem for Linux (WSL). – kenorb Jan 09 '20 at 17:05

score 25 · Answer 4 · edited Feb 21 '17 at 23:09

25

Press Windows + R type cmd and Enter

In command prompt type

telnet "machine name/ip" "port number"

If port is not open, this message will display:

"Connecting To "machine name"...Could not open connection to the host, on port "port number":

Otherwise you will be take in to opened port (empty screen will display)

edited Feb 21 '17 at 23:09

driconmax

956
1
18
32

answered Apr 26 '13 at 06:37

Leo

399
4
6

9

Note that telnet is not installed by default on modern windows systems. You will have to install it from the Add/Remove Windows Features control panel. – Greg Jul 04 '18 at 20:40
1

@Greg or using an online tool such http://telnet-online.net/ – o.z Jul 30 '18 at 11:52
2

@o.z true, unless you're checking the status of an internal server – Greg Jul 30 '18 at 13:35
works on Windows10 – Gaurav Nov 27 '18 at 10:42

minhas23 · Answer 5 · 2015-07-27T06:12:34.343

21

Use nc command,

nc -zv <hostname/ip> <port/port range>

For example,
nc -zv localhost 27017-27019
or
nc -zv localhost 27017

You can also use telnet command

telnet <ip/host> port

edited Jul 27 '15 at 06:12

answered Jul 21 '15 at 05:20

minhas23

9,291
3
58
40

score 4 · Answer 6 · answered Jul 22 '09 at 21:32

4

nc or 'netcat' also has a scan mode which may be of use.

answered Jul 22 '09 at 21:32

caskey

12,305
2
26
27

3

On Mac "nc -zv server port-range" – Vijay Kumar Nov 19 '14 at 20:33

score 2 · Answer 7 · answered Jul 22 '09 at 21:29

I think you're looking for Hping (http://www.hping.org/), which has a Windows version.

"The interface is inspired to the ping(8) unix command, but hping isn't only able to send ICMP echo requests. It supports TCP, UDP, ICMP..."

It's also very useful if you want to see where along a route that a TCP port is being blocked (like by a firewall), where ICMP might not be.

kenorb · Answer 8 · 2018-07-30T10:36:15.283

In Bash, you can use pseudo-device files which can open a TCP connection to the associated socket. The syntax is /dev/$tcp_udp/$host_ip/$port.

Here is simple example to test whether Memcached is running:

</dev/tcp/localhost/11211 && echo Port open || echo Port closed

Here is another test to see if specific website is accessible:

$ echo "HEAD / HTTP/1.0" > /dev/tcp/example.com/80 && echo Connection successful.
Connection successful.

For more info, check: Advanced Bash-Scripting Guide: Chapter 29. /dev and /proc.

Related: Test if a port on a remote system is reachable (without telnet) at SuperUser.

For more examples, see: How to open a TCP/UDP socket in a bash shell (article).

Wow, this is genius! I don't know this is possible with just bash. So convenient for people like me who only have git bash installed on Windows and don't want to install another service. — dotslashlu, Jul 27 '18 at 02:48

Check status of one port on remote host

8 Answers8

Linked