Сканер портов по ip windows

Время на прочтение
4 мин

Количество просмотров 72K

В локальной сети (LAN) обычно есть множество обменивающихся данными хостов. Сканирование сетей при помощи IP-сканера позволяет отделам ИТ, сетевым администраторам и службам безопасности следить, какие IP обмениваются данными и какие типы устройств занимают IP-адреса. Также это помогает выявлять сторонние несанкционированные хосты, которые тоже могут быть подключены к сети. Существует множество бесплатных сетевых IP-сканеров, помогающих сетевым и системным администраторам обнаруживать устройства в сети и управлять IP-ресурсами. В этой статье мы рассмотрим следующие инструменты: Nmap, Advanced IP Scanner, Angry IP Scanner, free IP scanner компании Eusing, встроенную командную строку и PowerShell.

▍ Nmap

Nmap уже долгое время считается надёжным инструментом информационной безопасности, он используется инженерами и сотрудниками служб безопасности. Это кроссплатформенная утилита, имеющая широкий спектр функцию, не ограничивающихся простым сканированием сетей.

Она содержит утилиты сканирования сетей, используемые для исследования сетей, и предоставляет множество утилит для аудита безопасности. Она позволяет выполнять глубокое изучение IP-пакетов, в том числе содержащих информацию о сервисах, приложениях, идентификации ОС и других характеристиках удалённого хоста. В ней есть опции «интересных портов», помогающие быстро находить порты удалённых хостов, которые часто бывают открытыми.

Утилита сканирования сетей Nmap, выполняющая быстрое сканирование пингом локальной сети

Бесплатный Nmap Security Scanner для Linux/Mac/Windows можно скачать здесь.

▍ Advanced IP Scanner

Большинство из нас в тот или иной момент времени сталкивалось с Advanced IP Scanner. Этот инструмент уже многие годы обеспечивает возможность быстрого сканирования сетей. Advanced IP Scanner — бесплатная утилита, которая быстро скачивается и мало весит. Начать сканирование сети с её помощью можно всего лишь за пару минут.

Сканирование сети при помощи Advanced IP Scanner

Этот инструмент, совместимый только с Windows, предоставляет множество базовых функций сканирования, в том числе определение имён устройств, IP-адресов и MAC-адресов при помощи OUI lookups для распознавания производителей устройств. Результаты работы утилиты можно экспортировать в файл CSV для дальнейшего исследования устройств в других инструментах и документации. Также она может взаимодействовать с функциональностью Wake-On-LAN найденных удалённых хостов и позволяет удобно обмениваться данными с устройствами, с поддержкой RDP.

Advanced IP Scanner — это автономный исполняемый файл, который можно просто запускать без установки, что повышает его удобство и простоту использования.

Advanced IP Scanner можно скачать здесь.

▍ Angry IP Scanner

Angry IP Scanner — ещё один популярный инструмент в этой категории. Он тоже является кроссплатформенным, поскольку поддерживает Windows, Mac и Linux. Angry IP Scanner сканирует сетевые порты и IP-адреса.

Angry IP Scanner обеспечивает быстрое и простое сканирование сетей

Он пингует адреса и резолвит имена хостов из DNS. Также он определяет MAC-адреса устройств для OUI lookup, а его возможности можно легко расширить при помощи опенсорсных плагинов, написанных на Java. Он имеет множество других функций, например, получение имени NetBIOS, рабочей группы, подключенных пользователей Windows, определение веб-серверов и многое другое. Инструмент позволяет экспортировать результаты в CSV, TXT, XML или в файлы списков IP-портов.

Angry IP Scanner — это автономный исполняемый файл, не требующий установки. Однако для его работы требуется установка на хост среды выполнения Java, что для кого-то может оказаться препятствием.

Angry IP Scanner можно скачать здесь.

▍ Free IP scanner компании Eusing

Free IP scanner — это простая утилита IP-сканирования, имеющая множество отличных функций. Это быстрый сканер, для обеспечения производительности использующий технологию многопоточности. Пользователь может настраивать уровни приоритетов процесса сканирования и максимальное количество потоков. Разработчик утверждает, что инструмент может сканировать сотни компьютеров в секунду.

Free IP scanner

Для поиска находящихся онлайн-хостов он использует пинг. Опционально он может резолвить имена хостов, находить открытые порты и использовать другие функции в случае нахождения онлайн-хостов. Как и другие сканеры, он может получать информацию NetBIOS, в том числе имя хоста, рабочую группу, подключенного пользователя и MAC-адрес. Результаты сканирования можно сохранять в простой текстовый файл. К сожалению, этот инструмент не имеет автономного исполняемого файла, поэтому его нужно устанавливать. Программа запрашивает код регистрации, однако это freeware-программа, которую можно использовать без регистрации.

Free IP scanner можно скачать здесь.

▍ Встроенная командная строка и PowerShell

Также для нахождения хостов в сети можно использовать встроенные командные среды, в том числе командную строку и PowerShell. Например, можно выполнить простую однострочную команду для быстрого пинга и возврата всех онлайн-хостов в конкретной подсети:

for /l %i in (1,1,255) do @ping 10.1.149.%i -w 1 -n 1|find /i "ttl="

Кроме того, компания Microsoft предоставляет множество превосходных бесплатных примеров кода для различных ping-утилит, встроенных в галерею PowerShell. Я пробовал работать с модулем ping_scan, и он неплохо справляется со своей задачей. В галерее есть множество опций для выполнения быстрых и простых сканирований сети при помощи ping.

