none
Testing that network ports are not blocked on a LAN

    Question

  • A question about testing ports:

    Is there any reliable way to test if a numbered port is blocked by a Firewall or other Security Software?  I am aware (and have tried all of the following):

    • Microsoft Firewall API which allows you to check rules
    • Using a TcpListener as the server and a Network.Socket as the client
    • The Ping.Send method for attempting to ping a remote host.
    I've tried running a server in a separate process on the machine and just using the loopback (127.0.0.1) to bind to.  Connecting to this on the same machine with the client appears to bypass the firewall completely.  I'm really only concerned with the local-area network (making sure the ports are not blocked locally).  So my only possible test for this would be:

    Install the server on one machine
    Install the client on a separate machine on the same LAN
    Start the TcpListener (server)
    Attempt to communicate with the server over the LAN

    My real question is: is this the correct way of performing the port test, or is there another more reliable method (possibly one that wouldn't require using two different machines on the same LAN).  THANKS

    Also: 2 of the ports are SQL Server 1433 and 1434 and another port is a custom port > 6000
    Monday, January 25, 2010 5:55 PM

Answers

  • I've used PortQuery to troubleshoot some connections issues I've had.  I'ts a free command line utility you can use to test tcp/udp connections.  Run it from your client and attempt to hit the port on the server

    http://www.microsoft.com/downloads/details.aspx?FamilyID=89811747-c74b-4638-a2d5-ac828bdc6983&DisplayLang=en

    TestTCP(Ttcp) is another tool you can use as well.  Here is an article that goes over some of them:
    http://technet.microsoft.com/en-us/library/bb877965.aspx
    • Marked as answer by Harry Zhu Monday, February 01, 2010 2:44 AM
    Monday, January 25, 2010 6:17 PM
  • google for port scanners.  As far as testing on one machine try using the IP address of your machine rather than the loopback.
    BrianMackey.NET
    • Marked as answer by Harry Zhu Monday, February 01, 2010 2:44 AM
    Monday, January 25, 2010 6:32 PM
  • Check the following link: http://www.dijksterhuis.org/building-a-simple-portscanner-in-c/

    The Windows Firewall API is another great choice, since it allows you to add exceptions to
    the firewall programmatically with both VB/C#.

    This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.


    Coder24.com
    • Marked as answer by Harry Zhu Monday, February 01, 2010 2:44 AM
    Tuesday, January 26, 2010 6:30 AM

All replies

  • I've used PortQuery to troubleshoot some connections issues I've had.  I'ts a free command line utility you can use to test tcp/udp connections.  Run it from your client and attempt to hit the port on the server

    http://www.microsoft.com/downloads/details.aspx?FamilyID=89811747-c74b-4638-a2d5-ac828bdc6983&DisplayLang=en

    TestTCP(Ttcp) is another tool you can use as well.  Here is an article that goes over some of them:
    http://technet.microsoft.com/en-us/library/bb877965.aspx
    • Marked as answer by Harry Zhu Monday, February 01, 2010 2:44 AM
    Monday, January 25, 2010 6:17 PM
  • google for port scanners.  As far as testing on one machine try using the IP address of your machine rather than the loopback.
    BrianMackey.NET
    • Marked as answer by Harry Zhu Monday, February 01, 2010 2:44 AM
    Monday, January 25, 2010 6:32 PM
  • Check the following link: http://www.dijksterhuis.org/building-a-simple-portscanner-in-c/

    The Windows Firewall API is another great choice, since it allows you to add exceptions to
    the firewall programmatically with both VB/C#.

    This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.


    Coder24.com
    • Marked as answer by Harry Zhu Monday, February 01, 2010 2:44 AM
    Tuesday, January 26, 2010 6:30 AM