Port Checker

Instantly check whether a port on any host is open, closed, or filtered. Diagnose firewall rules, confirm services are running, and identify exposed ports.

Common ports:

Common port numbers reference

PortProtocolDescription
21FTPFile Transfer Protocol
22SSHSecure Shell
23TelnetTelnet remote login
25SMTPSimple Mail Transfer Protocol
53DNSDomain Name System
80HTTPHyperText Transfer Protocol
110POP3Post Office Protocol v3
143IMAPInternet Message Access Protocol
443HTTPSHTTP Secure
587SMTPSMTP (mail submission)
993IMAPSIMAP over SSL
995POP3SPOP3 over SSL
3306MySQLMySQL database
3389RDPRemote Desktop Protocol
5432PostgreSQLPostgreSQL database
6379RedisRedis in-memory database
8080HTTP-altHTTP alternate (proxy/dev)
27017MongoDBMongoDB database

What is a port checker?

A port checker is an online diagnostic tool that tests whether a specific network port on a remote host is open, closed, or filtered. It sends a TCP connection attempt to the target host and port, then interprets the response (or lack thereof) to determine the port's status. This is useful for verifying that web servers, databases, mail servers, and other services are reachable from the outside world.

What are ports?

A network port is a logical endpoint within an operating system through which applications communicate over a network. Every TCP or UDP connection is identified by a combination of an IP address and a port number. Ports range from 0 to 65,535. Ports 0–1,023 are well-known ports reserved by IANA for standard protocols like HTTP (80), HTTPS (443), and SSH (22). Ports 1,024–49,151 are registered ports used by specific applications. Ports 49,152–65,535 are dynamic or ephemeral ports assigned temporarily by the operating system for outbound connections.

What do the port status results mean?

When the port checker runs, one of three outcomes is reported. An open port means a service is actively listening and accepting connections on that port. A closed port means the host is reachable but no service is bound to that port — the host sent back a TCP RST (reset) packet. A filtered or silent port means no response was received within the timeout window, which typically indicates a firewall is blocking or dropping packets destined for that port.

What are TCP and UDP ports?

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are the two main transport-layer protocols. TCP establishes a reliable connection using a three-way handshake (SYN → SYN-ACK → ACK) before transmitting data, guaranteeing delivery and ordering. UDP sends packets without establishing a connection first — it is faster but does not guarantee delivery, making it suitable for real-time applications such as video streaming, DNS queries, and online gaming. This tool checks TCP ports.

Well-known and registered ports

IANA (Internet Assigned Numbers Authority) manages the global port number registry. Well-known ports (0–1,023) are assigned to core internet protocols: port 80 for HTTP, 443 for HTTPS, 25 for SMTP, and so on. Registered ports (1,024–49,151) are allocated to specific applications such as MySQL (3306), PostgreSQL (5432), and Redis (6379). Understanding which service belongs to which port helps you quickly identify what is exposed on a server.

Common port scanning techniques

There are several methods for scanning ports, each with different trade-offs between speed, stealth, and accuracy. A ping scan sends an ICMP echo request to check whether a host is alive before probing its ports. A SYN scan (half-open scan) sends only the initial SYN packet and notes whether an ACK is returned, without completing the full TCP handshake — this is fast and often unlogged. A TCP connect scan completes the full three-way handshake, making it fully reliable but more visible in server logs.

Port scanning and security

Port checking is a standard part of network security auditing. Open ports that are not actively used or secured represent potential attack surfaces — an attacker can probe these ports to identify vulnerable services. Regular port audits help administrators confirm that only intended services are publicly reachable, that firewall rules are working correctly, and that no unexpected services have been started. Organizations should pair port checks with a properly configured firewall, principle of least privilege for network access, and routine patch management.

Frequently Asked Questions

Why is port scanning important?

Port scanning provides a real-time view of which services your server or device is exposing to the network. It helps administrators verify that firewall rules are effective, identify services that should not be publicly accessible, and detect misconfigurations before attackers do.

How do I check if a port is open?

Enter the hostname or IP address and the port number into the tool above, then click Check Port. The result will tell you whether the port is open, closed, or filtered, along with the response time and the protocol typically associated with that port.

How do I find which ports my system is using?

On Windows, open Command Prompt and run netstat -an to list all active connections and listening ports. On macOS or Linux, run netstat -an or ss -tuln in the terminal. These commands show all ports currently in use along with their state (LISTEN, ESTABLISHED, etc.).

How do I close an open port?

To close a port, you need to either stop the service listening on it or block it at the firewall level. Stopping the service is the more thorough approach — if the port is no longer in use, disable or uninstall the service so it cannot be restarted. Adding a firewall rule (using ufw, iptables, or Windows Firewall) blocks external access without stopping the service, which is useful when a service needs to run locally but not be publicly accessible.

What is a port scan attack?

A port scan attack occurs when a malicious actor systematically probes a host's ports to identify open services and potential vulnerabilities. Commonly targeted services include those running outdated software with known exploits. Keeping open ports to a minimum, running services with up-to-date software, and enforcing firewall rules are the primary defences against port scan attacks.

Is it legal to check someone else's ports?

Port scanning your own servers and devices is entirely legal and is standard practice for network administrators. Scanning ports on systems you do not own or have explicit permission to test may be illegal in many jurisdictions. Always obtain proper authorisation before scanning third-party systems.

What is the difference between open and filtered ports?

An open port actively accepts connections — a service is listening and will respond. A filtered port does not respond at all; a firewall is silently dropping packets before they reach the service. Both differ from a closed port, where the host itself sends back a refusal message, indicating no service is bound to that port but the host is reachable.