Tools that I use – nmap

Peter Lorenzen
30/10-2013

For medium to large size projects the network setup can be quite complex, especially if it involves several external partners or third-party networks (VPN, MPLS etc).

Normally network changes are done by network engineers that do not have access to the servers and therefore cannot verify the changes they make.

When I have to verify a network change, firewall opening, NATing etc, I have in the past often used telnet.

This is very simple and works fine.

[root@wintermute ~]# telnet oracle.com 80
Trying 137.254.120.50...
Connected to oracle.com.

But nmap is a better tool for this kind of testing.

If telnet cannot connect to a port you will get a “Connection refused” error. You will get this error both if there is a firewall problem and if the is no application listening on the port.

nmap on the other hand will tell you if you can reach the port and if something is listening.

[root@wintermute ~]# nmap -P0 -p 80,443 10.10.10.10 | grep -A 2 PORT
PORT    STATE  SERVICE
80/tcp  open   http
443/tcp closed https

“open” means that an application is listening on the port. “closed” means packets reach the port but no application is listening.

Here is a description of all the 6 port states nmap will report.

Notice that it is possible to scan several ports at once.

If the port is block by a firewall nmap will return “filtered”.

[root@wintermute ~]# nmap -P0 -p 7013 10.10.10.10 | grep -A 1 PORT
PORT     STATE    SERVICE
7013/tcp filtered unknown

nmap can do a lot of other things but this is what I mostly use it for.

If you are using Windows you can download nmap here.

Comments on this entry are closed.

Previous post:

Next post: