Auditing firewall ports opened

Hello experts,

I need to work on an audit on several servers on which the Windows Firewall is enabled with port exceptions.

I am looking for an 'Open Ports Test' tool (exe file) which I can copy from server to server to test the Open Ports. Such tools exist but I am wondering if there is a unique one which I can upload the port numbers I am looking for (perhaps via delimited text) and the tool tells me if they are open or not on that server.

If I can find such a tool, I can quickly prepare text files for required port numbers per server type and quickly audit my server staging without looking into port lists and comparing the opened ones with my port numbers.

Any comments?
Thank you in advance
bozerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SeanSystem EngineerCommented:
I think what  you are looking for is already built into windows. Open command prompt and enter this:

netstat -a

you could also try netstat -a | find "LISTENING" to just find ports that are currently listening
0
bozerAuthor Commented:
Hello Zindel1,

I use netstat all the time. However, what I need is a tool, perhaps a customized batch file that checks which ports are required to be opened (from a list - based on that Server's functionality) and whether they are actually opened.

Thank you for the comment
0
SeanSystem EngineerCommented:
I still think netstat is what you are needing but you need to check the status of each port. If it shows Established then i would say that port is needed. I would say that you should research each server role and find out what ports that role uses and work from there. a lot of the time these roles will be added automatically so i wouldn't go closing ports unless they were created by a GPO or someone manually opened them. There isn't a tool that can do this for you from my experience. You could look at the Security Analyzer by Microsoft to help but i don't think it does everything you are wanting.

http://www.microsoft.com/en-us/download/details.aspx?id=7558
0
Rob GMicrosoft Systems EngineerCommented:
I believe Zindel is right on..
If you are looking for all open ports use the Netstat -aon | find "Listening"
You can drill further and do netstat -aon | find /i "443" or whatever the port number is to bring you back what PID is running the port, which will show you the associated software with the port that is open..

If you need additional software, to do penetration testing on the firewall to see all rules..
You can see this in your group policy, if you have your firewall policy running from group policy..
Otherwise you can use this command..

netsh advfirewall show /?

show allprofiles - Displays properties for all profiles.
show currentprofile - Displays properties for the active profile.
show domainprofile - Displays properties for the domain properties.
show global    - Displays the global properties.
show privateprofile - Displays properties for the private profile.
show publicprofile - Displays properties for the public profile.
show store     - Displays the policy store for the current interactive session.

The NetSh Advfirewall command has a load of information as you need it.. /? can be a friend..

Also you can always try Belarc Advisor..
0
Kini pradeepPrincipal Cloud and security consultantCommented:
all the above is definitely a good advice, Some times when i have to audit servers the customers donot give me access to the devices/ servers so i rely on Portquery/ PortqueryUI from Microsoft and NMAP. These are also helpful tools.,
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.