Port Scanning
Port-scanning is a process of probing a computer, server or other network host for open ports. In networking, each application running on a device is assigned an identifier called a port number. This port number is used on both ends of the transmission so that the right data is passed to the correct application. Port-scanning can be used maliciously as a reconnaissance tool to identify the operating system and services running on a computer or host, or it can be used harmlessly by a network administrator to verify network security policies on the network.
For the purposes of evaluating your own computer network’s firewall and port security, you can use a port-scanning tool like Nmap to find all the open ports on your network. Port-scanning can be seen as a precursor to a network attack and therefore should not be done on public servers on the Internet, or on a company network without permission.
To execute an Nmap port-scan of a computer on your local home network, download and launch a program such as Zenmap, provide the target IP address of the computer you would like to scan, choose a default scanning profile, and press scan. The Nmap scan will report any services that are running (e.g., web services, mail services, etc.) and port numbers. The scanning of a port generally results in one of three responses:
Open or Accepted – The host replied indicating a service is listening on the port.
Closed, Denied, or Not Listening – The host replied indicating that connections will be denied to the port.
Filtered, Dropped, or Blocked – There was no reply from the host.
To execute a port-scan of your network from outside of the network, you will need to initiate the scan from outside of the network. This will involve running an Nmap port-scan against your firewall or router’s public IP address. To discover your public IP address, use a search engine such as Google with the query “what is my ip address”. The search engine will return your public IP address.
To run a port-scan for six common ports against your home router or firewall, go to the Nmap Online Port Scanner at https://hackertarget.com/nmap-online-port-scanner/ and enter your public IP address in the input box: IP address to scan… and press Quick Nmap Scan. If the response is open for any of the ports: 21, 22, 25, 80, 443, or 3389 then most likely, port forwarding has been enabled on your router or firewall, and you are running servers on your private network, as shown in the figure.