Port Scanner

    Check for open ports and verify the port forwarding setup on your router.

    Scan Port

    Enter ports separated by commas. Max 20 ports per scan.

    Common Ports

    21FTP
    22SSH
    23Telnet
    25SMTP
    53DNS
    80HTTP
    110POP3
    115SFTP
    135RPC
    139NetBIOS
    143IMAP
    194IRC
    443SSL/HTTPS
    445SMB
    1433MSSQL
    3306MySQL
    3389Remote Desktop
    5432PostgreSQL
    5900VNC
    8080HTTP Proxy

    What is a Port Scanner?

    A port scanner is a network tool that checks whether specific ports on a computer or server are open, closed, or filtered. Ports are virtual endpoints where network connections start and end, with each service typically using a specific port number.

    Port scanning is commonly used by network administrators to verify security policies and by security professionals to identify vulnerabilities. It helps ensure that only necessary ports are exposed to the internet.

    Common Port Uses

    Web Services

    • 80 - HTTP (web traffic)
    • 443 - HTTPS (secure web)
    • 8080 - HTTP Proxy

    File Transfer

    • 21 - FTP
    • 22 - SSH/SFTP
    • 445 - SMB (file sharing)

    Email Services

    • 25 - SMTP
    • 110 - POP3
    • 143 - IMAP

    Databases

    • 3306 - MySQL
    • 5432 - PostgreSQL
    • 1433 - MSSQL

    Security Considerations

    • Close unused ports - Only keep ports open that are necessary for your services to reduce attack surface.
    • Use firewalls - Configure firewalls to filter traffic and block unauthorized access attempts.
    • Regular audits - Periodically scan your own systems to ensure no unexpected ports are exposed.
    • Port forwarding - Verify your router's port forwarding rules are correctly configured for services you need accessible.

    In-depth guide

    A port scanner sends a connection probe to one or more TCP ports on a target host and reports whether each port is open, closed, or filtered. It is the fastest way to verify that a service is reachable from the public internet — whether a freshly opened firewall rule worked, whether a hosted database is accidentally exposed, or whether an outage is a network problem versus an application problem.

    Open, closed, and filtered explained

    An open port means a service accepted the TCP handshake. Something is listening and responding. A closed port means the host is reachable but no service is listening on that port — the host actively rejected the connection with a TCP RST. A filtered port means no response came back at all within the timeout window. Filtering usually indicates a firewall is silently dropping packets, which is the recommended default for ports that should not be exposed.

    From a security perspective, filtered is preferable to closed for unused ports. Closed ports confirm a host exists, which is useful information for an attacker. Filtered ports make the host harder to inventory.

    Common ports worth checking

    Port 22 (SSH), 80 (HTTP), and 443 (HTTPS) are the three you'll scan most often. Port 21 (FTP), 25 (SMTP), 110 (POP3), 143 (IMAP), 465/587 (submission), 993 (IMAPS), and 995 (POP3S) cover legacy file transfer and email. Port 3306 (MySQL), 5432 (PostgreSQL), 6379 (Redis), 27017 (MongoDB), and 9200 (Elasticsearch) should almost never be open to the public internet — a positive result is usually a misconfiguration. Port 3389 (RDP) and 5900 (VNC) are common targets for credential-stuffing attacks; expose them only via VPN or a bastion host.

    Legitimate use cases

    Sysadmins verify firewall rules after every change — open the rule, scan the port, confirm it's actually reachable. Developers debug connectivity problems by checking whether a service is bound to the right interface (a service listening on 127.0.0.1 will appear closed from outside the host). Security teams use external scans as a sanity check against their own asset inventory — anything open that shouldn't be is a finding worth investigating. SREs use scans during incident response to distinguish 'service is down' from 'network is broken.'

    Frequently asked questions