is there a software port scanner that says open or closed or stealth?

is there a port scanner that says open/closed/stealth?

I know stealth isn't any better than closed. However, the reason why I ask about one is because , for my LAN, suppose I have a comp on whome I want to know if it's running a firewall.

There's an easy to check that works for comps on my LAN - it works easily on my LAN 'cos it's not going through a router.

The windows firewall, and other software firewalls like sygate or norton, stealth ports. And they tend to do so to all ports except ones specified.

If I scan a comp and see a port e.g. 451 is CLOSED that indicates to me that no software firewall is running. If I scan it and it says STEALTH, then it indicates that it is.

This is useful.. Because for troubleshooting, sometimes, I wonder if a comp is running a firewall.

e.g. I've had a comp that couldn't access the internet.. As far as I knew it didn't have a firewall. It turned out that a broken software firewall was stopping it. One that hadn't uninstalled properly

Another example. I had a laptop, I couldn't ping it for some reason. I didn't think it likely that it was running a firewall. But I was aware that a firewall often blocks ping. I couldn't see one, and pre sp2 there's no firewall icon. Turned out that win xp , pre xp2, has a firewall - ICF. I wasn't aware of that. If I could have tested to see if it had a firewall it'd have been quicker. A way to test would've been to see if ports wre stealthed.

Up until now, I have tested this by opening some port on my router, then scanning that port with an online port scanner, like GRC. But my beloved current router, as nice as it is, working beautifully. It has a nasty non-geeky user interface, and I really can't stand doing any port forwarding on it. I'd much rather just test it from one comp on my LAN, to another. Then I don't have to touch the router.

The online port scanners say open or closed or stealth. I'm wondering if a software one does.

TIA

Reply to
jameshanley39
Loading thread data ...

Most port scanners (nmap being the most prominent example) correctly report ports as either open, closed or filtered. There's no such thing as "stealth".

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

Sadly most port scanners, including some based on Nmap, have bad frontends that are either broken (thus reporting stuff that has never been measures by the backend, or belongs to a different session) or spill the reports (including a mapping of words (open,closed)->"open, insecure, bad", closed

-> "stealth, secure, good" as well as bad filtering and transformation).

So better use Nmap directly or some known good frontend (like ).

Reply to
Sebastian G.

thanks, that does work nicely.

Reply to
jameshanley39

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.