PortQry(포트쿼리) 도구를 사용하여 TCP, UDP 포트의 상태를 확인할 수 있습니다. Command Line Tool 인 PortQry 프로세스와 아래 그림에서 볼 수 있듯이 PortQueryUI 두 가지 환경을 제공하고 있습니다. 사실상 차이점은 없습니다. 다만 UI 를 사용할 경우 주요 서비스에 대한 템플릿을 활용할 수 있기 때문에 편리합니다.
해당 포트가 수신중인지? 수신중이지 않은지? 혹은 필터링 되었는지 툴을 사용하여 쉽게 확인이 가능합니다.
참고자료 링크에 Port Query 를 다운로드 받을 수 있는 경로를 기록해 두었습니다.
192.168.0.200 IP를 가진 Domain Controller 에 Domains and Trusts 와 관련된 포트를 점검하기 위해 포트 쿼리를 수행한 결과입니다. 아래 결과는 정상적인 경우입니다.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 135 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 135 (epmap service): LISTENING
Total endpoints found: 107
==== End of RPC Endpoint Mapper query response ====
portqry.exe -n 192.168.0.200 -e 135 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 389 -p BOTH ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 389 (ldap service): LISTENING
Using ephemeral source port
Sending LDAP query to TCP port 389...
LDAP query response:
======== End of LDAP query response ========
UDP port 389 (unknown service): LISTENING or FILTERED
Using ephemeral source port
Sending LDAP query to UDP port 389...
LDAP query response:
======== End of LDAP query response ========
UDP port 389 is LISTENING
portqry.exe -n 192.168.0.200 -e 389 -p BOTH exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 636 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 636 (ldaps service): LISTENING
portqry.exe -n 192.168.0.200 -e 636 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 3268 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 3268 (unknown service): LISTENING
Using ephemeral source port
Sending LDAP query to TCP port 3268...
LDAP query response:
======== End of LDAP query response ========
portqry.exe -n 192.168.0.200 -e 3268 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 3269 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 3269 (unknown service): LISTENING
portqry.exe -n 192.168.0.200 -e 3269 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 53 -p BOTH ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 53 (domain service): LISTENING
UDP port 53 (domain service): LISTENING
portqry.exe -n 192.168.0.200 -e 53 -p BOTH exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 88 -p BOTH ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 88 (kerberos service): LISTENING
UDP port 88 (kerberos service): LISTENING or FILTERED
portqry.exe -n 192.168.0.200 -e 88 -p BOTH exits with return code 0x00000002.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 445 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 445 (microsoft-ds service): LISTENING
portqry.exe -n 192.168.0.200 -e 445 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 137 -p UDP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
UDP port 137 (netbios-ns service): LISTENING or FILTERED
Using ephemeral source port
Attempting NETBIOS adapter status query to UDP port 137...
Server's response: MAC address 000bcdc553e7
UDP port: LISTENING
portqry.exe -n 192.168.0.200 -e 137 -p UDP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 138 -p UDP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
UDP port 138 (netbios-dgm service): LISTENING or FILTERED
portqry.exe -n 192.168.0.200 -e 138 -p UDP exits with return code 0x00000002.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 139 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 139 (netbios-ssn service): LISTENING
portqry.exe -n 192.168.0.200 -e 139 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 192.168.0.200 -e 42 -p TCP ...
Querying target system called:
192.168.0.200
Attempting to resolve IP address to a name...
IP address resolved to LAIGODC02
querying...
TCP port 42 (nameserver service): LISTENING
portqry.exe -n 192.168.0.200 -e 42 -p TCP exits with return code 0x00000000.
[참고자료]
PortQry Command Line Port Scanner Version 2.0
PortQryUI - User Interface for the PortQry Command Line Port Scanner
http://www.microsoft.com/downloadS/details.aspx?familyid=8355E537-1EA6-4569-AABB-F248F4BD91D0&displaylang=en
작성자 : Lai Go / 작성일자 : 2009.05.30
작성자 : Lai Go / 작성일자 : 2009.05.30
