How to test if a Windows machine is able to listen on a port
So at this moment we’re setting up a managed file transfer solution which needs some open ports. We would like to test these ports before our consultancy partner arrives to help us implement. We need to test if we can make a connection on a specific number of ports without actually having the software installed that listens on them.
So first some non-windows tooling you can test. I do not take any responsibility for them and I haven’t tested them. But it might save you some google time. You can try portpeeker from linklogger or tcp-listen from allscoop. Alternatively you can just close the ports on the Windows firewall and inspect your firewall logging to see if the connection request has arrived. Or use wiresharkportable to inspect your traffic.
In our case we would really like to see a succesful connection with Windows Native tooling. So I installed Telnet Server (which just is a feature). Do !!!!!NOT!!!!! use Telnet Server for any type of servermanagement. Your security guys would not like you. Maybe even fire you. Just install the feature, do your port diagnostics and de-install the feature.
The installation is straightforward. Check the Telnet Server feature. Doesn’t take long. The service is disabled by default.
Now you can use the command tlntadmn to view the Telnet Server config. It gives an output like this:
The following are the settings on localhost
Alt Key Mapped to ‘CTRL+A’ : YES
Idle session timeout : 1 hours
Max connections : 2
Telnet port : 23
Max failed login attempts : 3
End tasks on disconnect : YES
Mode of Operation : Console
Authentication Mechanism : NTLM, Password
Default Domain : hostname
State : Stopped
To change the listening port use the following command. After setting the port you need to (re)start your Telnet Server service.
tlntadmn config port portnumber
To change the Telnet Server listening port to a port above 1024 you cannot use the config port command. You need to edit the port manually in your windows registry:
It’s a dword value. But you can just edit the value and switch to decimal. Enter the portnumber and switch back to hex.
Restart your service and use Telnet client to connect to your telnet server on the specific port. After your done de-install your telnet server feature. Keep in mind you have to reboot after the deinstall.