The Internet Protocol Suite (TCP/IP) uses two reference components, an address and a port number, to ensure that network communications are sent to and received by the proper servers and applications. For security and performance reasons it is often helpful to know if a server is monitoring a specific port.

The IP address is made up of four sets of three numbers with values of 0 to 255 like this: ###.###.###.###. The IP address is analogous to a phone number. When a user wants to access a particular web server (or website), that user's web browser "dials" the "phone number."

There are two types of ports associated with IP addresses. Source ports are random numbers that servers assign to clients (like web browsers) to track user sessions. Destination ports identify particular applications on the server and are analogous to telephone extensions at a large corporation. For example, imagine the telephone number 1-970-555-1212 x 123. The first part of the number, 1-970-555-1212 takes you to the main switchboard at a large company and is similar in concept to an IP address. The extension number x 123, routes callers to a particular telephone within the corporation's network and is like a destination port.

There are hundreds of available ports, and many of these ports are familiar. Port 80 is used for HTTP applications. Port 443 is used for HTTPS. Port 20 is reserved for FTP Data, while Port 21 is used to access FRP controls.

What is Port Scanning

A port scanner is a program that will scan all known ports at a given IP address to determine if any programs on the server are monitoring that port. Port scanners have often been employed by hackers to find ways of exploiting vulnerable programs to gain unauthorized access, and so they are a little notorious. However, there are good reasons to have a port scanner, especially if you are a systems administrator or if you are testing one of your hosted applications for vulnerabilities or performance—is my site or application down?

To monitor ports, system administrators and web application developers can write a simple script that will loop through a list of machines that need to be monitored in order to make sure each program is accepting connections. The script should generally receive three kids of responses, (1) open or accepted; (2) closed or denied; and (3) blocked, meaning there was no reply from the server.

How to Port Scan in PHP

The following example takes an array of domain names and loops through them. While looping, fsockopen is used to determine whether the domain is accepting connections on a given port.

<?php
/**
* First, we declare an array of domains to check. Each array is for a domain that we want to check, and the port that we want to check.
* The third value is how long fsockopen should wait before timing out.
*/
$ports = array (
     array('www.google.com', 80, 30),
     array('www.google.com', 90, 30),
     array('www.yahoo.com', 80, 30),
     array('www.sitethatdoesnotexist.com', 80, 30)
);

/**
* Now we loop through the array and check each domain
*/

foreach ($ports as $port) {

/**
* fsockopen takes as arguments the domain name, the port, a variable to hold the error number and error string if an error should occur, and finally the timeout value.
*/

     $fp = @fsockopen($port[0], $port[1], $errno, $errstr, $port[2]);

/**
* If the resource returned by fsockopen is not set, then we report that the site is down and not taking connections
*/

     if (!$fp) {
          echo "{$port[0]}:{$port[1]} is down: $errstr ($errno)<br />\n";

/**
* Otherwise we report that the site is up
*/

     } else {
          echo "{$port[0]}:{$port[1]} is up<br/>\n";
     }
}
?>

Conclusion

When it is important that you immediately know when a website is down, having something like a port scanner at your disposal can be invaluable. Using a program like cron to automate your port scanner so that it runs every few minutes will ensure that you know quickly when there is a problem. Port scanning can also help you find security issues, like an open post that allows access to the server's operating system.

Resources

• IANA list of port numbers
• Emsisoft's article What is a port?
• PC Magazine's Definition of TCP/IP port
• Webopedia's Well-Know TCP Port Numbers
• The Linux Tutorial's article TCP/IP
• Port Scanning Techniques
• Network Probes Explained: Understanding Port Scans and Ping Sweeps from the Linux Journal
• The TCP/IP Guide
• Daryl's TCP/IP Primer