Checking for open ports ?
-
I really wanted to check it from the external server.
The way that seems to work is:nc -zvw10 <server> -t <port> - for TCP
nc -zvw10 <server> -u <port> - for UPDPS: I did not realize that usually by default UPD ports don't get tested
Thank you !
-
I use Advance port scanner. there is an UDP option, ref screenshot
-
@Modesty said in Checking for open ports ?:
Advance port scanner
Is it a Windows thing or also for Linux ?
-
@chudak windows
-
If you test remotely you will only see a UDP port as 'open' if what you're testing against chooses to send a reply. Most things won't unless you send the right thing.
Steve
-
^ exactly, 1194 is the default UDP openvpn port.. .Unless your sending vpn traffic your not going to get an answer, so how would outside testing know that its open?
-
I am sending vpn traffic
nc -zvw10 <SERVER> 2194
Connection to <SERVER> 2194 port [tcp/*] succeeded!
yuriw@vmss:~$ nc -zvw10 <SERVER> -u 1194
Connection to <SERVER> 1194 port [udp/openvpn] succeeded! -
You are not actually testing anything there.
steve@steve-MMLP7AP-00 ~ $ nc -zvw10 11.11.11.1 -u 1111 Connection to 11.11.11.1 1111 port [udp/*] succeeded!Steve
-
How do you test then ?
-
You can't with UDP unless you know what you're testing against will respond.
You need to test from both ends so you can see the packets come in and whether they are opening states.
Steve
-
Testing to openvpn is hard, especially if you have set for auth on your tls key - since it won't answer anything at all unless tls key matches..
And yup UDP is hard to test as well.. Because there is no handshake..
-
Packet captures generally don't lie.
