Computer Network Cables

How to ping a specific port on Linux and Windows

Computer Network Cables

The ping command is one of the base commands while working with computer networks.

This simple command is mainly used in its simplest form, without added options, just with a hostname or an IP address. This is normally the easiest way to check if two devices are reachable in a network. But what if we want to ping an address on a specific port?

The first thing a Mac or Linux user would do is consult the man page for the ping command. From there you’d expect to find some documentation and eventually the right syntax to specify a custom port.

You’ll be disappointed, as there’s no indication on the ping man page about that.

As we’ll see, there’s no way to ping a specific port. There’s also a reason for this, keep reading to discover it and see some simple alternatives you have.

How does the ping command work

The ping command uses the ICMP protocol, and its purpose is generally to test the connectivity between two network devices.

When we launch the ping command from a device to a remote host, an ICMP packet is sent through the network to the destination. If there’s network connectivity between the two, and the destination host is not explicitly blocking the ICMP protocol, the destination will send back an ICMP echo reply to confirm.

The source device will know if there’s connectivity based on receiving or not the ICMP echo reply.

For example, we can check the connectivity with the google server by launching the following command in a terminal window:

ping google.com

Why you can’t specify a port on the ping command

The ping tool uses the standard ICMP echo protocol, and its purpose is to check the connectivity between two hosts. ICMP is a Layer3 (network) protocol, while ports belong to transport layer protocols (layer 4), so there’s no concept of them in it.

When we want to ping a specific port we usually want to test if a specific service is reachable on the target host, and this is a different thing from checking connectivity on the network level.

How to ping a specific port?

We said that the ping command doesn’t allow us to specify a port, and that usually when we need to do it, we need to check if a service is active on the destination host. So what should we do now?

Let’s see some alternatives we can use to perform this apparently simple task.

Using telnet to test a specific port

The most common alternative, probably because it’s included by default in most operating systems, is the telnet command.

The telnet client is included in the windows command prompt, in most Linux distributions, and can be easily installed in macOS.

With telnet, you can easily open a connection to an IP address or a hostname, and you can specify the remote port to connect to.

The syntax for a simple connection with telnet is the following one:

telnet <destination ip/hostname> <port number>

For example, in my network, I have a router with IP address 10.24.1.1. I can check that the web configuration interface is reachable on the destination port 80 with the following:

telnet 10.24.1.1 80
Output For Telnet On Ubuntu

The “Connected to 10.24.1.1.” message will confirm that I’ve been able to successfully connect to the router.

To close the connection you have to use the key combination <Ctrl> + ]. Once you pressed the escape combination, you can press q and then the enter key to close the connection.

If you have a Linux system like Ubuntu and you get a “command not found” error, you can install the telnet utility with:

sudo apt-get install telnet

If you’re on windows and get a command not found error, then you probably have to activate it by going to the control panel, then into “Programs and Features”, “Turn Windows features on or off”, select “telnet Client” and click on OK to confirm. It could also be necessary to restart the command prompt to enable the new tool.

Testing a port with nc (netcat)

Another useful tool you can use to determine if you can connect to a remote port is nc (netcat).

This tool is available on Unix systems like Linux and mac OS.

To make the test, we will use the -v option for verbose output, and the -z for scanning mode.

For example, we can test if we can reach the google’s server on the default port 80:

nc -vz googlecom 80

The tool will test the remote server at the target port, and we’ll have an output like the following one.

Output For Netcat Command

Unlike the telnet command, netcat tests only if you can open a connection. If the remote system port number is unreachable we will get a “Connection refused” error.

If you get a “command not found” error on Linux, you can install Netcat from the repositories:

sudo apt-get install netcat

Check a port using nmap

Another way to test a remote system port number is by using the nmap command.

Nmap allows us to scan a range of numbers, and eventually do it on more than a single remote host. This is why Nmap can be seen as a malicious port scan tool.

The official nmap documentation on their website starts with a long disclaimer about the use of a port scanner and its legal implication. You can find it on Nmap.org website here. I recommend using this tool on a target remote server you have control of, and assume that you read the article about potential legal issues before using it.

Nmap uses the -p option to specify a target port, a list, or a port range. You can for example make a list of common ports used for various services.

Nmap is more advanced than the simple telnet command, as you can scan different protocols and different remote systems ports for each protocol.

This last feature is achieved by combining the protocol with port numbers in the -p option. You can use for example T: for TCP and U: For UDP to scan tcp port 80 and UDP port 8765 by combining them in -p T:80,U:8765.

For more details about the scanning functions of Nmap you can read the -p option reference page.

To scan a single service on a single host you can use the following syntax:

nmap -p <port number> <ip or domain>

As always, if Nmap is not installed in your Linux system and you get the command not found error message, you can install it with apt:

sudo apt-get install nmap

Testing a remote system port number in Windows with Windows PowerShell

If you need to test a port in Windows, many of the preceding solutions are not available on your operating system.

There’s, however, a tool you can use on your PowerShell. It’s called Test-NetConnection, and it allows to specify the remote system port number with the -p option.

The basic syntax to use the Test-NetConnection tool is simple:

Test-NetConnection <IP address> -p <port number>

We can try to test google’s host at port 80 again by executing the following command in a PowerShell window:

Test-NetConnection google.com -p 80

The output will be similar to the following one: 

Output For Test Net Connection Powershell

The last row TcpTestSucceded : True will confirm that our test went well.

Conclusions

As we saw, there are valid alternatives to echo ping messages to verify if a service is reachable on a remote host.

There are for sure other alternatives, like using a 3rd party tool or in some situations using the curl command, but these are the most common ways to ping a specific port on Linux, Windows, and macOS.