Is it possible to ping an address:port?

217

49

I am not into networking, and I have the following question related to the Linux ping command.

Can I only ping an address? For example:

miner@raspberrypi ~ $ ping onofri.org
PING onofri.org (67.222.36.105) 56(84) bytes of data.
64 bytes from onofri.org (67.222.36.105): icmp_req=1 ttl=47 time=202 ms
64 bytes from onofri.org (67.222.36.105): icmp_req=2 ttl=47 time=206 ms
64 bytes from onofri.org (67.222.36.105): icmp_req=3 ttl=47 time=215 ms

Or can I also ping an address:port, for example: onofri.org:80?

If I try this one it doesn't work:

miner@raspberrypi ~ $ ping onofri.org:80
ping: unknown host onofri.org:80

Is it possible ping something like address:port? If it is possible, why doesn't what I tried work?

AndreaNobili

Posted 11 years ago

Reputation: 5 433

I think you have a misunderstanding about what a port is. When you're told that a web server is listening on port 80, that means TCP port 80. There's isn't some notion of an IP and port apart from the protocol involved. – David Schwartz – 11 years ago

I thought it's Onofrei :)) – Iulian Onofrei – 8 years ago

8What are you trying to accomplish? Verifying correct service operation requires you to actually query the service and evaluate the response. A web server, could, for example, accept your connection, but return an error because of misconfiguration. – Daniel B – 11 years ago

@AndreaNobili - This is a good question. Please address Daniel's questions but I can tell you did proper research before asking this question. – Ramhound – 11 years ago

5Thats part of what I like about Telnet. you can connect to a webserver, and type GET /index.html HTTP\1.1 and see the 200 response (or error code) along with the resultant markup. – Frank Thomas – 11 years ago

Are you talking about the tcptraceroute tool maybe? – PlasmaHH – 11 years ago

7@FrankThomas HTTP\1.1? Really? – glglgl – 11 years ago

@glglgl What's should he use for the protocol version? – Navin – 11 years ago

5@Navin Maybe HTTP/1.1... – glglgl – 11 years ago

3@glglgl; what? you never put a hack where a slash should go? but you are correct, it should be a slash. – Frank Thomas – 11 years ago

@FrankThomas If I would do so, many things wouldn't work correctly, so I avoid it. – glglgl – 11 years ago

@glglgl Ah, didn't see that. It's odd that it still works with a backslash. – Navin – 11 years ago

@Navin I just noticed that at least my Apache2 accepts everything there. Even if I write GET / WHATEVER, it gets me the page... – glglgl – 11 years ago

@glglgl Try it with the non-default host on a name-based virtual hosting setup. It likely won't work as well there. My guess would be that Apache is falling back to HTTP 1.0 behavior when it doesn't recognize the protocol specifier. – a CVn – 11 years ago

1@MichaelKjörling It seems that even with a wrong protocol specifier, Host: is correctly evaluated. And, tested with a WSGI test page, it seems that the wrong protocol specifier even makes its way to environ['SERVER_PROTOCOL']. – glglgl – 11 years ago

Answers

21

You can use Paping, a cross-platform TCP port testing, emulating the functionality of ping (port ping)

(see also Github as code.google.com has been depreciated)

paping -p 80 google.com

kxmp

Posted 11 years ago

Reputation: 350

8Some explanation of what this program does would be helpful. – David Schwartz – 10 years ago

18for anyone who finds this answer, like I did, only to find paping is not in any repositories and is ancient code that won't even compile on ARM - scroll down further to the 'hping' answer. It's a perfect drop-in for ping when you need to test a port and is easily accessible in various repositories (ie. Ubuntu, Arch) including ARM. – Mark – 9 years ago

How can I install paping? I have visited the repo but there are no releases. Ah, nevermind.. google code was not accessible for me at the time. – Shayan – 6 years ago

311

Ports are a concept of UDP and TCP. Ping messages are technically referred to as ICMP Echo Request and ICMP Echo Reply which are part of ICMP. ICMP, TCP, and UDP are "siblings"; they are not based on each other, but are three separate protocols that run on top of IP.