▍ В заключение

Бесплатные сетевые IP-сканеры позволяют администраторам выполнять мониторинг сети и подключенных хостов. Кроме того, они способны определять типы хостов и производителей устройств, что помогает в обеспечении безопасности сетей. Системные администраторы и сотрудники служб безопасности могут использовать эти простые инструменты для слежения за сетями и создания подробной актуальной документации сети.

RUVDS | Community в telegram и уютный чат

An IP scanner, also known as a network scanner or port scanner, is a tool used to discover and gather information about devices connected to a computer network. It scans a range of IP addresses and identifies active hosts, providing details about each device found.

IP scanners are commonly used by network administrators, security professionals, and IT teams to gain visibility into the devices and infrastructure on a network. It can also allow managers to maintain a detailed and updated diagram of the network.

Here is our list of the 11 best free IP and Port Scanners for open ports, IP addresses and service scanning:

1. SolarWinds Open Port Scanner with Engineer’s Toolset – EDITOR’S CHOICE This port scanner is part of a suite of more than 60 network management tools and is very easy to use. Runs on Windows and Windows Server. Start 14-day free trial.
2. Paessler PRTG – FREE TRIAL This package of monitoring for networks, servers, and applications includes an IP scanner and is free to use. Runs on Windows Server. Start a 30-day free trial and get unlimited free use for up to 100 sensors.
3. ManageEngine OpUtils – FREE TRIAL A package of free network monitoring tools that includes a Ping-based network scanner, and a MAC address resolver. Available for Windows Server and Linux. Start a 30-day free trial.
4. Nmap A command-line utility that includes a range of network management tools, including IP address management features and a port scanner. Available for Windows, macOS, and Linux.
5. Advanced IP Scanner A suite of network exploration tools, including a port scanner as well as an IP scanner, that has more than 53 million users. Installs on Windows.
6. Angry IP Scanner A free network address monitoring utility that includes IP management functions and a port scanning service. Available for Windows, macOS, and Linux.
7. Free IP Scanner by Eusing this tool searches a network, working through each IP address in a given range, reporting on whether or not that address is in use. It can also be used as a port scanner. Runs on Windows.
8. NetCat A network data management utility that has IP address usage detection and a port scanning option. This is an old utility but there are many clones available for Windows, macOS, and Linux.
9. LanSweeper IP Scanner This is a network device discovery tool that reports on attributes of discovered equipment, including the IP addresses assigned to them. Installs on Windows.
10. MyLanViewer Network/IP Scanner A network scanner that reconciles discovered IP addresses to DHCP records. Runs on Windows.
11. Slitheris Network Discovery This tool delivers detailed information on every device connected to the network. This includes IP address information. Installs on Windows.

Live open ports can lead into the services running on hosts which can become a door into the organization. Running a port/services scan can make you aware of these weaknesses. With this information in hand, a network manager can secure a firewall by closing unnecessary ports and services.

The following is a list of the Best FREE IP Scanners for Port and Services, including a brief description, their features and official download site.

Related post: Find any Device or IP Address using the MAC Address

There are a variety of scanners on the market which are usually online tools. But the best scanners are the ones that you run on your own devices since they allow more flexibility in the process.

With these selection criteria in mind, we have identified some strong IP scanners and port scanning tools, making sure to include systems that will run on each of the major operating systems.

1. Engineer’s Toolset Open Port Scanner – FREE TRIAL

The Engineer’s Toolset from SolarWinds is a package of more than 60 network management facilities and one of those services is the Open Port Scanner. The Engineer’s Toolset provides a menu of all of its services. This is where you get access to the Open Port Scanner.

Key features:

• Sweeps a network to discover devices
• Scans the ports on each discovered device
• For brevity, only lists open ports
• Categorizes ports as ‘Available’ or ‘Used’
• Straightforward, easy-to-read layout

The Open Port Scanner will scan all devices between a given IP address range. In order to get a complete system sweep, you could just enter a very wide range. While it scans the network, this tool also acts as a network discovery tool because it will register each IP address that is in use and then scan the discovered device’s ports.

The tool will list all of the open ports that it has encountered and identify whether they are operating as TCP or UDP. The output display is uncomplicated and easy to read.

2. Paessler PRTG – FREE TRIAL

Paessler PRTG is a bundle of many monitors, called “sensors.” These are available for networks, servers, and applications. You customize the tool by deciding which sensors to turn on. If you only turn on 100 sensors, you never have to pay for the package. The central sensor in PRTG is an essential network discovery service. This actually uses SNMP and identifies all of the devices connected to the network.

