Port Scanner

This application will check your network endpoint (3.138.69.39) for open ports. Note: This will only test TCP ports and will not check if an open port matches the expected service. You can click on individual entries to test them again.
If you have some of these services exposed on purpose, make sure you secure them properly.

Port Protocol Type Secure Result
7EchoDiagnosticsNoUntested
9DiscardDiagnosticsNoUntested
13DaytimeDiagnosticsNoUntested
17QOTDDiagnosticsNoUntested
19ChargenDiagnosticsNoUntested
21FTPFile transferNoUntested
22SSHRemote accessYesUntested
23TelnetRemote accessNoUntested
25SMTPE-MailNoUntested
37TimeTime serverNoUntested
43WHOISName resolutionNoUntested
53DNSName resolutionNoUntested
80HTTPFile transferNoUntested
88KerberosAuthenticationNoUntested
110POP3E-MailNoUntested
119NNTPUsenetNoUntested
137NETBIOS name serverName resolutionNoUntested
139NETBIOS sessionFile transferYesUntested
143IMAPE-MailNoUntested
179BGPRoutingNoUntested
194IRCChat (Legacy port)NoUntested
389LDAPAuthenticationNoUntested
443HTTPSFile transferYesUntested
464KerberosAuthenticationNoUntested
513RLoginAuthenticationNoUntested
543KerberosAuthenticationNoUntested
544KerberosAuthenticationNoUntested
587SMTPE-Mail (Alternative port)NoUntested
636LDAPAuthenticationYesUntested
666DOOMGameNoUntested
990FTPFile transferYesUntested
992TelnetRemote accessYesUntested
993IMAPE-MailYesUntested
994IRCChat (Legacy port)YesUntested
995POP3E-MailYesUntested
1080SOCKSProxy serviceNoUntested
1433MS-SQLData storageNoUntested
1512WINSName resolutionNoUntested
1723PPTPVPN protocolYesUntested
1900SSDPService DiscoveryNoUntested
3000HTTPFile transfer (backend)NoUntested
3001HTTPSFile transfer (backend)YesUntested
3306MySQLData storageNoUntested
3389RDPRemote accessYesUntested
5000HTTPFile transfer (backend)NoUntested
5001HTTPSFile transfer (backend)YesUntested
6660IRCChatNoUntested
6661IRCChatNoUntested
6662IRCChatNoUntested
6663IRCChatNoUntested
6664IRCChatNoUntested
6665IRCChatNoUntested
6666IRCChatNoUntested
6667IRCChatNoUntested
6668IRCChatNoUntested
6669IRCChatNoUntested
6670IRCChatNoUntested
8080HTTPFile transfer or proxy serviceNoUntested
8443HTTPSFile transfer or proxy serviceYesUntested
9001TorProxy serviceNoUntested
9030TorProxy serviceNoUntested
9050TorProxy serviceNoUntested

About exposed services

Just because a service is reachable, doesn't means you are not secure. It's common for routers to listen for DNS and BGP fpr example. If properly configured by the vendor, these services will not pose a risk.

People will try to break into your system eventually so make sure you only expose services you want to. For example, do not run an SSH or RDP server if you don't want to remotely access your machine. The best way to secure services that are not meant for the general public is to not expose them at all. If this is not an option, setting up a VPN is usually your best bet. SoftEther is a very well made and easy to use solution. This way even insecure protocols will stay secure and you don't need to open unnecessary ports in your firewall or choose ridiculous passwords for the services that you're going to write down into a text file anyways. You're also not automatically in danger if a vulnerability of a service is discovered because nobody can reach your service without breaking into the VPN first.
If a VPN isn't an option either, get a static IP for your internet connection and configure the private services on your server to only accept connections from that IP.

Services you should never expose

In general, you don't want to expose these things unless you are absolutely sure you need to host these services publicly:

Insecure services

Just because a service is not marked as secure doesn't means it can't be secured. It just means that by default, it's not secure and you might need additional steps to secure them. For example HTTP on port 80 can't be secured, but SMTP on port 25 can.

Copyright © 2020 by Kevin Gut 📧 | More services | Generated for 3.138.69.39