Therefore you can not ping a port. What you can do, is use a port scanner like nmap.

nmap -p 80 onofri.org

You can also use telnet onofri.org 80, as suggested in one of the other answers (It will give an error if the port is closed or filtered).

BenjiWiebe

Posted 11 years ago

Reputation: 7 672

4@OlivierDulac I don't know if you should block it. Most webservers I know leave it open. ICMP makes the internet go around. Why would you want people thinking they can't reach you if they can? – Cruncher – 11 years ago

This is the tool almost everyone wants when they ask this question. Frankly I almost never need ping at all, I only use it to check that I can reach a box/service. – Benjamin R – 8 years ago

another thing a lot of people don't realize is that TCP and UDP ports are unrelated. – xaxxon – 8 years ago

23+1 you understand it right. ICMP is built on top of IP, which has a concept of IP addresses but not ports. TCP and UDP are also on top of IP, and it is those protocols that add "ports". ICMP, TCP, and UDP are all at the same "level" in terms of the protocol they are carried by. – Jason C – 11 years ago

14+1. Many, many people think that if they can't ping something they can't connect to it... but as you say, ICMP is different than TCP and UDP : if you intend to serve, say, a webpage on TCP 80, than you only need to open TCP 80 on the firewall, nothing else (so Ping to the same IP could (... should!) be blocked, for example) – Olivier Dulac – 11 years ago

Adding to what @OlivierDulac said, a common gotcha is when using ping to test connections in, say, a basic network you are setting up, if the ping doesn't respond sometimes people don't think to check if ping responses are actually enabled / being blocked, and spend a lot of time going down the wrong path looking for other reasons. I especially see this happen when people set up a server of some sort at home and try to ping it from the outside world to test it; not realizing that their router (or perhaps their ISP) is specifically blocking ping. – Jason C – 11 years ago

1@JasonC I sure did! I got my first Mortarboard and my first Guru because of it! – BenjiWiebe – 11 years ago

6Just to keep information accurate, ICMP is not a transport layer protocol like TCP or UDP. Like a number of protocols, it doesn't entirely fit in the network conceptual models, but it is generally considered a network/internetwork layer protocol as is IP. It has also sometimes been referred to as a L3.5 protocol. – YLearn – 11 years ago

@YLearn Yes, but for the average user, telling them that TCP, UDP, and ICMP are all different yet all based on the same protocol suffices. – BenjiWiebe – 11 years ago

2@BenjiWiebe, agreed, but again, for accuracy the statement should be made which is why I added it. All that is said so far is that ICMP, TCP, and UDP are related. The highest voted comment even goes so far as to say they are all on the same "level." While this makes no difference to the average user, there are plenty of non-average users that visit this site. – YLearn – 11 years ago

1

nmap actually comes with nping

– Der Hochstapler – 11 years ago

lest this comments section get long and comments deleted, i've included this chat link http://chat.stackexchange.com/rooms/15170/discussion-between-benji-and-barlop

– barlop – 11 years ago

86

I use Telnet, since its built into lots of platforms with no additional downloads.

Just use the telnet command to connect to the port you want to test. If you get the message below, or a message from the service itself, then the port is alive.

Minty16 ~ $ telnet localhost 139
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

If you know the command sequence for the service you are connecting to, you can type a command (HTTP/FTP GET for instance) and observe the response and output in the terminal. This is very useful for testing the service itself, as it will show you error information sent to the client, like HTTP 500 errors.

If you get a message that the connection was refused, the port is closed. 