Here are the key abilities of PRTG Free:

• Genuinely free forever for up to 100 sensors
• Automated network discovery and a continuously updated inventory
• A range of network topology map formats
• A large library of sensors for networks, servers, and applications
• Options for IP scanning and port scanning

The SNMP network sweep recurs continuously. It creates a network inventory and will generate a network topology map based on that list of devices and their attributes, which includes IP addresses. Another option for IP scanning is to deploy the Ping sensor. This also runs continuously and will list all IP addresses in use on the network. You can get a list of ports and their statuses on each discovered device with the Port Range sensor.

PRTG runs on Windows Server and you can get the full package with all sensors active with a 30-day free trial. At the end of the trial, if you don’t buy, you just keep on using the Free version.

Up to 100 sensors FREE!

3. ManageEngine OpUtils – FREE TRIAL

ManageEngine OpUtils is a package of network monitoring and management tools. The facilities in the bundle include an IP address manager, a switch port mapper, and a port scanner. ManageEngine produces a free version of OpUtils. This version doesn’t include the IP address manager or the switch port mapper but it does include a number of useful network diagnostic tools, including a range of Ping utilities and TraceRoute.

Free features:

• ICMP Ping, SNMP Ping, and Proxy Ping
• TraceRoute for network path investigation
• A network scanner for device discovery
• A DNS resolver to translate between allocated IP addresses and hostnames
• A MAC address resolver to find the MAC address of an allocated IP address

The Free OpUtils service has an attractive interface that gives easy access to all of the different utilities in the package. Clearly, the full package of the paid OpUtils is a lot better than the free version. ManageEngine offers a 30-day free trial of the paid OpUtils edition, so you can assess it for free, and if you don’t think you don’t want to pay for it, switch over to the free version once the free trial expires.

Both the free and paid versions of OpUtils are available for Windows Server and Linux.

Official site and where to download the 30-day FREE Trial:

manageengine.com/products/oputils/

Download FREE TRIAL!

4. Nmap

Nmap is considered the Swiss Army Knife of hackers (ethical and not) and pen-testers.

Nmap stands for Network Mapper and is one of the most popular port scanners. It is an open source tool that offers a great deal of flexibility and power when it comes to performing any kind of active network reconnaissance against a target. With Nmap you can craft packets and send them to a specific target and let the software analyze the response.

A very short list of what you can do with Nmap:

• Scan a target selection, such a single IP, a host-name, a range, etc.
• Scan a port selection, such as a single port or a range.
• Detect specific services and OSs.
• Perform NSE scripts.
• A really strong feature in Nmap is different “Port Scan Types”, such as TCP Connect, TCP SYN Scan. Below is a table with the most common TCP Scans Types that you can do in Nmap.

For beginners, Nmap can be a little bit intimidating because there are so many different scanning combinations that get you different results.

Scan Type	Description
TCP Connect (-sT)	Full Three-way-handshake (SYN, SYN/ACK, ACK)
TCP SYN (sS)	Send SYN. RST/ACK response=not listening SYN/ACK=listening
TCP FIN (sF)	Send FIN, RST response=port close
TCP Xmas Tree (sX)	Send FIN, URG, PSH, RST response=port closed
TCP Null (sN)	No Flags. RST response=port closed
TCP ACK (PT)	Send ACK. Firewall test to verify packet filtering.

Official site and where to download:

https://nmap.org/download.html

5. Advanced IP Scanner

It is a portable, easy-to-use and free network scanner for Windows. Advanced IP Scanner is free of installation. Just press play and you’ll have one of the most robust scanners at your disposal. With Advanced IP Scanner you can see a list of network devices with information such as IP, Port, Manufacturer, MAC Address, OS, etc.

Common features:

• Easy access to network shares.
• Control devices via Radmin and RDP.
• Switch on/off computers remotely.
• Find the MAC addresses.
• Export all scan results to a CSV file.

This scanner finds all the devices in a targeted scan in a matter of seconds and provides easy access to their shared resources, either through HTTP, HTTPS, FTP or even shared folders.

Another cool feature of this tool is that it detects the RDPs or Radmin ports, and it will let you manage the device remotely right from the platform.

Official site and where to download:

http://www.advanced-ip-scanner.com/

6. Angry IP Scanner

Angry IP Scanner (also called ipscan) is a free and open-source network scanner. The tool works on popular OSs, such as Windows, Mac OSX, and Linux. It was designed with simplicity in mind, the software is ultra-light, no installation is required (highly portable) and it is fairly easy to use.

Common features:

• Can scan private or a public range of IP addresses. Additionally, it can get the NetBIOS information of a device, detect web servers and customize openers.
• It is able to export the results in different formats such as TXT, CSV, XML, or IP-Port list files.
• For faster scanning, the tool uses the multi-threading approach.
• By default, the tool comes with common fetchers like Ping, Host-name, and Ports but you can add more fetchers with the help of plug-ins to see more information.
• The tool runs on the GUI, but you can use the CLI to call up different options on the software.

At its most basic level, Angry IP Scanner will ping the target device/network to confirm that it is alive. It can also resolve hostnames, find the MAC address, and scan ports. You can extend the amount of information received about each target with the help of plugins.

Official site and where to download?

https://angryip.org/

7. Free IP Scanner by Eusing

Eusing Software creates miscellaneous free applications for windows users. Among the most popular tools is the Free IP Scanner. This tool is a lightweight standalone scanner that can check a hundred devices per second. It is only supported by Windows OSs.

