How to Use the Port Scanner in Mac OS X Network Utility
Mac OS X comes with a bundled port scanner tool, just one of a variety of features tucked into the ever useful Network Utility app. That means you don’t need to bother with the command line or install more advanced tools like nmap to quickly scan for open ports on a given IP or domain, instead you can do it all through the friendly graphical interface. Despite being a fairly advanced utility, it’s actually very easy to use.
Quick sidenote: remember that newer releases of Mac OS X have relocated Network Utility to be buried in a system folder, that doesn’t mean it can’t be used, it just means you have to either make an alias, launch it from Spotlight, or get to it from System Info. For the purpose of this walkthrough we’ll use Spotlight to launch Network Utility and start the scan since it’s the easiest and quickest route, though if you plan on using the tool often you’ll probably want to make an alias yourself. OK, let’s jump right to scanning ports.
How to Scan Ports on an IP or Domain from Mac OS X
You can choose any local or remote IP to scan, if you’re solitary on a network (or even air gapped) and still want to try this out yourself, use the loopback IP of “127.0.0.1” as the target:
- Hit Command+Spacebar to summon Spotlight and type “Network Utility” followed by the return key to launch the Network Utility app
- Select the “Port Scan” tab
- Enter the IP or domain name you wish to scan for open ports and choose “scan”
- Optional, but not necessarily recommended, you can set a port range to scan between if you just want to search for a specific set of active services
127.0.0.1 or “localhost” will just check the local Mac for open ports, if you’re new to port scanning that may be the preferred way to go since most reasonably well secured remote domains reject incoming requests or don’t respond to them.
Let the Port Scan tool run and you will quickly start to see any open TCP ports and their traditionally identified usage. For example, you may see something like this if you scan localhost (127.0.0.1):
Port Scan has started…
Port Scanning host: 127.0.0.1
Open TCP Port: 22 ssh
Open TCP Port: 80 http
Open TCP Port: 88 kerberos
Open TCP Port: 445 microsoft-ds
Open TCP Port: 548 afpovertcp
Open TCP Port: 631 ipp
Open TCP Port: 3689 daap
Visible ports are going to differ per machine depending on what services and servers are available, but if you’re scanning Macs and PC’s you’ll commonly find web servers, SMB Windows sharing port 445, AFP Apple File Sharing on port 548, maybe active visible SSH server on 22, UDP servers, and potentially a wide variety of others. The port scan will go quite high as it scans, so just let it run if you want to see everything.
If you see absolutely nothing come up but you know an IP is active with open services, either the machine isn’t broadcasting, the recipient machine is rejecting all requests, or perhaps a strong firewall is configured. This makes Network Utility’s port scanner an excellent way to quickly check security and test out potential vulnerabilities or active services on neighboring Macs, iOS devices, Windows, Linux machines, and whatever other computers are getting scanned.
Network Utility is obviously limited to the Mac, and while there are no built-in tools on the iOS side of things, it is possible to perform port scanning from an iPhone and iPad with the fing app a free tool that is very handy addition to the advanced iOS users toolkit.
is it harmful to open all port?
No. It’s a good idea to let the computer air out occasionally – I open all my ports every Friday.
hahaha!
Im very worried but clueless, is this something to be concerned about? help knowledgeable people :)
Open TCP Port: 23 telnet
Open TCP Port: 80 http
Open TCP Port: 110 pop3
Open TCP Port: 139 netbios-ssn
Open TCP Port: 143 imap
Open TCP Port: 443 https
Open TCP Port: 445 microsoft-ds
Open TCP Port: 993 imaps
Open TCP Port: 995 pop3s
Open TCP Port: 5431 park-agent
Open TCP Port: 5916
Open TCP Port: 44401
Open TCP Port: 55676
Port Scan has completed…
Hi Paul, thanks for the article. I have a question : Does this mean that I could choose anyother port not listed and use it for something else ? I think it means all port listed are being used but just in case. Does it mean all port listed are free ?
Unlisted ports are free at the moment but other apps may use them when in use (for example, launching Apache server would use 80). Therefore it’s best to pick a port for use that is far out of range of conflict with any of the usual ports in use by apps and services.
Yesterday we were blocked from our domain emails, and our server people told us that our IP address had been blocked because (*Port Scan* detected from our IP address. 11 hits in the last 165 seconds)
What does this mean? I have read up a bit on Port Scanning overnight? Is this anything we should be worried about from a security point of view?
“Sounds to me like Security by Obscurity.
Hide the traffic in plains site but on a port no one would think of… ” ?
I’m new to this Port business so am displaying my ignorance by asking – Why UDP isn’t included in the open port scan?
Michael, you have to open the port on your firewall and your router. The latter can be easy or complex fepneodjh on brand of the router manufacturer
How do I open a port,say, for an online game requirement or a virtual world?
On osxdaily.com, whenever I click on the “Desktop” version below, it just takes me back to the homepage as the desktop version, never the article. How do I change this.
You shouldn’t be seeing the mobile site unless you are on an iPhone or Android, in which case tapping on the desktop or mobile version should toggle the appropriate site view. Can you take a screenshot of what you seeing and send it to us osxdailycom@gmail.com ?
Curiously, when I test my own IP, it shows that 21 – ftp is open, even without file sharing turned on and 21 is not open on my airport extreme . . . Any ideas on how to close this loop, if it indeed needs closing? Thx.
Check which apps you have running when you port scan, it’s possible that one has enabled an FTP server. You can also check what system services you have enabled in the Sharing preference panel.
What version of OS X is on the Mac? FWIW, modern versions of OS X will enable SFTP (not FTP) as a component of Remote Login, but that would usually be on port 22.
I too have port 21 associated with FTP. No sharing is turned on. In activity monitor I see that a process called Pacemaker is associated with Port 21.
Any thoughts?
Pacemaker is part of the system clock function, it keeps the clock on schedule by periodically checking time against Apple servers. Interesting that it’s on port 21, perhaps because FTP is no longer in use?
You can read more about the pacemaker process: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/pacemaker.8.html
Ok, but why does it is shown as associated with FTP? (I’m on OS 10.9.3)
Sounds to me like Security by Obscurity.
Hide the traffic in plains site but on a port no one would think of…
Thanks, Paul. I’m on 10.8.5 and I’ll check the application list when I run it again. FWIW, I was scanning a domain I own via dyn.com so maybe they run their ip updater client through 21.