Minty16 ~ $ telnet localhost 5000
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused

Frank Thomas

Posted 11 years ago

Reputation: 29 039

@Brandon like when sshing into dev machines ^.^ – Cruncher – 11 years ago

Developer tools in browsers is a lot easier, because they'll still send all the proper HTTP request headers but you can inspect the full HTTP response. Then again if you want to tailor the request too then telnet is the way to go. – Lightness Races with Monica – 11 years ago

I think all the answers here miss the most crucial piece of information. Technically, wouldn't it be possible to "ping" a port as follows? You can establish a TCP/UDP connection, and you count how many milliseconds it took to establish that connection. – David – 11 years ago

if you are interested in ping-time perhaps, but that’s not the test of throughput it is with a standard IP ping. most people (gamers aside) use ping for testing reachability, not time. Not to mention, it would be considered very bad form (at best) to do that to someone else’s server repeatedly. That’s how must denial of service attacks work. – Frank Thomas – 11 years ago

@FrankThomas I can not telnet unusual ports.. for example 80 works but not 61000. I get connection refused sometimes even on port 80, when accessing local IP like telnet 192.168.1.10 80. – Shayan – 6 years ago

8Also if the screen goes completely black it's a sign you're connected too. – Tensigh – 11 years ago

Excellent suggestion. I used to use this to test if a web server was up when a web browser was not an easy option. – Brandon – 11 years ago

49

You can use netcat to connect to a specific port to see if you get a connection. The -v flag will increase the verbosity to show whether the port is open or closed. The -z flag will cause netcat to quit once it has a connection. You can then use the exit codes through $? to see whether or not the connection was established or not.

$ nc -zv localhost 22
localhost [127.0.0.1] 22 (ssh) open
$ echo $?
0
$ nc -zv localhost 23
localhost [127.0.0.1] 23 (telnet) : Connection refused
$ echo $?
1

Additionally, you can use mtr with the -T flag for tcp and the -P flag to specify a port. This will do something similar to a traceroute over TCP instead of just ICMP. This may be overkill, however.

sigh I have to edit to add this bit, since we cannot put code in comments. Knoppix may being doing something different with its version of netcat, but this is what I get off of Linux Mint

$ date;nc -z -w 1 www.google.com 8000;date
Fri Jun 20 15:55:26 PDT 2014
Fri Jun 20 15:55:27 PDT 2014
$ date;nc -z -w 4 www.google.com 8000;date
Fri Jun 20 15:55:33 PDT 2014
Fri Jun 20 15:55:37 PDT 2014

$ nc -h
[v1.10-40]

Falsenames

Posted 11 years ago

Reputation: 599

problem is if you try nc -z www.google.com 8000 it can take a long time- 5 seconds plus. If I do -w 1 then it takes 5 seconds. If I do -w 3 then it takes like 3 times longer.. 15 flashes of the cursor, 15 seconds. -w 1 is meant to be one second but tested on cygwin.,. 5 seconds. It's super fast when there is a server on the port but a bit slow when there isn't. – barlop – 11 years ago

curse no newlines in comments... That seems to be a bug with cygwin. Testing with linux Mint shows a delay of however many seconds specified. ran this to test: date;nc-zw5 www.google.com 8000;date – Falsenames – 11 years ago

I also upvoted @BenjiWiebe with the nmap requests. nc is easier to put into a script, but it's MUCH easier to use nmap visually. – Falsenames – 11 years ago

Trying it in knoppix. nc -zv -w 1 www.google.com How do you cause it to just try once? When I try it yes the -w 1 works but every second it retries until I do Ctrl-C. – barlop – 11 years ago

Not sure what the Knoppix version of 'nc -zv -w 1 www.google.com 80' is doing. That works fine on my system, querying once and dropping just like -z is supposed to do. Also, without the port number specified, mine fails out saying that there is no port specified. – Falsenames – 11 years ago

Not 80. Yes 80 works and says successful. I wrote 8000. i.e. a port where there's nothing on it. Try 81, same thing. It keeps trying until a ctrl-c. – barlop – 11 years ago

This worked for me even when nmap wouldn't. – KingOfHypocrites – 10 years ago

Is mtr -T -P 80 localhost correct? @Falsenames – Shayan – 6 years ago

How can I tell what ports are closed or open with mtr? – Shayan – 6 years ago

48

Yes, use HPing to do that:

