network scan

Posted on 2006-05-03
Last Modified: 2013-12-07
how can i find who is scanning my network or the open ports of my servers
Question by:ammadeyy
    LVL 12

    Expert Comment

    type this on the server at command prompt

    netstat -a
    this will give you all the current connections made to the server and its ports

    LVL 10

    Expert Comment

    Try any of the following:

    Enter starting and ending IP Address of servers and range of ports you wish to scan.

    Author Comment

    netstat -a giveves current connections

    suppose i want to monitor who scan my server yesterday (looking for holes)
    any possibility to run a software and keep logs?
    LVL 13

    Accepted Solution

    Peerguardian 2 monitors all connections and logs them - although this is not what is intended for (its a sort of firewall).

    So long as you don't set any blocks on it - it wil happily monitor whats going on.
    LVL 13

    Expert Comment

    by:Nick Denny
    Oh and to test ports use Shields UP (web site)

    LVL 57

    Assisted Solution

    You need to get some type of firewall that logs all attempts.    Peerguardian is basically a firewall that logs attempted connects, which is basically what port scans do.  Other personal firewalls (including the one provided with XP SP2) can also log attempted connects.

    However, knowledge of your network is a must.  If you are behind a firewall, then you need a firewall that logs port scans.  You should NOT just monitor ports scans for ports you have open, you really need to monitor for ports scans for ports you don't have open.

    If you have a port open, say you host a Web server, you expect to see connections to port 80 (and 443).   What you want to monitor there is for penetatration attempts, which should be logged by your web server in the way of failed gets.  If you see a lot of gets for directories/files that you don't have, somebody is attempting to map you your web server.
    LVL 18

    Assisted Solution

    by:Sam Panwar

    Good and popular Network Analyzer

    Firewalls for it :

    The basic version is still free!

    Black Ice Defender
    BlackICE teams a personal firewall with an advanced intrusion detection system to constantly watch your Internet connections for suspicious behaviour.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Hyper-V Networking Problems 4 38
    Systems talking to each other 5 38
    SBS serve  2008 offsite backup 2 33
    Cat6A Cabeling 3 24
    Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now