Port Query is a tool to display the status of TCP and UDP ports

Dec 12

Posted by

It is useful when troubleshoot TCP/IP connectivity and security, return LDAP base query info, SMTP, POP3, IMAP4 status, enumerate SQL Server instances (UDP port 1434), Local ports, local services running (and the DLL modules loaded by each).

Command line mode:
portqry -n name_to_query [-p protocol]
[-e | -r | -o endpoint(s)]
[other options]

Command line mode options:
-n [name_to_query]   IP address or name of system to query
-p [protocol]        TCP or UDP or BOTH (default is TCP)

-e [endpoint]        Single Port to query (valid range: 1-65535)
-r [end point range] Range of ports to query (start:end)
-o [end point order] Range of ports to query in an order (x,y,z)

-l [logfile]  Output a log file
-y            Overwrite existing log file without prompting
-sp Initial source port to use for query
-sl    ‘slow link delay’ Wait longer for UDP replies from remote systems
-nr     By-pass default IP address-to-name resolution
ignored unless an IP address is specified after -n
-cn     Specify SNMP community name for query
ignored unless querying an SNMP port
must be delimited with !
-q      ‘Quiet’ operation runs with no output
returns 0 if port is listening
returns 1 if port is not listening
returns 2 if port is listening or filtered

Local Mode:
Local Mode gives detailed data on local system’s ports

portqry -local [-wt seconds] [-l logfile] [-v]
portqry -wpid pid [-wt seconds] [-l logfile] [-v]
portqry -wport port [-wt seconds] [-l logfile] [-v]

Local mode options:
-local   Enumerate local port usage, port to process mapping,
service port usage, and list loaded modules

-wport [port_number]  Watch the specified port
report when the port’s connection status changes

-wpid [process_ID]    Watch the specified process ID (PID)
report when the PID’s connection status changes
-wt [seconds]   Watch time option
specify how often to check for status changes
valid range: 1 – 1200 seconds (default = 60 secs)

-l [logfile]  Log file to create

-v            Verbose output

Interactive Mode:
An alternative to command line mode

portqry -i [-options]

Examples
portqry -n MailServer -p tcp -e 25
portqry -n LDAPserver -p udp -e 389

More read from
http://support.microsoft.com/kb/310298

Port Reporter – This is a service that can capture port information and give nice statistics.

More read from
http://support.microsoft.com/?id=837243

Posted on December 12, 2013, in General, Uncategorized. Bookmark the permalink. Leave a comment.

Leave a comment