The Reverse Port Scan

Have you ever wanted to know which outbound ports are open in your school’s/workplace’s firewall? I know I have. And it always frustrated me that finding out seems like an impossible task. And it isn’t really that odd, either, as you would need a host listening on every single port from 1 to 65535 that you could attempt to connect to in order to find out if the firewall would let you through. Well, I’ve come up with a solution.

In an attempt to find out which outbound ports are open in my university’s firewall, I developed a small test suite consisting of 2 PHP scripts – a client and a server. The server script must be run on a host that has pretty much unrestricted access to the Internet. If you’re running it at home, on a host behind a NAT router, I recommend configuring it as the “DMZ host” on the router, as that basically forwards all ports to it.

The suite then works by having the client send a request to the server to open a specific port range to be tested. The client then attempts to connect to these, and when done, it requests the next range, until every port is tested. The server may discover that it is unable to open certain ports due to other services running on the host, and the client will be notified. These will show up as “Untested ports” in the test results.

Please take a look at each file in your favorite text editor – there are a few settings you probably need to adjust, including the server host name, last port to test and such.

Download here

Note: You will need the PHP interpreter to run the scripts. You can get a Windows build here. Also, you must enable the Sockets and cURL extensions for it to work.

Tip: If you have a dynamic IP address on your Internet connection, you can use services such as No-IP to get a dynamic DNS domain that always points home.

Warning: I made no attempts to implement any sort of security into this test suite, so you shouldn’t leave it running for any longer than absolutely necessary, nor can I recommend permanently having your computer as “DMZ host”.

Update: To test single ports without having to set up your own server, you can use http://portquiz.positon.org/

Introduction

Hi!

I haven’t made any real posts yet, so I thought I might as well tell a bit about myself. I am currently 21 (but will turn 22 on March 4), and I recently enrolled in the Aarhus School of Engineering to study electrical engineering. I hope to one day work with signal processing, possibly in the professional audio equipment industry.

As you might have guessed, I have a passion for electonics and programming. It most likely stems from my childhood of playing video games. Computers have always intrigued me, and I’ve always been interested in what makes them tick. My first programming experience was BASIC on the Commodore 64. Since then, I got into web development and my primary programming language at the moment is probably PHP. My interest in web development led to the creation of SMW Central, a Super Mario World hacking resource which has grown quite a lot since its inception. Smallhacker also played a big part in its success.

I used to have a small electronics kit with a few lamps and LEDs that you could make light up, and as interesting as that was when I was little, it quickly died out due to the fact that you need a good amount of knowledge to be able to build anything meaningful. I was reminded of how much fun I had with electronics during my last year of high school, where I took a course about it. You can see some of the projects and tests I worked with on my YouTube channel.

I’m not really working on anything interesting at the moment, but I will definitely write about it here once I am. Until then!

First!

So yeah, I’ve had this domain for quite a while now. Smallhacker and I wanted to set up a bloggish site together a long time ago, but it never really got anywhere. Now, we decided to give it another go using WordPress. We still have a lot of stuff to set up, though, like a proper theme.

In case you might be wondering what kind of content you’ll see here, I can tell you that we don’t really know, either. Most likely, we will post about computers, technology, programming, rants, personal endeavors and other random (un)creative things.

See you around.