Is it possible to perform port scanning of the local host itself as another host?
Solution 1
The short answer is: no, you cannot see how your server looks from the outside by looking from the inside.
Long answer: As you wrote yourself, the scan from the outside is affected by the firewall, and possibly other intervening network components. In theory you could simulate that influence by way of a virtual network you set up on your VPS. But that's a lot of work and you'd have to know exactly what those components are and how they are configured. The only feasible approach is to find an external host from which you can do the scan.
Solution 2
If you don't have any firewall, you can run netstat -ln --inet --inet6
to list the listening sockets. This will show what listens to which interfaces.
Quick sample:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:5298 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:1080 0.0.0.0:* LISTEN
Here we see two types:
- Sockets listening to 0.0.0.0 (or :: if you have IPv6)
- Sockets listening to 127.0.0.1 (or ::1 on IPv6)
The first kind, listening to 0.0.0.0 or :: (any IP) will be available remotely, unless firewalled. Sockets listening only on localhost (127.0.0.1 or ::1) is only reachable via the loopback interface, and thus not remotely.
In addition, you can have sockets bound to a specific interface, in which case the IP of the interface will be shown in column 3, e.g. 192.168.8.1 - meaning they're accessible only on that interface.
This is not the same as a port scan, as it does not take firewall into account, but combined with reading firewall configuration it may be a good way to do the setup, and only verify via a portscan after you've configured firewall.
Related videos on Youtube
pa4080
I have a degree as a Mechanical Engineer and Doctor of Engineering Science as well. However, since I am self-educated at Computer Science and English language, please be tolerant at my mistakes and feel free to correct them when it is necessary. Actually my real name is Sраs Zdrаvkоv Sраsоv. In my birthplace Pacho is "short" for Spas. So the first two letters of my nickname - 'pa' - comes from there. Written in Bulgarian, the number '4' starts with the letter 'ч' that is pronounced as 'ch'. The number '0' looks like the letter 'o'. So we have 'pa40', and finally '80' is my birth year ;) This nickname originates from the time before ICQ and mIRC was modern. Create Digital Ocean account and get $100 in credit to use for 2 months just for signing up.
Updated on September 18, 2022Comments
-
pa4080 over 1 year
In other words I want to see how the server looks outside when I don't have access to another machine to scan it. Let me give an example:
Case 1: When I am SSH connected to my VPS, which is Ubuntu Server, the result of port scanning looks like:
[email protected]:~$ nmap -p 1-20000 77.77.77.70 Nmap scan report for 77.77.77.70 PORT STATE SERVICE 25/tcp open smtp 80/tcp open http 111/tcp open rpcbind 443/tcp open https 8142/tcp open unknown 11273/tcp open unknown 18142/tcp open unknown 18143/tcp open unknown 18144/tcp open unknown 18145/tcp open unknown 18146/tcp open unknown 18147/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 0.36 seconds
Case 2: When I perform the same command from my Ubuntu Desktop machine the result is filtered by the VPS’s firewall and it looks like:
user@Desktop:~$ sudo nmap -p 1-20000 77.77.77.70 Nmap scan report for 77.77.77.70 PORT STATE SERVICE 80/tcp open http 443/tcp open https 11273/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 4298.23 seconds
So, my question is: Is there a way to achieve a result as in 'Case 2' from the VPS itself? Using of
nmap
is not mandatory.-
2707974 about 7 yearsOnly to stop local service on VPS on port that use. To see witch process/application use witch port run command
netstat -atp
but you most be careful. Some service most work in local environment. -
pa4080 about 7 years@2707974 Apparently my question is unclear. I want to see how the server looks outside, whether it is VPS or physical server, when I don't have another machine to scan it.
-
2707974 about 7 yearsOnly to do scan from network, lan or wan. Only traffic from network go trough firewall rules ... BTW
mysql
must be running if you havehttp
server with somecms
.CMS
usetcp
sesion tomysql
daemon to connect to DB. That port must be open and you will see that if you run port scan from localhost. Only scan from other host can represent "how server look outside" -
pa4080 about 7 yearsYes the result of
[email protected]:~$ nmap -p 1-20000 localhost
contains andmysql
. Unfortunately, at the moment, it seems you are right :)
-