| Port | Service | Status | Response |
|---|
Free Online Port Scanner — Check Open TCP & UDP Ports on Any Authorized Target
ProxyDime's Port Scanner checks the status of TCP and UDP ports on an IP address or hostname you own or have explicit permission to test, identifying which ports are open, closed, or filtered. Select individual ports, common port groups, or scan all ports. Results show each port's status along with the service typically associated with that port — helping you audit your server's attack surface, verify firewall configurations, and identify unauthorized open services.
Important: Use this tool only on IP addresses and systems you own or have written authorization to test. Unauthorized port scanning may violate computer crime laws including the Computer Fraud and Abuse Act (CFAA) in the United States and equivalent statutes in other jurisdictions, as well as hosting provider terms of service.
What Is a Port Scanner?
A port scanner is a network security tool that sends probe packets to a range of ports on a target host and analyzes the responses to determine which ports are accepting connections. Each port number (0–65,535) corresponds to a potential network service. When a port is open, an application is actively listening on it. When a port is closed, the host is reachable but no application is listening. When a port is filtered, a firewall or packet filter is preventing the probe from reaching the port.
Port scanning is a foundational technique in network security auditing, penetration testing, and infrastructure hardening. System administrators run port scans to verify that only intended services are exposed to the internet and that firewall rules are correctly enforced.
What Is the Difference Between TCP and UDP Port Scanning?
TCP (Transmission Control Protocol) scanning uses the TCP three-way handshake (SYN/SYN-ACK/ACK) to determine port status. TCP SYN scans — the most common technique — send a SYN packet and wait for a SYN-ACK response (open) or RST (closed). TCP is connection-oriented, making results highly reliable.
UDP (User Datagram Protocol) scanning is more complex because UDP is connectionless — there is no handshake. Scanners send a UDP probe and infer port status from ICMP Port Unreachable responses (closed) or silence (potentially open). UDP scanning is slower and less reliable but necessary for auditing services like DNS (port 53), DHCP (port 67/68), and SNMP (port 161).
What Are the Most Important Ports to Scan?
| Port | Protocol | Service | Risk if Exposed |
| 21 | TCP | FTP | Credential brute force, data exfiltration |
| 22 | TCP | SSH | Brute force, unauthorized remote access |
| 23 | TCP | Telnet | Unencrypted credentials, legacy exploitation |
| 25 | TCP | SMTP | Spam relay, email spoofing |
| 53 | TCP/UDP | DNS | Cache poisoning, amplification DDoS |
| 80 | TCP | HTTP | Web application attacks |
| 443 | TCP | HTTPS | Web application attacks over SSL |
| 3306 | TCP | MySQL | Database credential theft |
| 3389 | TCP | RDP | Ransomware deployment, brute force |
| 5432 | TCP | PostgreSQL | Database unauthorized access |
| 8080 | TCP | HTTP Alt | Proxy services, unprotected admin panels |
How Does the ProxyDime Port Scanner Work?
The scanner dispatches TCP connect or SYN probe packets (and UDP probes where selected) from ProxyDime's scanning infrastructure to the target IP and specified port range. For each port, the response (or absence thereof) is classified:
- Open — A service responded and accepted the connection
- Closed — The host responded with a TCP RST or ICMP unreachable, confirming the port is inactive
- Filtered — No response received after timeout; a firewall is likely silently dropping probes
- Error — The target host was unreachable or the request timed out
Why Do Websites and Services Scan for Open Ports?
Major platforms including Facebook, eBay, and Amazon have been documented scanning visitor devices for locally open ports to detect remote desktop software, VPNs, and automation tools as part of their bot and fraud detection systems. This means your locally open ports can affect how platforms classify your session — making port scanner awareness valuable not just for server administrators but also for proxy users and automation engineers.
Legal and Ethical Use of Port Scanners
Port scanning is legal when performed on systems you own or have written authorization to test. Scanning third-party hosts without permission is a criminal offense in most jurisdictions under statutes like the CFAA, the UK Computer Misuse Act, and India's IT Act 2000. The ProxyDime Port Scanner requires users to confirm they own or have authorization over the target — misuse of this tool is the sole responsibility of the user.
Frequently Asked Questions About Port Scanning
What is a common port scan used for in penetration testing?
In authorized penetration testing engagements, port scanning is the reconnaissance phase — identifying all exposed services before testing each for vulnerabilities. A clean port scan with only expected ports open indicates a well-hardened server.
How do I close an open port I didn't intend to expose?
Stop the application listening on that port (or configure it to listen only on localhost/127.0.0.1), then verify your firewall blocks that port from external access. Re-run the port scan to confirm closure.
Can firewalls hide open ports from port scanners?
Yes. Firewalls configured to silently drop (rather than reject) probe packets cause ports to appear as “filtered” — giving no information about whether a service is actually running behind them. This is a security best practice for sensitive services.