Extra features:

• Fast scanning using multi-threaded technology.
• Free IP Scanner can scan multiple targets per second without consuming many resources.

Free IP Scanner pings the IP (or range of IPs) to see who is alive. It can also translate the host-name to IP (or vice versa), find closed and open ports and get NetBIOS information. The last one can show details such as host-name, workgroup, active logged users, and the MAC address of the device. All the results obtained can be exported into a TXT file.

People like Free IP Scanner because it is simple, portable and easy to use. However, it cannot be extended with more functionality. Although the tool scans and finds ports, the entire layer 4 TCP/UDP information cannot be customized for deeper analysis.

Official site and where to download?

http://www.eusing.com/ipscan/free_ip_scanner.htm

8. NetCat

A fully versatile tool preferred by most hackers like NMAP above.

NetCat is not strictly an IP Scanner, it goes well beyond that. It is however a tiny Unix networking analyzer utility used by and against hackers for a large number of reasons.

It is tiny but powerful. NetCat is considered as a feature-rich networking tool used especially for debugging and investigation.

Some features?

• Connect to a remote system through any port or service.
• Banner Grabbing to identify the software that the target is using.
• Scan, listen and forward open ports.
• Create tunnels with specific network parameters, like source port/interface, listening port/interface and the remote host.
• Create back-doors for easy access to the target.
• Transfer files from the target

With NetCat you can create any kind of connection. It basically writes to and reads data from network connections using TCP or UDP. In other words, it can open TCP or UDP connections between two devices over any port.

The most common use for this tool is to set up reverse and bind shells, redirecting network traffic, port scanning and forwarding, debugging scripts, and service banner grabbing.

Official site and where to download:

http://netcat.sourceforge.net/

9. LanSweeper IP Scanner

It is a free and powerful IT management tool that can scan networks and find your assets. The IP Scanner is a feature that comes integrated with LanSweeper. With the scanner, you can target a specific IP or range of IPs and get a full inventory of all computers, servers, virtual servers, switches, routers, printers, VoIP phones, etc. The results can be easily exported and created into a report.

Common features?

• Inventorying
• Scan IP addresses automatically or on demand
• Import the results via a CSV file.
• Run custom actions such as remote shutdown.
• Wake-On-LAN Manager
• Find MAC address, logged-on users, user accounts, device up-times, etc.
• The free version lets you find detailed info of up to 100 devices.

People love LanSweeper because of its ability to automatically deploy scripts and commands to many devices at the same time. It uses an integrated deployment feature to automatically deploy software and execute commands on the devices shown on the inventory.

The software goes beyond scanning. It will let you get deep details through scanning, find issues and proactively fix them. The scanner grabs network information through WMI, SNMP, HTTP, FTP, SSH and other protocols.

Official Site and where to download?

IP Scanner

Related Post: Best Wake-On-Lan Tools

10. MyLanViewer Network/IP Scanner

A comprehensive network IP Scanner for Windows OSs. On the basic level, this tool will scan the target network and will show the IP, MAC addresses, NIC vendor, OS Version, logged users, and shared folders of the wired and wireless devices found an easy-to-read list.

Additional Features:

• NetBIOS scanner
• Whois and Traceroute tool
• Remote shutdown and Wake-On-LAN manager.
• Wireless network scanner and monitor
• Show and access shared folders
• Terminate user sessions
• Show netstat information
• Find rogue DHCP servers.

MyLANViewer Network/IP Scanner can monitor all the scanned devices (even if they are hidden), and notify you when a new device was found.

Official Site and where to download:

http://www.mylanviewer.com/network-ip-scanner.html

11. Slitheris Network Discovery

Slitheris Network Discovery from Komodo Laboratories is a Windows-based premium IP scanner. The free version of this advanced network scanner allows you to find up to 50 network devices but can be extended with the premium license.

What can Slitheris do?

• Real-time visual ping sweep. It shows what the ping sweep is doing with a visual matrix.
• OS Detection and Fingerprinting. Identify different Windows OS versions without the need for authentication and credentials.
• Identify different type of devices. Find whether the device is a Printer, Virtual Machine, Mobile, Server, Workstation, etc.
• Age determination. Uses MAC address to determine the age of the device.
• SMB Security. Alarms when SMB (Server Message Block) is enabled or disabled on a device, to improve security.
• Detects stealth devices. The tool uses the ARP cache to find un-pingable devices.
• Find Web GUI access devices. The tool uses port scanning on HTTP and HTTPS to see whether a device can be accessed through Web GUI.

This tool takes IP scanning to a new level, it is fast and finds information that most scanners can’t. It gathers information from target network devices without needed credentials or agents. Slitheris Network Discovery uses multi-threaded technology to quickly find all pingable devices and uses ARP pings to discover hidden devices.

Official Site and where to download:

Slitheris Network Discovery – A Premium IP Scanner for Windows

Conclusion

Open ports can be gateways into networks and are considered weaknesses if not treated with security in mind.

The toolbox of network and security administrators should contain a Port and Services Scanner to help them identify open ports and control vulnerabilities efficiently, before it’s too late.

