written by: Lee Clemmer•edited by: Bill Bunter•updated: 5/5/2010
Port scanners are key tools for network and systems security professionals. Fortunately, the best of these are free and/or Open Source. This article examines and compares the top five free port scanners available. If you don't already have at least one in your kit, get one of these ASAP.
slide 1 of 4
What Makes a Great Port Scanner?
Speed, flexibility, and accuracy are the important factors in determining the quality of a port scanning program. Port scanners often need to use "stealth" to pass through firewalls or elude Intrusion Detection and Prevention Systems (IDS / IPS). As firewalls and Intrusion Detection & Prevention techniques have improved, so have the best port scanning tools. Sometimes, you just need to run a port scan--and if you don't have access to your regular tools or no way to install them, what to do? A couple of tests are hosted on web sites and can be run from anywhere you have web access. These web based port scans also can be handy to check firewall rules.
slide 2 of 4
The Top 5
1. Nmap is, in my opinion, the best port scanning program out there. Nmap can rapidly sweep large networks, and can be configured to test in various ways to bypass firewalls, Intrusion Detection Systems, or other security measures. Nmap is a command line tool, and there is more of a learning curve involved than with any of the others on this list. It's worth it to have the power and flexibility Nmap offers.
2. Shields Up! is a web-based port scanning tool. GRC offers Shields Up! for testing exposure to the Internet of common ports, file sharing, or custom ports. Browser Header and Windows Messenger leak tests are also offered. It's included in this list because it's fast and only takes a couple of mouse clicks to run a test.
3. WhatsMyIP.org has a set of port scanning tools available, distinguishing games, applications, and P2P ports in use, as well as a custom test for a particular port. This tool of course requires web access, and since the testing is done remotely by their system, it can be handy to see what ports are open on the outside of your firewall.
4. SuperScan 4.0 by Foundstone is a Windows 2000 / XP GUI based scanner that has additional tools such as whois, name lookups, and service enumeration. It's very fast, and the additional tools available in one interface make it a useful addition to your security toolkit.
5. Advanced Port Scanner by Radmin is another Windows application, very similar to FreePortScanner. It's small, fast, and like the others on the list, it's free. The GUI is straightforward, but on the other hand this scanner does not have nearly the number of options as Nmap, nor the extras found in SuperScan.
slide 3 of 4
For More Information
If you don't have web access or need to test non-Internet accessible systems, obviously Shields Up! and WhatsMyIP.org won't work. If you're more of a command line person you'll probably prefer Nmap. If you're a die-hard GUI lover SuperScan 4.0 or AdvancedPortScanner will likely be your favorite.