PORTQRY - CMD

Overview

PortQry is a command-line utility that enables you to query the state of TCP and UDP ports to verify the availability and responsiveness of network services. It provides a method for identifying listening services or filtering rules that permit or block traffic. This tool is vital for network administrators and security professionals who need to diagnose service-related issues or audit network security in Windows environments.

Syntax

The basic syntax for using PortQry is as follows:

portqry -n [destination] -p [protocol] -e [port]
  • -n: Specifies the IP address or hostname of the destination.
  • -p: Defines the protocol (TCP, UDP).
  • -e: Sets the port number to query.

More complex syntax includes:

portqry -n [destination] -p [protocol] -r [port range] -o [ports] -l [logfile] -s [source address]
  • -r [port range]: Specifies a range of ports to query.
  • -o [ports]: Lists specific ports to query.
  • -l [logfile]: Directs the output to a specified logfile.
  • -s [source address]: Uses a specific source IP address to send queries.

Options/Flags

  • -n [destination]: Mandatory. IP or hostname to check.
  • -p [protocol]: Selects the protocol (TCP or UDP). Defaults to TCP if not specified.
  • -e [port], -r [port range], -o [ports]: Different options to specify ports/port ranges for querying.
  • -l [logfile]: Optional. Outputs results to a logfile.
  • -s [source address]: Optional. Specifies a different source address for sending queries.
  • -q: Quiet mode; suppresses most output.
  • -verbose: Provides detailed information for debugging.

Examples

  • Query a specific port on a remote server: 
    portqry -n 192.168.1.1 -p tcp -e 80
  • Check a range of ports: 
    portqry -n example.com -p tcp -r 445-452
  • Log output to a file: 
    portqry -n example.com -p udp -e 53 -l querylog.txt

Common Issues

  • Firewalls and Interference: Firewalls may block the outgoing PortQry traffic, resulting in misleading results. Ensure firewall settings allow PortQry traffic.
  • Incorrect Parameters: Errors in entering the hostname, IP address, or port(s) can lead to failed queries. Double-check all input.
  • Network Latency: High network latency might lead to timeouts. Consider adjusting network settings or retesting during off-peak hours.

Integration

Integrate PortQry with batch scripts for automated monitoring:

FOR %%P IN (80, 443, 8080) DO portqry -n website.com -e %%P >> status.txt

Combine with find to filter specific responses:

portqry -n 192.168.1.1 -p tcp -r 1-100 | find "LISTENING" > open_ports.txt
  • ping: Verifies IP-level connectivity.
  • tracert: Traces route packets take to a network host.
  • netstat: Displays network connections and listening ports.

Further reading and resources for PortQry can be found on the Microsoft Documentation page and included in Windows resource kits or external downloads from Microsoft sites.

By using a combination of these commands and tools, you can achieve a comprehensive understanding and diagnostic capability for your network environments.