There are many free and online scanners out there as well, But when combining portability, effectiveness, feature-richness, flexibility and cost-efficiency, only the previous nine stand out.

They are free, download a copy today and scan your network. We suggest you grab several of them (as they are all Free) and give them a try – they all have different feature sets and work well when there is no internet connection available to use an online variation. We hope this list of some of the top Port Scanners help you secure your network and keep intruders out!

IP and Port Scanner FAQs

What are the 3 types of network scanning?

There are three types of network scanning:

• IP scanning looks for all IP addresses that are currently in use.
• Port scanning tests each port on each device to see whether it has an active daemon looking for communications with that port number on it – this is called an open port.
• Vulnerability scanning performs a series of break-in attempts using known hacker strategies to discover whether there are weaknesses in the network’s settings.

Is IP scanning illegal?

IP scanning is not illegal. In fact, it is a necessary function of any communication system. Public and private IP addresses have different scopes and so slightly different uses for IP scanning. On a private network, IP scanning is an important part of the work performed by IP address management software and enables systems to reclaim abandoned IP addresses. On the internet, IP scanning is relatively meaningless; probing the availability of a device with a specific IP address or checking the route to an individual IP address is more common.

Related Post: Best Network Traffic Generators for WAN and LAN Stress Testing

Port Scanners are an important tool when you want to investigate any remote or local network for security considerations.

Used by programmers and network administrators, these port scanners are used to mainly know what ports are being used by what applications, so you can identify malicious programs right away.

These port scanners can also be used to assess the strength of your security policies. Due to their usefulness, there are many port scanner applications available today. But all are not created the same.

To help you navigate through this world of port scanners, we present to you some of the best ones that come with a host of features.

Here’s our list of the Top Port Scanners for Scanning Open Ports/Services

They come with a ton of features designed to reduce the time and effort needed in scanning every port within your network.

1. SolarWinds Open Port Scanner with Engineer’s Toolset – FREE TRIAL This scanner will run through a given IP address range, identify addresses in use, and then scan all of the ports within a second given range to identify their statuses. Installs on Windows and Windows Server. Start a 14-day free trial.
2. ManageEngine OpUtils – FREE TRIAL A package of tools that cover all issues related to communication addressing and that includes ports. This software includes a port scanner and will run on Windows Server and Linux. Get a 30-day free trial.
3. ManageEngine Vulnerability Manager Plus – FREE TRIAL A software solution offered by ManageEngine that helps companies identify and remedy vulnerabilities in their devices and networks. Start a 30-day free trial.
4. Advanced IP Scanner This free IP address discovery tool will also check for the availability of a limited number of resources on a computer, hence whether those ports are open. Installs on Windows.
5. Angry IP Scanner This free IP address discovery system will scan each discovered device and count the number of open ports. Available for Windows, macOS, and Linux.
6. Nmap A well-respected free command line tool to discover IP addresses and then lets you issue a port scan on a specific target. Available for Windows, Linux, macOS, and Unix.
7. NetCat A network tool that can be used for hacking or penetration testing that includes a port scanning function. Runs on Windows, Linux, Unix, and macOS. The tool is pre-installed on macOS and Kali Linux.
8. LanSweeper IP Scanner This network detection system will scan a limited number of ports for its own administration and can work with port scans imported from Nmap. Runs on Windows and Windows Server.
9. MyLanViewer Network/IP Scanner A free network discovery tool that includes a number of network functions but doesn’t have a port scanner. Runs on Windows and Windows Server.
10. Slitheris Network Discovery This tool documents network attributes of devices including IP addresses but doesn’t have a port scanner. Available for Windows or in a portable format.

Methodology for selecting the Best Port Scanners 

With the increase in cybercrime, it has become essential for organizations to invest in tools that protect their data and devices from unknown threats. Open ports are a security risk to any computer network, as they can be used by malicious hackers to gain access to the system. When open ports are left unprotected, they can be exploited by attackers who may use them to gain access to sensitive data or even take control of the system. Therefore, it is important for IT teams to identify and close any open ports that could be vulnerable and ensure that all other ports have adequate security measures in place.

Port scanners are the best tools that provide a comprehensive overview of the system’s open ports, allowing administrators to identify any potential weaknesses or unauthorized access points. Port scanners also enable administrators to quickly detect any malicious activity or suspicious traffic on the network, helping them take action before it is too late. By using port scanners, administrators can ensure that their Windows/Linux systems remain secure and protected from any malicious attacks.

Selecting the best port scanners is an important task for any network administrator. It is essential to choose the right port scanner that can effectively detect open ports, identify vulnerable services, and provide detailed information about them. To ensure that you are selecting the best port scanner, it is important to understand the different types of scanners available and their features. Here, we will provide a comprehensive methodology for selecting the best port scanner:

• Check if the tool provides the option to scan multiple devices.
• Can you export a detailed report highlighting the ports that are open, closed, or filtered?
• Does it support integration with network scanning responsible for performing device discovery?
• Does the selected tool offer free sessions or assessment opportunities without any cost?
• Can you scan ports within the provided range?
• Can you export scanned results in different file formats like XML, XLSX, and CSV?

What should you look for in port scanning tools? 

