Ports & Connectivity

Port Scanner: Scan for Open Ports on Any Host

A port scan surveys a range of ports on a host to find which ones are open and accepting connections. Our tool scans the most commonly used service ports and reports their status, helping you audit your server's exposure or diagnose connectivity issues with specific services.

Launch in Mission Control

What It Measures

This tool scans a predefined set of commonly used TCP ports on the target host, reporting each as open, closed, or filtered. It identifies which network services are exposed, including web servers, database servers, mail servers, and remote access services.

How It Works

  1. Sends TCP connection attempts to commonly used service ports
  2. Tests ports for HTTP (80), HTTPS (443), SSH (22), FTP (21), SMTP (25), DNS (53), and others
  3. Reports status of each port: open, closed, or filtered
  4. Identifies likely services based on open port numbers

Why It Matters

Unnecessary open ports are a security risk. Every open port is a potential attack surface. Regular port scans help administrators verify that only intended services are exposed, detect accidentally opened ports, and ensure firewall rules are working as expected.

Understanding Your Results

A properly secured server should have only the minimum necessary ports open. A web server typically needs ports 80 and 443 open. Management ports like SSH (22) should be filtered to specific IP ranges. Database ports (3306, 5432) should never be open to the public internet.

Ready to test?

Run Port Scanner Now →

Frequently Asked Questions

Is port scanning legal?

Port scanning your own systems is legal and recommended for security audits. Scanning systems you do not own without permission is illegal in most jurisdictions under computer fraud laws. This tool is intended for scanning your own servers, services you are authorized to test, or diagnostic checks on your own public IP address.

What does it mean if port 22 (SSH) is open?

An open SSH port means the host accepts remote command-line login attempts. While necessary for server management, a publicly accessible SSH port is a constant target for brute-force attacks. Best practices include disabling password authentication (use SSH keys only), changing to a non-standard port, or restricting access by IP with firewall rules.

What common ports should be closed on a web server?

Most web servers only need ports 80 and 443 open publicly. Ports that should be closed or IP-restricted include 21 (FTP), 22 (SSH), 23 (Telnet), 25 (SMTP if not a mail server), 3306 (MySQL), 5432 (PostgreSQL), and 6379 (Redis). Any database port exposed to the internet is a severe security risk.

How is a port scanner different from a port checker?

A port checker tests one specific port on a host. A port scanner tests a range or list of ports simultaneously, giving you an overview of all open services on a host at once. Port scanners are used for security audits while port checkers are used for quick connectivity verification of a specific service.

Related Tools

Port Checker

Ports & Connectivity

Firewall Test

Ports & Connectivity

IP Lookup

IP Tools

Website Ping

Website Testing

59+ Network Tools in One Dashboard

Mission Control gives you a complete terminal-style network diagnostics suite. Free, instant, no installation required.

Open Mission Control →