Port Scanner
Check for open ports and verify the port forwarding setup on your router.
What is a Port Scanner?
A port scanner is a network tool that checks whether specific ports on a computer or server are open, closed, or filtered. Ports are virtual endpoints where network connections start and end, with each service typically using a specific port number.
Port scanning is commonly used by network administrators to verify security policies and by security professionals to identify vulnerabilities. It helps ensure that only necessary ports are exposed to the internet.
Common Port Uses
Web Services
- 80 - HTTP (web traffic)
- 443 - HTTPS (secure web)
- 8080 - HTTP Proxy
File Transfer
- 21 - FTP
- 22 - SSH/SFTP
- 445 - SMB (file sharing)
Email Services
- 25 - SMTP
- 110 - POP3
- 143 - IMAP
Databases
- 3306 - MySQL
- 5432 - PostgreSQL
- 1433 - MSSQL
Security Considerations
- •Close unused ports - Only keep ports open that are necessary for your services to reduce attack surface.
- •Use firewalls - Configure firewalls to filter traffic and block unauthorized access attempts.
- •Regular audits - Periodically scan your own systems to ensure no unexpected ports are exposed.
- •Port forwarding - Verify your router's port forwarding rules are correctly configured for services you need accessible.
In-depth guide
A port scanner sends a connection probe to one or more TCP ports on a target host and reports whether each port is open, closed, or filtered. It is the fastest way to verify that a service is reachable from the public internet — whether a freshly opened firewall rule worked, whether a hosted database is accidentally exposed, or whether an outage is a network problem versus an application problem.
Open, closed, and filtered explained
An open port means a service accepted the TCP handshake. Something is listening and responding. A closed port means the host is reachable but no service is listening on that port — the host actively rejected the connection with a TCP RST. A filtered port means no response came back at all within the timeout window. Filtering usually indicates a firewall is silently dropping packets, which is the recommended default for ports that should not be exposed.
From a security perspective, filtered is preferable to closed for unused ports. Closed ports confirm a host exists, which is useful information for an attacker. Filtered ports make the host harder to inventory.
Common ports worth checking
Port 22 (SSH), 80 (HTTP), and 443 (HTTPS) are the three you'll scan most often. Port 21 (FTP), 25 (SMTP), 110 (POP3), 143 (IMAP), 465/587 (submission), 993 (IMAPS), and 995 (POP3S) cover legacy file transfer and email. Port 3306 (MySQL), 5432 (PostgreSQL), 6379 (Redis), 27017 (MongoDB), and 9200 (Elasticsearch) should almost never be open to the public internet — a positive result is usually a misconfiguration. Port 3389 (RDP) and 5900 (VNC) are common targets for credential-stuffing attacks; expose them only via VPN or a bastion host.
Legitimate use cases
Sysadmins verify firewall rules after every change — open the rule, scan the port, confirm it's actually reachable. Developers debug connectivity problems by checking whether a service is bound to the right interface (a service listening on 127.0.0.1 will appear closed from outside the host). Security teams use external scans as a sanity check against their own asset inventory — anything open that shouldn't be is a finding worth investigating. SREs use scans during incident response to distinguish 'service is down' from 'network is broken.'
Frequently asked questions
Related tools
IP Address Lookup
Look up any IPv4 or IPv6 address to find its location, ISP, city, region, country, and timezone. Free and instant results.
DNS Lookup
Check DNS records for any domain instantly. Query A, AAAA, MX, TXT, CNAME, NS and more record types for free.
Is This Website Down?
Check if a website is down for everyone or just you. Enter any URL to get its live status in seconds.
WHOIS Lookup
Look up WHOIS records for any domain. Find registration dates, registrar, nameservers, and ownership details instantly.