Online
Port Scanner

An online port scanner is an essential diagnostic tool that sends packets to a specific IP address or domain to check the status of the 65,535 available TCP and UDP ports. Technically, the scanner initiates a connection attempt—usually a TCP SYN scan. If the scanner receives a SYN/ACK packet, the port is marked as 'Open.' If the host responds with a RST (Reset), the port is 'Closed.' If there is no response, the port is identified as 'Filtered,' typically indicating an active firewall or an Intrusion Prevention System (IPS). For IT security experts, this process is the first step in a vulnerability assessment to minimize the attack surface of a server.

Infrastructures use standardized ports for specific services. While port 80 (HTTP) and port 443 (HTTPS) are essential for web servers, open management ports like 22 (SSH), 23 (Telnet), or 3389 (RDP) represent potential security risks if not secured by IP whitelisting or brute-force protection. Our tool specifically checks critical ports for email (SMTP 25/587, IMAP 143/993), databases (MySQL 3306, PostgreSQL 5432), and remote management. A well-configured system should follow the principle of 'Least Privilege,' exposing only the ports strictly required for public service operation. Everything else should remain 'Closed/Filtered.'

Understanding port states is crucial for troubleshooting: 1. **Open:** An application is actively accepting connections. Caution is advised here, as the underlying service (e.g., an outdated Apache or Nginx) may have vulnerabilities. 2. **Closed:** The host is reachable, but no service is running on this port. However, this status still reveals to an attacker that the IP is active. 3. **Filtered:** This is the most secure state for unneeded ports. A firewall (like iptables, ufw, or a cloud hardware firewall) silently discards the packets (Drop). The scanner cannot determine if the port exists, significantly complicating reconnaissance attempts.

A common server configuration error is the public exposure of database ports like 3306 (MySQL) or 6379 (Redis). Attackers use automated bots to constantly scan these ports for default passwords or known exploits. Similarly critical is port 21 (FTP), as it often transmits data unencrypted. Professional administrators use VPN tunnels or SSH gateways for maintenance tasks instead to shield sensitive services from the public internet. Our port scanner helps you instantly detect such misconfigurations and meet your compliance requirements (such as ISO 27001 or SOC2).

After performing a scan, you should implement the following server hardening steps: - **Default Deny Policy:** Block all incoming connections by default and only open explicitly required ports. - **Port Knocking:** An advanced method where ports only open after a specific sequence of connection attempts. - **Regular Audits:** Since configurations can change through software updates, regular scans with tools like getbox.de are essential. Our detailed inspection helps you make network security transparent and close potential gateways for ransomware and data exfiltration.