We reviewed the market for port scanners that will work on Windows and Linux and analyzed tools based on the following criteria: 

• The option to scan one device or many
• A report on which ports are open
• A system that focuses on the most important ports
• Integration with network scanning that performs device discovery
• A tabulated results list that can be exported
• A free trial for a no-obligation assessment period or a free tool
• A paid tool that is worth the money or a free tool that is worth using

With these selection criteria in mind, we looked for a variety of port scanners that will give you a quick assessment of the vulnerability of your devices and we made sure to include some free options.

Let’s take a detailed look into the features, pricing and download options for each of these tools and where to download them!

1. SolarWinds Open Port Scanner – FREE TRIAL

SolarWinds Open Port Scanner with Engineer’s Toolset is part of a comprehensive package of more than 60 system monitoring and management tools. 

This utility saves you time by combining both an IP address scanner with its port checker. You enter a range of IP addresses to scan and the results will show you which addresses in that range are in use. It will then look through the ports within a second given range and identify those that are open.

Key Features: The features of SolarWinds Open Port Scanner are:

• Identifies IP addresses in use
• Scans ports within a given range
• Lets you control the range of addresses to scan and the range of ports to scan
• Option to examine the ports on just one device
• Reports on port statuses: open, closed, and filtered
• On-demands scans
• Exports the scanned results to various formats such as XML, XLSX, and CSV
• Resolves to device hostnames from the DNS server
• Runs on Windows Server

Why do we recommend it?

The Open Port Scanner, as a part of the Engineer’s Toolset, not only delivers accuracy in scanning but also provides comprehensive details which can be vital for network troubleshooting and security analysis. The combination of IP address scanning and port checking in one tool streamlines the process and eliminates the need to jump between tools.

Who is it recommended for?

It is best suited for network administrators, security analysts, and IT professionals who need a reliable and detailed port scanner. Due to its comprehensive nature, it’s ideal for medium to large-scale enterprises, but can also be beneficial for small businesses with dedicated IT staff.

Pricing: Start with a 14-day free trial.

Download: You can download SolarWinds Port Scanner and the entire Engineer’s Toolset from https://www.solarwinds.com/engineers-toolset/registration

DOWNLOAD FREE TRIAL

2. ManageEngine OpUtils – FREE TRIAL

ManageEngine OpUtils contains a range of utilities that work on network addressing. Those functions include an IP Address Manager, a Switch Port Mapper and a Port Scanner.

Key Features:

Here is a look at the features of ManageEngine OpUtils.

• A separate screen for port scanning.
• Scan an individual device, a range of IP: addresses, or all devices on the network.
• Indication of the status of each port
• Additionally, a full IP Address Manager that can communicate with your DHCP and DNS servers.
• A Switch Port Mapper to see which slots on each switch are occupied.

Why do we recommend it?

ManageEngine OpUtils provides a comprehensive solution to a variety of network management tasks. Combining IP address management, port scanning, and switch port mapping in one tool makes OpUtils a powerful port scanning solution. The solution’s ability to detect rogue devices helps maintain a secure and compliant network environment.

Who is it recommended for?

ManageEngine OpUtils is best for IT managers, network administrators, and security professionals who require an integrated solution to manage, monitor, and secure their network infrastructure. Given the depth and range of its utilities, it is beneficial for organizations of all sizes, especially those with complex and extensive networks.

Pricing: The Professional Edition of OpUtils is a paid tool and you need to contact the Sales Department to get a quote.

The Free Edition doesn’t include the Port Scanner. You can download a 30-day free trial.

Download: Download either version of OpUtils from https://www.manageengine.com/products/oputils/download.html

DOWNLOAD FREE TRIAL

3. ManageEngine Vulnerability Manager Plus – FREE TRIAL

ManageEngine Vulnerability Manager Plus uses vulnerability scanning to detect potential vulnerabilities such as insecure configurations or outdated patches and subsequently generates comprehensive reports of its findings. It also provides asset management, compliance reporting, and patch management capabilities to aid businesses in securing their IT infrastructure.

Key Features:

• Vulnerability classification and prioritization
• Team-based collaboration tools
• Compliance reporting and auditing

Why do we recommend it?

ManageEngine Vulnerability Manager Plus offers a holistic approach to vulnerability management. Not only does it help identify vulnerabilities, but it also provides actionable insights and facilitates their remediation. The capability to prioritize vulnerabilities helps businesses in directing their resources effectively towards the most pressing threats. With its versatile reporting capabilities, organizations can easily track and demonstrate their progress in addressing security gaps, making it suitable for compliance purposes.

By proactively identifying and addressing security gaps, Vulnerability Manager Plus can streamline and automate much of the vulnerability discovery and remediation process. It offers a free version that is ideal for small businesses, and it can run on Windows, Linux, and Mac.

Who is it recommended for?

While the free version of ManageEngine Vulnerability Manager Plus is an excellent choice for small businesses, its extensive features and the broader ManageEngine ecosystem make it most suitable for medium to large enterprises with comprehensive IT infrastructure. It’s ideal for fit for any size organization seeking a comprehensive port scanning security solution.

Pricing: Start with a 30-day free trial.

