Home NT Commands
NT Syntax

PORTQRY (Download)

Port Query - Display the status of TCP and UDP ports, troubleshoot TCP/IP connectivity and security, return LDAP base query info, SMTP, POP3, IMAP4 status, enumerate SQL Server instances (UDP port 1434), Local ports, local services running (and the DLL modules loaded by each).

Portqry.exe can query a single port, a list of several ports, or a sequential range of port numbers.

Syntax

The 3 modes are listed below: Command line, Local and Interactive mode.

Command line mode:
  portqry -n name_to_query [-p protocol]
             [-e || -r || -o endpoint(s)]
                [other options]

Command line mode options:
	-n [name_to_query] IP address or name of system to query
	-p [protocol] TCP or UDP or BOTH (default is TCP)

	-e [endpoint] single port to query (valid range: 1-65535)
	-r [end point range] range of ports to query (start:end)
	-o [end point order] range of ports to query in an order (x,y,z)

	-l [logfile] output a log file
	-y overwrite existing log file without prompting
	-sp [source port] initial source port to use for query
	-sl 'slow link delay' waits longer for UDP replies from remote systems
	-nr by-passes default IP address-to-name resolution
            ignored unless an IP address is specified after -n
	-cn specifies SNMP community name for query
            ignored unless querying an SNMP port
            must be delimited with !
	-q 'quiet' operation runs with no output
           returns 0 if port is listening 		
           returns 1 if port is not listening
           returns 2 if port is listening or filtered


Local Mode:
Local Mode gives detailed data on local system's ports

 portqry -local [-wt seconds] [-l logfile] [-v]
 portqry -wpid pid [-wt seconds] [-l logfile] [-v]
 portqry -wport port [-wt seconds] [-l logfile] [-v]

Local mode options:
	-local Enumerate local port usage, port to process mapping,
	       service port usage, and list loaded modules

	-wport [port_number] Watch the specified port
	       report when the port's connection status changes

	-wpid [process_ID] Watch the specified process ID (PID)
	      report when the PID's connection status changes

	-wt [seconds] watch time option
	    specify how often to check for status changes
	    valid range: 1 - 1200 seconds (default = 60 secs)

	-l [logfile] Log file to create
	
	-v           Verbose output

Interactive Mode:
An alternative to command line mode

portqry -i [-options]

For help with -i run portqry.exe and then type 'help' <enter>

Examples

portqry -local
portqry -local -l MyLogFile.txt -v
portqry -wpid 1272 -wt 5 -l MyLogFile.txt -y -v
portqry -wport 53 -l dnslog.txt
portqry -n myserver.com -e 25
portqry -n 10.0.0.1 -e 53 -p UDP -i
portqry -n host1.dev.reskit.com -r 21:445
portqry -n 10.0.0.1 -o 25,445,1024 -p both -sp 53
portqry -n host2 -cn !my community name! -e 161 -p udp

Notes

PortQry runs on Windows 2000 and later systems For best results run local commands in the context of local administrator.
Port to process mapping may not be available on all systems.
Defaults: TCP, port 80, no log file, slow link delay off
Hit Ctrl-C to terminate prematurely.
Related Commands:

nslookup - Lookup IP addresses on a NameServer
WMIC PORTCONNECTOR - Access ports through WMI.
Q310099 - Description of PortQry
Q832919 - PortQry Version2
Q310456 - Use PortQry to Troubleshoot Active Directory Connectivity
Q310298 - Use PortQry to Troubleshoot MS Exchange

Equivalent Linux BASH commands:


Simon Sheppard
 SS64.com