Checking if a port is open interactively or through a script is quite a common operation for any administrator. There are all sorts of reasons you might want to do this:
- Check if a web server is down.
- Check if a printer is working.
- Check if a firewall is blocking a port.
- Check if an SMTP Server is reachable etc.
You can test for open ports using a variety of different tools all of which have their pros and cons.
Using Telnet to test for open ports
This is the probably the most common method to check for an open port. Unfortunately Microsoft stopped including the telnet client by default on Windows Server, so you will need to install the telnet client first if it is not already installed.
The general syntax is: “telnet host portnumber”. If you do not specify a port number it will attempt to connect to the host on port 23, which is the standard telnet port.
Telnet example to Check an SMTP Server
You can check if a server has SMTP server running and available by using telnet to connect to port 25. In this example I am testing connection to my own mail server which is on Office 365:
telnet tachytelic-net.mail.protection.outlook.com 25
Telnet example to check a Web Server
You can connect to a Web server on port 80 to check that it is serving requests:
telnet www.tachytelic.net 80
In the case of a webserver you will probably just receive a blinking cursor while it waits for some input, but this does indicate a successful connection and that the port is open. You can take it a step further by issuing a HTTP Request with telnet, for example:
GET /2018/12/email-vbscript-vba-office-365/ HTTP/1.1 host: www.tachytelic.net
I get a response from the server issuing a 301 redirect sending me to the HTTPs version of the same page:
Telnet example to check a printer
You can check if a printer is working (and actually print to it) using telnet. Many printers will have port 9100 open for HP Jetdirect style printing. My printer is on 192.168.250.34. So if I run the telnet command:
telnet 192.168.250.34 9100
I will come to a flashing cursor while the print server embedded in my HP Printer waits for input. If I type “This is a test” and then quit telnet it prints a page with those words on it.
Advantages of using telnet
- Quick and easy to do a port test
- Interactive so you can do more extensive testing of certain services.
- More or less available on any operating system.
Disadvantages of using telnet
- It is interactive, so it is not suitable for automated tests.
- Not installed by default on recent versions of Windows. But easy to install, follow these instructions.
- Not useful for check UDP ports.
Using Portqry.exe to test for open ports
Portqry.exe is an old tool but still works well and has extensive options for port testing. It’s much easier to use within scripts or automated checks. It can be used to check multiple ports in a single command and makes it easy to check UDP ports as well as TCP ports.
Example Portqry command to check a single port on a web server
In this example I am checking port 443 (https) of this blog:
portqry -n www.tachytelic.net -p tcp -e 443
Example Portqry to check multiple ports on a Web server
This example shows how to use Portqry to test multiple ports at the same time, in this case ports 80 and 443:
portqry -n www.tachytelic.net -p tcp -o 80,443
Example Portqry to check an SMTP Server
Portqry is aware of some types of applications and can show you additional information returned from the server, SMTP is a good example:
portqry -n tachytelic-net.mail.protection.outlook.com -p tcp -e 25
Portqry.exe is excellent for scripting because of the vast number of options and that it can operate in quiet mode where it will simply return a status code, which is exactly what you would want if you were building this into a script. Portqry.exe has many options so it is well worth reading the documentation.
Advantages of using Portqry.exe
- Easy to use.
- Many options for checking both TCP and UDP ports.
- Quiet mode is excellent for scripting.
- Very fast.
Disadvantages of using Portqry.exe
- It is not installed by default.
- It is old software, but still works perfectly on recent operating systems.
Using Powershell Test-NetConnection to test for open ports
You can also use Powershell to test for open ports and this is a great option because it works well both interactively and for usage within a script. It’s built in to recent versions of Powershell and it is very easy to use.
Example Test-NetConnection Powershell to check a single port on a Web server
Again, this code shows how to test port 443 of this blog using Powershell:
Test-NetConnection -ComputerName www.tachytelic.net -Port 443
Example Test-NetConnection Powershell to check an SMTP Server
Test-NetConnection -ComputerName tachytelic-net.mail.protection.outlook.com -Port 25
Advantages of using Test-NetConnection
- Built in to recent versions of Windows
- Great for scripting if you are already using Powershell
- Quick and Easy
Disadvantages of using Test-NetConnection
- Not available on all versions of Windows by default.
- Only available via Powershell – which isn’t a problem, but might not fit in with some of your existing scripts.