Download: You can download ManageEngine Vulnerability Manager Plus from https://www.manageengine.com/vulnerability-management/download.html

DOWNLOAD FREE TRIAL

4. Advanced IP Scanner

Advanced IP Scanner is a reliable network scanning tool best used for analyzing LAN. It is easy to use and even runs as a portable edition.

Key Features: Here is a look at the features of Advanced IP Scanner.

• Gives easy access to shared folders through the network.
• Allows you to remotely control the tool via RDP and Radmin.
• Automatically detects MAC addresses.
• Enables you to switch computers on or off remotely.
• Exports scan results to CSV files
• Requires no installation at all.

Why do we recommend it?

Advanced IP Scanner offers a mix of simplicity and effectiveness, making it suitable for both novice users and IT professionals. Its capability to analyze local area networks without any cumbersome setup process is a notable advantage. Being free, its range of features, including the remote control option via RDP and Radmin, gives it a large degree of flexibility.

Who is it recommended for?

It’s perfect for businesses and individuals who want a straightforward and dependable network scanner without getting tangled in intricate configurations or premium costs. Network administrators, IT professionals, and even casual users looking for insights into their local network will find Advanced IP Scanner valuable.

Pricing: Free to use

Download: Download Advanced IP Scanner from https://www.advanced-ip-scanner.com/

5. Angry IP Scanner

Angry IP Scanner is an open-source and cross-platform network scanner that is fast and simple to use.

Key Features: The features of Angry IP Scanner includes the following.

• Exports the scan results into many formats such as CSV, TXT, XML and IP-Port list files.
• Requires no installation at all
• Scans local network, IP address ranges, ports and even files of any format.
• Allows you to extend the functionality of this application with many fetchers.
• Comes with a command line interface.
• Starts by pinging each IP address, and then determines the MAC address and scans ports.
• Works on Mac, Windows and Linux
• Uses a multithreaded approach, in which a scanning thread is created for each scanned IP address.

Why do we recommend it?

Angry IP Scanner is a lightweight and port scanner with a solid track record. The ability to scan different resources such as local networks, IP address ranges, and specific files offers flexibility. Its multithreaded approach ensures rapid scanning, which is especially useful when dealing with extensive networks.

Who is it recommended for?

Given its simplicity and efficiency, Angry IP Scanner is a good fit for network administrators, IT technicians, and even casual users who want an insight into their network. Its open-source nature also makes it appealing to tech enthusiasts who may wish to delve deeper into its code or contribute to its development. Larger networks may seek more advanced tools for additional features.

Pricing: Free.

Download: Download Angry IP Scanner from https://angryip.org/download/

6. Nmap

Nmap is a free and open-source scanner that discovers devices on a network and builds a comprehensive “map” of the same. To do this, it sends special packets to targets and analyzes the response.

Key Features: The features of Nmap are:

• Identifies hosts on a network.
• Lists the open ports on target hosts.
• Checks network services on remote devices to determine the version number in applications.
• Determines the operating system and hardware characteristics of network devices.
• Interacts with the target by way of script using Nmap Scripting Engine and Lua programming language.
• Supports many techniques for mapping devices.
• Scans both UDP and TCP ports.
• Has the ability to scan huge networks comprising of tens of thousands of machines.
• Supports most well-known operating systems such as Windows, Linux, Mac, Free BSD, OpenBSD, Solaris, HP-UX, Sun OS, Amiga and more.

Why do we recommend it?

Nmap stands as one of the most popular tools in the realm of network scanning and security auditing. Its versatility, efficacy, and in-depth scanning capabilities have made it a staple for many IT professionals, penetration testers, and network administrators. Its open-source nature, coupled with its wide platform support, makes it universally accessible and adaptable.

Who is it recommended for?

Nmap is suitable for network administrators, cybersecurity professionals, penetration testers, and IT enthusiasts looking for in-depth insights into their ports and networks. While beginners can utilize its basic port scanning functions, the true power of Nmap lies in its advanced features, which cater to seasoned professionals.

Pricing: 100% Free

Download: It can be downloaded at
https://nmap.org/download.html

7. NetCat

Netcat is a networking utility that reads and writes data across different connections using the TCP/IP protocol.

Key Features: The features of NetCat are as follows.

• Provides access to outbound and inbound connections and TCP and UDP ports.
• Comes with a tunneling mode to allow special tunneling such as UDP to TCP.
• Supports built-in port scanning capabilities
• Has advanced usage options such as buffered send mode and hexdump.
• Gives optional RFC854 telnet codes for parsing and responding.
• Provides full DNS forwarding and reverse checking with appropriate warnings.
• Has the ability to use any local source port or locally configured network source address.
• Reads command line arguments from standard input

Why do we recommend it?

NetCat, often hailed as the “Swiss Army knife” of networking, is a versatile tool that provides a plethora of functionalities ranging from simple data transfer to port scanning and banner grabbing. Its raw, straightforward approach to socket communication lets users deploy it in a myriad of ways, from quick network diagnostics to more sophisticated tasks such as network backdoors and shell transfers.

Who is it recommended for?

NetCat is ideal for network administrators, cybersecurity experts, and anyone keen on exploring the intricacies of TCP/IP interactions. Its simple syntax makes it accessible for beginners, while its robustness and versatility appeal to seasoned professionals.

