2
Can netstat be used to check if my path to a particular port on a remote computer is blocked by a firewall or simply there is nothing listening on it?
If not, is there a suitable utility for this?
Old Geezer
Posted 2017-03-15T03:34:03.323
Reputation: 613
-1
you could use netstat -an to check to see which ports are listening. Results may be:
note: if telnet is not recognized, you'll need to install it via the programs and features in your control panel
You can also use `netstat -na | find "port#" to narrow down your results
You can also check your firewall logs to see: so first Enable Dropped Packets Logging
You could also use Nmap if you want too which can tell you a lot about your network. Great little tool too.
Fluffy Destroyer
Posted 2017-03-15T03:34:03.323
Reputation: 137
1but a firewall could refuse it causing nmap to report closed.. so it won't necessarily be that a firewall would cause a so-called timeout, when it prevents access. Note with the(eg, for port 23) netstat -aon | find ":23" i'd recommend that colon, otherwise your | find will pick up more than you want e.g. IPs with that number there. The : guarantees that it will just be filtered for port 23 – barlop – 2017-03-15T03:53:27.570
1-1 your answer is pretty problematic.. your first line mentions netstat but that would only tell him things if he ran it from and on the remote computer, you haven't mentioned that and the remote computer would have to run an OS with that command. You then write a note about installing telnet, which is completely out of the blue you don't state why. You tell him about checking his firewall logs but who says he has such access to the remote computer (one often doesn't), and that the remote computer is running a windows 7 firewall. – barlop – 2017-03-15T03:59:04.383
1your last line is most relevant in that it mentions nmap, but that has already been mentioned in comment and you state absolutely nothing about how he would use it. And you talk about netstat showing you if there is a timeout like a firewall blocking, I think you have that completely mixed up. Netstat will only show you for your local machine and a firewall won't stop netstat. Your 3 bullet points might've had some more relevance if you put them in context of nmap. They're not related to netstat yet you wrongly spoke of them in that context. – barlop – 2017-03-15T03:59:27.040
No, netstat is not going to tell you whether a firewall is blocking the port. You're going to want to use a tool called nmap
– n8te – 2017-03-15T03:39:30.273netstat would only tell you about the computer you are on. – barlop – 2017-03-15T03:43:17.970
to know for sure if there's a firewall you might need to rely on nmap's predictive capabilities.. and i'm a bit skeptical of them, unless you really knew the ins and outs of nmap's fingerprinting capabilities.. or knew some fingerprinting stuff yourself.. but that's quite advanced.. – barlop – 2017-03-15T03:47:51.447
A basic thing is nmap not can show you whether a port is closed, or whether a port of what "steve gibson" would call "stealth" which is no response..No response could be a firewall eating it(so-called 'stealth') or it could be any network device blocking it by not responding, could be a router set to do that. It's not really meant to do that in tcp/ip. And experts might say that it's actually not more secure if a firewall does that.. and that a device doing that is broken, And that if anything it gives away that there's a device there(eating it),so it's very much not stealthy. – barlop – 2017-03-15T03:48:40.640
Anyhow, from my own experience and use of nmap I have found that when a firewall is set to not respond and nmap can't access the port because of that, then nmap says "filtered", and if it does get a response but no service on the port, then nmap says "closed." But a firewall could just not operate with that "stealth" feature and so nmap could still say closed if it's a firewall. – barlop – 2017-03-15T03:52:33.970
netstat- No. If I would be you, I will turn on logging on firewall that will tell you everything about blocking, so no third party utility needed. – Alex – 2017-03-15T04:52:02.560