Check open ports on firewall

Hello,

I need to check if ports are open in a SonicWall programmatically from a computer within that lan.  I've though about some solutions like telnet and others but I need a consistent way to see if the ports are open and report back using the output from the shell.

Thanks in advance for any assistance.
crash1624Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

techzterCommented:
I am not clear on what you are looking to check. Are you trying to see what ports are open for outbound access from the client machines to the internet, or inbound from external locations into your network?

Do you have admin access to the firewall? The easiest way would be to review the firewall rules or contact the admin at your site that has this access.
0
crash1624Author Commented:
I'm looking to check outbound ports.  I don't want to have to log into the router/firewall to check this.  I want to be able to start a script from a computer on their lan to see if they can get out on specific ports.
0
techzterCommented:
In order for that to work you will need to have an external machine that is listening on all ports in order to confirm that the connection is successful. Do you have a workstation and location to host that in order to have an external source to test to?

This site looks like it may be helpful...
http://www.firebind.com/
..although it doesn't give you the script ability. You would need to run the java app from a computer within the LAN to test.
0
Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

darketherealCommented:
This is easy. Sonicwall's have a built in utility called a network monitor (Network > Network Monitor) that will allow you to probe IP addresses based on port. You can configure one or many to do this. IF you configure your Sonicwall to produce email alerts you can even receive emails when the port is down.

NOTE: By design, when TCP probing a port that is closed by the firewall, the probe will receive an ACK RST from the firewall which still constitutes as a "successful" network monitor probe, so you may in fact have to setup a probing method outside of the firewall.

Hope this helps,
Steve
0
royitCommented:
My understanding is you want to check list of ports to the Sonicwall firewall, then you can use Port scanner to the Firewall LAN IP using tools like NMAP, Solarwinds Port scanner or Advanced Port Scanner 1.3.

If your question is to check list of ports opened thru the firewall, that you can always check the rules on Firewall or enable log server which monitors all traffic, from that you can check list of ports opened.
0
crash1624Author Commented:
Sorry I'll try to be more specific.  I have a remote agent that I can run scripts against that are on the lan side of the firewall.  I want to be able to run a script that will attempt to connect to an outside server (that I host) on specific ports to verify that those ports are not blocked by their firewall.  This must be done programmatically as I will be performing this check on dozens of clients periodically.
0
ujitnosCommented:
As you mentioned earlier that you know of telnet, the best way to check if the port is open and connection is open with the destination, is to telnet the destination IP of the TCP port.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NT_thyrthCommented:
Give nmap.org a try
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.