Pricing: Free to use.

Download: Please download NetCat from
http://netcat.sourceforge.net/download.php

8. LanSweeper IP Scanner

LanSweeper IP Scanner is a free IP scanner that uses the available ports to gather and present detailed information about different applications.

Key Features: The features of LanSweeper IP Scanner are:

• Comes with a user-friendly interface.
• Gathers relevant network information through WMI, SNMP, SSH, FTP, HTTP and other protocols.
• Discovers scanned devices by IP address
• Executes custom actions such as remote shutdown, Wakeup On LAN and more.
• Scans IP ranges automatically or on demand
• Re-discovers an entire subnet with just one click.
• Imports your entire network setup through a CSV files
• Excludes devices from scanning based on their IP address.

Why do we recommend it?

LanSweeper IP Scanner is more than just a basic IP scanner. It combines IP scanning with detailed network asset discovery, making it an ideal tool for administrators looking to have an overview of networked devices along with granular information about each device. With its easy-to-navigate interface and robust scanning capabilities, LanSweeper IP Scanner provides in-depth insights into a network’s health, devices, and configurations.

Who is it recommended for?

This scanner is perfect for IT administrators and network managers who need a comprehensive overview of their medium-sized networks. It’s also beneficial for businesses that require regular audits of their network assets or who are looking to identify potential network vulnerabilities or unauthorized devices.

Pricing: Free for up to 100 devices and $495 per year for up to 500 devices. For more than 500 devices, contact the support team for a quote.

Download: You can download this tool from
https://www.lansweeper.com/download

9. MyLanViewer Network/IP Scanner

MyLanViewer Network/IP Scanner is a powerful NetBIOS and LAN/Network IP scanner for Windows, and also performs a ton of other functionalities required to have a complete control over your network.

Key Features: The features of MyLanViewer Network/IP Scanner are as follows.

• Performs remote actions such as remote shutdown, reboot, sleep, hibernate and Wake On LAN (WOL).
• Helps you find all IP addresses, MAC addresses and shared folders on any wired or wireless network.
• Monitors IP addresses and shows the state of computers when they change.
• Does a variety of tasks such as terminates user sessions, disables shared folders, detects rogue DHCP servers, shows netstat information and more.
• Monitors all devices, including hidden ones, on your subnet.
• Comes with a user-friendly interface.
• Works well on Windows 2000, XP, 2003, Vista, 7 and 8.

Why do we recommend it?

MyLanViewer Network/IP Scanner is a comprehensive network management tool with various functionalities that grant administrators detailed control and monitoring abilities over their networks. From scanning wired and wireless networks to the ability to remotely shut down or restart computers, MyLanViewer offers a depth of control that can be invaluable in managing large or intricate networks.

Who is it recommended for?

MyLanViewer Network/IP Scanner is suitable for network administrators, IT professionals, and tech enthusiasts who need to monitor and control devices within a network, especially in environments where both wired and wireless devices are present.

Pricing: Free to use.

Download: You can download MyLanViewer IP Scanner from
http://www.mylanviewer.com/MyLanViewer-setup.exe

10. Slitheris Network Discovery

Slitheris Network Discovery is a premium agentless network scanner that helps to identify and scan different devices on a network.

Key Features: Features of Slitheris Network Discovery include,

• Collects information from devices without a need for credentials or agents.
• Offers a ton of information about each device/application
• Identifies the type of device by gathering dozens of attributes about every device and compares them to a device type definition database.
• Uses advanced algorithms to determine the year in which a device was manufactured.
• Determines if SMBv1 or SMBv2 is enabled, and if so, gives the choice to disable SMBv1 for security reasons.
• Uses ARP cache to identify hidden devices that are unresponsive to pings.
• Allows you to see the devices that have a GUI and gives you instant access to the same on your browser.
• A portable version is available.

Why do we recommend it?

Slitheris Network Discovery stands out for its agentless scanning capabilities, allowing administrators to gather comprehensive data about devices on the network without requiring credentials or the installation of agents. The tool can identify a wide range of device attributes, including the type and manufacturing year. Its capacity to identify devices with GUIs and provide direct browser access enhances user experience and troubleshooting ease.

Who is it recommended for?

Slitheris Network Discovery is ideal for IT administrators, network managers, and help desk staff who require a comprehensive view of their network topology, especially in environments with various devices.

Pricing: Free for up to 50 devices, $195 for up to 256 devices, $295 for up to 1000 devices and $395 for unlimited devices.

Download: You can download Slitheris from
http://www.komodolabs.com/downloads/slitheris_installer.exe

Conclusion

In short, port scanners are a vital tool for network administrators as they help to gather information about devices, so as to understand the working of these devices, their security and so much more.

They assist in identifying open ports and possibly vulnerable systems that could potentially allow intrusions in your perimeter and cause potential leaks into your infrastructure.

We highly suggest you grab one of the downloads from above and give them a spin in your network. Some programs have nice Interfaces that allow for easy scanning and others have more complicated and advanced command line tools that accept advanced operators and more!

We hope the above information helps you to zero-in on the right port scanner for your network.