10 Replies Latest reply: Jul 7, 2015 11:49 PM by 7Seers
matiaspg Level 1 Level 1
What's up everybody,

Does anyobody know how to check if a port is open? (tcp/udp)



Mac OS X (10.6.5)
  • Niel Level 10 Level 10
    Use the Network Utility in the /Applications/Utilities/ folder to scan for open ports.

  • matiaspg Level 1 Level 1
    isn't there another way?

    would be better if there was a program..


  • MrHoffman Level 6 Level 6
    Mac OS X
    Network Utility is a program, no?

    Other options include downloading and building nmap, which can be quite useful.

    Or +sudo lsof -i+ might possibly be of use?
  • jackienickz Level 1 Level 1
    Do you mean local or outbound ports? http://tcpip.icannotconnect.com can check if you can connect to outbound ports, like ftp, telnet , mail etc... But if you want to check locally bound ports try http://www.yougetsignal.com/tools/open-ports/
  • MrHoffman Level 6 Level 6
    Mac OS X
    Welcome to the forums.

    Common Mac OS X tools used here include Network Utility, lsof, and telnet and ping, and dns-sd and ping for Bonjour and mDNS, depending on details are sought.

    (With the Windows entries from your footer, various of these tools and equivalents are what can be obtained by loading Cygwin or by loading Microsoft's SUA/SFU tools, and with some add-ons. PowerShell might or does have analogs here, but the old MS-DOS shell was pretty limited in what diagnostics were available without additions. There was telnet and ping, but some other bits were missing.)

    Add-on tools include nmap. (nmap is a fairly gonzo-useful tool for this sort of thing.)

    telnet works nicely for brute-force port tests on the LAN.

    And FWIW, if those public web site tools do work and if you're on your own LAN, then definitely also consider checking the settings of and consider upgrading the LAN security. Those tools and those web sites should be blocked by default by the firewall or the gateway device found on most any LAN; whether that's a low-end NAT device, a server-grade firewall, or otherwise.
  • ProtocolGeek Level 1 Level 1
    If you're trying to figure out whether your client machine is being blocked in the outbound direction (client to Internet) by something like your home firewall, or your ISP, then try http://www.firebind.com.

    Firebind is the only tool on the Internet that can test any of the 65535 TCP or UDP ports in the outbound direction. If you want, you can test the entire TCP and UDP range.

    Firebind is sometimes confused with tools like yougetsignal.com, canyouseeme.org, and grc.com which are meant to test inbound connections (from Internet to client machine), usually to validate whether a user has set up their port forwarding rules in their firewall correctly. Other tools like NMAP are port scanners which are designed to probe for open ports on a target machine using a specific IP address. A port scanner is only useful to test a single IP address for vulnerabilities and doesn't help a user determine whether their path to the Internet is being blocked.

  • avp3000 Level 1 Level 1

    I was looking for the same thing and I found this artile by Applie, which helped me:



  • MrHoffman Level 6 Level 6
    Mac OS X

    avp3000 wrote:


    I was looking for the same thing and I found this artile by Applie, which helped me:




    FWIW, this is the utility that was referenced earlier in the thread.


    In OS X 10.9, the Network Utility app is still around, but it's been hidden away.  To quicky find it in Mavericks, use Spotlight search and enter Network Utility in the search box.

  • RShafer Level 1 Level 1

    The "wording" for the Port Scan part of Network Utility seems to apply that it is scanning for TCP port status (and not UDP).  Is this actually the case?  I'm trying to diagnose if my L2TP VPN service on my OS X Server machine is open for business, and nothing is showing with Network Utility.  (The PPTP port, which is TCP, as opposed to L2TP's UDP connection, shows up just fine.)


    If something like nmap is the answer, then I'll need some handholding on where to find it / run it (I expect via Terminal, which by itself is not too daunting, but at the moment "man nmap" doesn't bring up anything.

  • 7Seers Level 1 Level 1

    Even this post is rather old, but it still comes up with the search results so I would like to reply a solution to the question.


    You can open the Terminal in Mac (type terminal on Spotlight) and then use NetCat command by typing like a sample below to test your specific port like this replacing 1xx with your target IP address, then the port to check.


    >nc -vnzu 1xx.xxx.xxx.xxx 53


    or if you want to check a range of ports for example from port 1 to 53, just type


    >nc -vnzu 1xx.xxx.xxx.xxx 1-53


    NetCat is already a built-in command in Mac so no need to install anything.

    Hope this helps.