I am trying to ascertain open/closed port information on my office network. I
am one of those to whom the network admin duties fall just because I know how
to ping. My boss read an article about how hacking that has him concerned. We
are connected through the internet via DSL. Our ISP is external and provides
email service to our organization.

I there a utility or website (trusted preferred) that I can get(or go to)to
accomplish this?

Many thanks-
marvmck

On Wed, 27 Oct 2004 06:29:05 -0700, "M" > wrote:

>I am trying to ascertain open/closed port information on my office network. I
>am one of those to whom the network admin duties fall just because I know how
>to ping. My boss read an article about how hacking that has him concerned. We
>are connected through the internet via DSL. Our ISP is external and provides
>email service to our organization.
>
>I there a utility or website (trusted preferred) that I can get(or go to)to
>accomplish this?
>
>Many thanks-
>marvmck

Marvmck,

I'm not sure what you really need, but here's a start.

For immediate diagnosis, "netstat -a" will show ports on each computer. If you
find anything interesting, either Port Explorer (free) from
<http://www.diamondcs.com.au/portexplorer/index.php?page=home>, or TCPView
(free) from http://www.sysinternals.com/ntw2k/source/tcpview.shtml, will help
you identify what process is opening a port, and more.

TCPView installs much easier, but Port Explorer will give you more information
(including a packet log, and also including simple packet sniffing if you pay
extra). Both DiamondCS and SysInternals are respected small software companies,
and provide many useful tools to the internet community.

If you identify any interesting processes using either Port Explorer or TCPView,
you can find out about them using Process Explorer (free) from
<http://www.sysinternals.com/ntw2k/freeware/procexp.shtml>. Provides way more
information than Task Manager. There is no equal to Process Explorer.

If you want to find out what ports are open on the various computers, and don't
want to go to each computer, PSExec (free) from
<http://www.sysinternals.com/ntw2k/freeware/psexec.shtml> will let you run
netstat (and other commands) from your computer against any other computer on
your network.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

In addition to Chuck's suggestions you might also look at this Port Reporter tool from Microsoft...

http://support.microsoft.com/default.aspx?scid=kb;[LN];837243

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"Chuck" > wrote in message ...
> On Wed, 27 Oct 2004 06:29:05 -0700, "M" > wrote:
>
>>I am trying to ascertain open/closed port information on my office network. I
>>am one of those to whom the network admin duties fall just because I know how
>>to ping. My boss read an article about how hacking that has him concerned. We
>>are connected through the internet via DSL. Our ISP is external and provides
>>email service to our organization.
>>
>>I there a utility or website (trusted preferred) that I can get(or go to)to
>>accomplish this?
>>
>>Many thanks-
>>marvmck
>
> Marvmck,
>
> I'm not sure what you really need, but here's a start.
>
> For immediate diagnosis, "netstat -a" will show ports on each computer. If you
> find anything interesting, either Port Explorer (free) from
> <http://www.diamondcs.com.au/portexplorer/index.php?page=home>, or TCPView
> (free) from http://www.sysinternals.com/ntw2k/source/tcpview.shtml, will help
> you identify what process is opening a port, and more.
>
> TCPView installs much easier, but Port Explorer will give you more information
> (including a packet log, and also including simple packet sniffing if you pay
> extra). Both DiamondCS and SysInternals are respected small software companies,
> and provide many useful tools to the internet community.
>
> If you identify any interesting processes using either Port Explorer or TCPView,
> you can find out about them using Process Explorer (free) from
> <http://www.sysinternals.com/ntw2k/freeware/procexp.shtml>. Provides way more
> information than Task Manager. There is no equal to Process Explorer.
>
> If you want to find out what ports are open on the various computers, and don't
> want to go to each computer, PSExec (free) from
> <http://www.sysinternals.com/ntw2k/freeware/psexec.shtml> will let you run
> netstat (and other commands) from your computer against any other computer on
> your network.
>
> Cheers,
> Chuck
> Paranoia comes from experience - and is not necessarily a bad thing.

On Wed, 27 Oct 2004 06:29:05 -0700, "M"
> wrote:

>I am trying to ascertain open/closed port information on my office network. I
>am one of those to whom the network admin duties fall just because I know how
>to ping. My boss read an article about how hacking that has him concerned. We
>are connected through the internet via DSL. Our ISP is external and provides
>email service to our organization.
>
>I there a utility or website (trusted preferred) that I can get(or go to)to
>accomplish this?

http://www.speedguide.net/portscan.php is one example of
several. Check www.dslreports.com for more.

You should be connecting to the DSL modem through a DSL router
that contains a firewall, and the firewall should be set up
properly.

Hans-Georg

--
No mail, please.

On Wed, 27 Oct 2004 11:24:21 -0500, "Sooner Al" >
wrote:

>In addition to Chuck's suggestions you might also look at this Port Reporter tool from Microsoft...
>
>http://support.microsoft.com/default.aspx?scid=kb;[LN];837243

Thanks, Al. An interesting idea.

The link
http://support.microsoft.com/default.aspx?scid=kb;[LN];837243 yields the
Microsoft 404 page.

Try
http://support.microsoft.com/?id=837243 (This format works for ALL MS KB links,
and breaks much less in Usenet posts).

Which leads you to a download instructions document.
Which leads you to Product Verification (gotta make sure only legit copies of
Windows get free stuff).
Which downloads the file. (Half a dozen web pages later, after reading the fine
print and declining Product Verification, that's been done already).
Now we have PortRptr.exe.

PortRptr.exe is a self-extracting file.
Which runs WinZip, which unzips the file (into 4 more files) into:
"C:\Documents and Settings\(personal profile)\Temp". And while unzipping, adds
auto-start registry entries.

Looking in the Temp directory, I find two files (can't find the other two).
pr-setup.exe
PortReporter.exe

Double click on pr-setup.exe, and it opens a command window and offers to
install Port Reporter to "C:\Program Files\Port Reporter".

I say NO because I don't use "C:\Program Files", I have my program library on D:
- My Computer, My Rules. The command window closes. No install.

Typical Microsoft. LOL.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.