suba

i need a software that will check if a port on a network is blocked or open.

SJ_Skyline

shadow security scanner

(but don't say I told you!)

tuffer

Telnet IP address port number

Telnet xxx.xxx.xxx.xxx 80 if you get a banner back then the port is open, this is not fool proof but a hasty check.

Gedi

telneting in will not always give true feedback. Its protocol dependant and not all software will feed banners, so banner grabbing becomes usless.

If your not looking for stealth, a simple 3 way TCP connection will do what you after. This can be done with all port scanners. If your on windows, I can recomend superscan by foundstone. If your running a unix like OS, nmap is the boy.

If your looking for stealth, (i.e. not normally logged) then consider making an SYN connection. The server will reply with an SYN/ACK and then you supply an RST. Because the full connection is not made, its not normally logged. nmap will require root privlidges. Not sure about superscan on windows as I have never ran it as a regular user, only as admin.

tuffer

As I said not fool proof but a hasty check.

If he had access to nmap he would not be asking.

If you can get a Linux box then get the latest version of nmap and use the -sV switch and this will try and determine the version of service running.

Gedi

He might have been on a Linux box and not realise he had a tool called nmap on there. Many people run Linux and don't know the the potential of the tools that are normally packaged on there by the distro's. Also a port of nmap is now available for winblows, I have not used it extensively, but it seems to run pretty well.

The service fingerprinting feature in the latest release is pretty good. I have fiddled around with it, trying to confuse it etc, and it seems pretty robust.
Only problem with it is that it creates a full TCP connection. Not particullary stealthy.
If your not looking to be stealthy, your generally running on your own network, in which case, you should know what services are running anyway.

DJ Dunk

iTrader: (5)

If you mean checking for ports that are open to the internet then try the Shields Up Port Scan.

[Edited by DJ Dunk - 10/30/2003 8:42:07 AM]

Gedi

that will only test a certain pre-deffined set of ports, and can only be launched from the target machine.

DJ Dunk

iTrader: (5)

Indeed, but we haven't been given a great deal of info to go on have we, so just making suggestions

Gedi

lol, true.

Were all gettin stuck into this thread, and the originator has hardly given us any information to start with, or even been back to post a reply.

Maybe we get too involved sometimes....hehe.

DJ Dunk

iTrader: (5)

LOL

Come on suba, help us out here

suba

what i am trying to do is to scan for port 6080 if it is blocked from the work network coz i am unable to connect to one of the internet site that does data streaming (live feed). according to the firewall people, that port is not blocked!

i have also checked with the tech support of the website i am trying to access and they say i need port 6080. i can access the website when i use dialup via an ISP coz that is outside the work network, so i know the website is working.

so all i want is to find out if port 6080 is blocked within the company network.

Gedi

How big is the company?
Most larger companies will normally use a proxy server. Everything will be dependant on the rulebase your the proxy and how your browser is set up.

Are you on windows? I'm gonna guess windows otherwise you'd know everything we've already said.
For ease, grab this tool http://www.foundstone.com/resources/...superscan4.zip and check that port. Its easy to configure, or as already said just try telnetting : telnet <firewall/proxy> <port>

If you can't install due to low privlidges, see if you can get hold of a copy of perl....I wrote you a quick perl scanning tool...hehe, I was bored!!!!

#!/usr/bin/perl

use IO::Socket;
my ( $target, $port, $maxport );

$maxport=1024; $port=0; #defaults

( $target = $ARGV[0] ) || &error;
$port=$ARGV[1] if $ARGV[1];
$maxport=$ARGV[2] if $ARGV[2];

print "Scanning : $target ports $port to $maxport\n";
foreach (; $port<=$maxport; $port++) {
print "\nPort $port is open" if ( IO::Socket::INET->new(PeerAddr=>"$target:$port",Proto=>'tc p',Timeout=>1));
}
print "\nFinished\n";
exit;

sub error {
print "PScan\nPScan server [ start-port ¡ end-port ]\n";
exit;
}

forgot so say, the syntax will be:
perl scan.pl <target> <start port> <end port>



[Edited by Gedi - 10/31/2003 11:10:52 AM]

DJ Dunk

iTrader: (5)

Try this

Gedi

Ahh, I see that Mr. over reaction Gibson has included new features
Nice

Suba, you need to verify exactly what you need. The method I gave and the method DJ Dunk gave are both correct, but do very different things.

My method will check your gateway to see if you can make connections to port 6080 on an WAN. Dunks method will check if connections can be made to port 6080 on your gateway

[Edited by Gedi - 10/31/2003 9:16:57 AM]

suba

nice one. will give them a try.

a bit more info, internet connection on the company LAN is via proxy servers. desktop are windows XP.

Gedi

LOL, thats not the info were looking for.....anyway, I just checked into this streaming this (which is pretty new to me) and it appears its a straight forward connection....therefore, you need to connect to 6080 on their server (not the other way as some services like FTP do)

Therefore, using GRC will not work.

You need to make sure your admin team will allow HTTP requests through port 6080 on the proxy. This must be transparent. Scanning alone will not give you all your answers. Just because a port is open doesn't mean it will allow connections through it.
e.g. your proxy will allow HTTP requests through port 80, but not FTP, even if the FTP server is listening on port 80

suba

checked with the firewall team and they said port 6080 is not blocked! they gonna work with the people on the website that i am trying to access now.