$ sudo hping -S -p 80 google.com
HPING google.com (p5p1 77.237.27.37): S set, 40 headers + 0 data bytes
len=46 ip=77.237.27.37 ttl=58 id=25706 sport=80 flags=SA seq=0 win=29200 rtt=7.5 ms
len=46 ip=77.237.27.37 ttl=58 id=25707 sport=80 flags=SA seq=1 win=29200 rtt=7.4 ms
len=46 ip=77.237.27.37 ttl=58 id=25708 sport=80 flags=SA seq=2 win=29200 rtt=8.5 ms
len=46 ip=77.237.27.37 ttl=58 id=25709 sport=80 flags=SA seq=3 win=29200 rtt=7.8 ms
^C
--- google.com hping statistic ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 7.4/7.8/8.5 ms

Note that it needs root privileges (or SELinux capabilities) to create raw IP packets, just like ping (which is most likely suid on your system).

d33tah

Posted 11 years ago

Reputation: 1 014

3I wish this were the "accepted answer". hping was easily findable in multiple repos, unlike paping which is ancient crufty code that doesn't compile on ARM. Also unlike NMAP, haping returns a status code that is easily testible from a shell script, so it's a perfect substitute for where you would otherwise use ping. Thanks for this answer, a shame I didn't scroll down far enough to see it and had to find it on another web site instead. – Mark – 9 years ago

I can not install hping in ubuntu.. Package not found.. But I have found hping3.Is it the same as hping3? @d33tah – Shayan – 6 years ago

Ok I tried hping3 and it pings all ports.. Doesn't matter closed or open.. How can I tell if a port is closed or open? – Shayan – 6 years ago

19

You could also use nping (part of nmap):

$ nping -p 80 localhost

Starting Nping 0.6.00 ( http://nmap.org/nping ) at 2014-06-23 11:57 CEST
SENT (0.0015s) Starting TCP Handshake > localhost:80 (127.0.0.1:80)
RECV (0.0016s) Handshake with localhost:80 (127.0.0.1:80) completed
SENT (1.0027s) Starting TCP Handshake > localhost:80 (127.0.0.1:80)
RECV (1.0027s) Handshake with localhost:80 (127.0.0.1:80) completed
SENT (2.0038s) Starting TCP Handshake > localhost:80 (127.0.0.1:80)
RECV (2.0039s) Handshake with localhost:80 (127.0.0.1:80) completed
SENT (3.0050s) Starting TCP Handshake > localhost:80 (127.0.0.1:80)
RECV (3.0050s) Handshake with localhost:80 (127.0.0.1:80) completed
SENT (4.0061s) Starting TCP Handshake > localhost:80 (127.0.0.1:80)
RECV (4.0062s) Handshake with localhost:80 (127.0.0.1:80) completed

Max rtt: 0.032ms | Min rtt: 0.008ms | Avg rtt: 0.012ms
TCP connection attempts: 5 | Successful connections: 5 | Failed: 0 (0.00%)
Tx time: 4.00575s | Tx bytes/s: 99.86 | Tx pkts/s: 1.25
Rx time: 4.00575s | Rx bytes/s: 49.93 | Rx pkts/s: 1.25
Nping done: 1 IP address pinged in 4.01 seconds

nyuszika7h

Posted 11 years ago

Reputation: 2 024

6nping --tcp -p 80 localhost – K-Gun – 10 years ago

I test ANY port, (ports that are not open) and I still receive two handshakes all the time... – Shayan – 6 years ago

8

You can do this in the shell with Python as a not so short one liner:

$ portping() { python <<<"import socket; socket.setdefaulttimeout(1); socket.socket().connect(('$1', $2))" 2> /dev/null && echo OPEN || echo CLOSED; }
$ portping 8.8.8.8 54
CLOSED
$ portping 8.8.8.8 53
OPEN

