Spyrus
January 6th, 2006, 05:25 PM
I haven't seen this mentioned on here before but I was reading an article in one of my many monthly periodicals and a guy was looking for a way to query UDP ports were running on a server.
Well there is a cool utility called portqry that you can download from Microsoft, throw it into your c:\windows folder and run it
you can download it here (http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en)
Here is the info on it
Displays the state of TCP and UDP ports
Command line mode: portqry -n name_to_query [-options]
Interactive mode: portqry -i [-n name_to_query] [-options]
Local Mode: portqry -local | -wpid pid| -wport port [-options]
Command line mode:
portqry -n name_to_query [-p protocol] [-e || -r || -o endpoint(s)] [-q]
[-l logfile] [-sp source_port] [-sl] [-cn SNMP community name]
Command line mode options explained:
-n [name_to_query] IP address or name of system to query
-p [protocol] TCP or UDP or BOTH (default is TCP)
-e [endpoint] single port to query (valid range: 1-65535)
-r [end point range] range of ports to query (start:end)
-o [end point order] range of ports to query in an order (x,y,z)
-l [logfile] name of text log file to create
-y overwrites existing text log file without prompting
-sp [source port] initial source port to use for query
-sl 'slow link delay' waits longer for UDP replies from remote systems
-nr by-passes default IP address-to-name resolution
ignored unless an IP address is specified after -n
-cn specifies SNMP community name for query
ignored unless querying an SNMP port
must be delimited with !
-q 'quiet' operation runs with no output
returns 0 if port is listening
returns 1 if port is not listening
returns 2 if port is listening or filtered
Notes: PortQry runs on Windows 2000 and later systems
Defaults: TCP, port 80, no log file, slow link delay off
Hit Ctrl-c to terminate prematurely
It has built in information on common ports as well which is kind of cool. It appears to be similar to a less intesive version of nmap.
example:
TCP port 17 (qotd service): NOT LISTENING
TCP port 18 (unknown service): NOT LISTENING
TCP port 19 (chargen service): NOT LISTENING
TCP port 20 (ftp-data service): NOT LISTENING
TCP port 21 (ftp service): LISTENING
Data returned from port:
TCP port 22 (unknown service): LISTENING
TCP port 23 (telnet service): NOT LISTENING
TCP port 24 (unknown service): NOT LISTENING
TCP port 25 (smtp service): NOT LISTENING
I ran that as just TCP but you can do UDP as well
Hope someone can enjoy this
Well there is a cool utility called portqry that you can download from Microsoft, throw it into your c:\windows folder and run it
you can download it here (http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en)
Here is the info on it
Displays the state of TCP and UDP ports
Command line mode: portqry -n name_to_query [-options]
Interactive mode: portqry -i [-n name_to_query] [-options]
Local Mode: portqry -local | -wpid pid| -wport port [-options]
Command line mode:
portqry -n name_to_query [-p protocol] [-e || -r || -o endpoint(s)] [-q]
[-l logfile] [-sp source_port] [-sl] [-cn SNMP community name]
Command line mode options explained:
-n [name_to_query] IP address or name of system to query
-p [protocol] TCP or UDP or BOTH (default is TCP)
-e [endpoint] single port to query (valid range: 1-65535)
-r [end point range] range of ports to query (start:end)
-o [end point order] range of ports to query in an order (x,y,z)
-l [logfile] name of text log file to create
-y overwrites existing text log file without prompting
-sp [source port] initial source port to use for query
-sl 'slow link delay' waits longer for UDP replies from remote systems
-nr by-passes default IP address-to-name resolution
ignored unless an IP address is specified after -n
-cn specifies SNMP community name for query
ignored unless querying an SNMP port
must be delimited with !
-q 'quiet' operation runs with no output
returns 0 if port is listening
returns 1 if port is not listening
returns 2 if port is listening or filtered
Notes: PortQry runs on Windows 2000 and later systems
Defaults: TCP, port 80, no log file, slow link delay off
Hit Ctrl-c to terminate prematurely
It has built in information on common ports as well which is kind of cool. It appears to be similar to a less intesive version of nmap.
example:
TCP port 17 (qotd service): NOT LISTENING
TCP port 18 (unknown service): NOT LISTENING
TCP port 19 (chargen service): NOT LISTENING
TCP port 20 (ftp-data service): NOT LISTENING
TCP port 21 (ftp service): LISTENING
Data returned from port:
TCP port 22 (unknown service): LISTENING
TCP port 23 (telnet service): NOT LISTENING
TCP port 24 (unknown service): NOT LISTENING
TCP port 25 (smtp service): NOT LISTENING
I ran that as just TCP but you can do UDP as well
Hope someone can enjoy this