TCP Port Scanner
Scan the 20 most common TCP ports on a host to check which services are publicly reachable from the internet. Results show open ports, associated services, and security recommendations. Only scan hosts you own or have explicit written permission to test.
⚠ Authorised use only. Port scanning systems you do not own may be illegal in your jurisdiction. This tool scans from our server - Only submit hosts you control or have explicit permission to scan.
Common Ports Reference
This scanner checks the 20 most commonly used TCP ports. Here is what each one is used for and the security considerations for each:
| Port | Service | Description | Security Risk |
|---|---|---|---|
21 | FTP | File Transfer Protocol - Unencrypted file transfer. | High |
22 | SSH | Secure Shell - Encrypted remote login and command execution. | Medium |
23 | Telnet | Unencrypted remote terminal protocol. Obsolete. | Critical |
25 | SMTP | Simple Mail Transfer Protocol - Outbound email relay. | Medium |
53 | DNS | Domain Name System - Resolves hostnames to IP addresses. | Low |
80 | HTTP | Unencrypted web traffic. Should redirect to HTTPS. | Medium |
110 | POP3 | Post Office Protocol - Download email from server. | Medium |
143 | IMAP | Internet Message Access Protocol - Email access. | Medium |
443 | HTTPS | Encrypted web traffic (TLS/SSL). Standard for all sites. | Low |
3306 | MySQL | MySQL database server. Should never be public-facing. | Critical |
3389 | RDP | Remote Desktop Protocol - Windows remote access. | Critical |
5432 | PostgreSQL | PostgreSQL database server. Should be firewalled. | High |
6379 | Redis | Redis in-memory data store. No auth by default. | Critical |
8080 | HTTP-Alt | Alternate HTTP port often used by dev servers or proxies. | Medium |
8443 | HTTPS-Alt | Alternate HTTPS port used by some management interfaces. | Low |
27017 | MongoDB | MongoDB database. Has a history of public exposure incidents. | Critical |
How This Tool Works
- The scanner attempts a TCP connection to each of the 20 most common ports.
- A successful connection indicates the port is open and accepting connections from our server.
- A timeout or refused connection means the port is closed or filtered by a firewall.
- UDP ports are not scanned - TCP only.
- Results reflect the view from our servers, not your local network.
- Rate limited to 10 scans per hour to prevent abuse.