AXE Labs

Posted 11 years ago

Reputation: 509

7

Just for reference, wanted to share a post by Vivek Gite: https://www.cyberciti.biz/faq/ping-test-a-specific-port-of-machine-ip-address-using-linux-unix/#comment-920398

He lists various ways, some of which are already posted here. But the most surprising for me was nothing more but bash:

(echo >/dev/tcp/{host}/{port}) &>/dev/null && echo "opened" || echo "closed"
(echo >/dev/udp/{host}/{port}) &>/dev/null && echo "opened" || echo "closed"
(echo >/dev/tcp/www.cyberciti.biz/22) &>/dev/null && echo "Opened 22" || echo "Closed 22"
(echo >/dev/tcp/www.cyberciti.biz/443) &>/dev/null && echo "Opened 443" || echo "Closed 443"

Or a super simple version: just looking at the output of the following command pattern:

echo >/dev/{tcp|udp}/{host}/{port}

Useful when working with random docker containers.

Jacek

Posted 11 years ago

Reputation: 171

looking at the output - only inspect return code $? can be helpful. Also it hangs on closed ports, may be some timeout can be configured anywhere... – vp_arth – 6 years ago

This solution looks neat, but echo >/dev/tcp/{hostname}/{portnumber} does not finish when the port is closed. And echo >/dev/tcp/{hostname}/{portnumber} shows nothing even though the port is open and I can see it on a browser. – miguelmorin – 6 years ago

Hi mmorin, what OS do you use? On Ubuntu it behaves as expected: if port is closed, I get Connection refused. Otherwise, it exits showing nothing and echo $? showing exit code 1 – Jacek – 6 years ago

3

It is simple with nmap

examples:

#sintaxis
nmap -p [port] hostName
#first is command, after scan ports, type port - port or range ports, and ip or name of website...

## Scan port 80
nmap -p 80 onofri.org

## Scan TCP port 80
nmap -p T:80 onofri.org

## Scan UDP port 53
nmap -p U:53 onofri.org

## Scan two ports ##
nmap -p 80,443 onofri.org

## Scan port ranges ##
nmap -p 80-200 onofri.org

## Combine all options ##
nmap -p U:53,111,137,T:21-25,80,139,8080 onofri.org
nmap -p U:53,111,137,T:21-25,80,139,8080 server1.cyberciti.biz
nmap -v -sU -sT -p U:53,111,137,T:21-25,80,139,8080 onofri.org

## Scan all ports with * wildcard ##
nmap -p "*" 192.168.1.1

## Scan top ports i.e. scan $number most common ports ##
nmap --top-ports 5 onofri.org
nmap --top-ports 10 onofri.org

For more information see this:

type in command line this: man nmap

http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/ http://www.tecmint.com/nmap-command-examples/

DarckBlezzer

Posted 11 years ago

Reputation: 133

3

I add watch tool here:

watch nmap -p22,80 google.com 

Every 2,0s: nmap -p22,80 google.com   Mon Jun 15 16:46:33 2015

Starting Nmap 6.40 ( http://nmap.org ) at 2015-06-15 16:46 NOVT
Nmap scan report for google.com (127.0.0.1)
Host is up (0.0012s latency).
rDNS record for 127.0.0.1: google.com
PORT     STATE  SERVICE
22/tcp open   ssh
80/tcp closed http

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds

vp_arth

Posted 11 years ago

Reputation: 130

1

Are you trying to test communication or get a response from port 80 on that node? PING will try to establish communication to a specific host through ICMP which has nothing to do with ports.

Instead try http://nmap.org/ to check port info and test communication:

nmap -v -p 80 onofri.org

Quijote Shin

Posted 11 years ago

Reputation: 195

1Not sure which version of nmap you're using. On my system, it requires -v and -p to be separated like 'nmap -v -p 80 onofri.org'. This is because -v and -vv mean different things, -v taking more v's as an argument. – Falsenames – 11 years ago

Asked: 11 years ago

Viewed: 418 979 times

Active: 6 years ago