The Complete Guide to PortQry and Port Scanning Tools: 2025 Edition
Last updated: September 8, 2025
Introduction – Changes Since 2020
Between 2020 and 2025, Windows network diagnostic tools have evolved significantly. While PortQry remains a valid tool, modern operating systems like Windows 11 and Windows Server 2025 now offer robust built-in features, such as PowerShell’s Test-NetConnection, enabling faster and more efficient port scanning.
This article provides the latest information on PortQry, along with a detailed explanation of modern alternative tools and security best practices.
1. The Current State of PortQry (2025 Edition)
1.1 Latest Version Information
PortQry v2.0 was last updated on July 15, 2024, and currently runs on the following environments:
- Supported OS: Windows 2000 and later (including Windows 11/Windows Server 2025)
- Download: Microsoft Official Download Center
- GUI Version (PortQryUI): Available here
1.2 How to Use the Command-Line Version (Updated)
# Basic usage
cd C:\PortQryV2
portqry -n 192.168.1.1 -p tcp -e 443
# Check multiple ports
portqry -n example.com -p tcp -r 80:443
# Check a UDP port
portqry -n 192.168.1.1 -p udp -e 53
# Service-specific query (e.g., LDAP)
portqry -n domaincontroller.local -e 389 -p tcp
# Get detailed information (RPC)
portqry -n server.local -e 135 -p tcp
1.3 Interpreting Port Status
PortQry returns three statuses:
- LISTENING: The port is open, and a service is responding.
- NOT LISTENING: The port is closed (a clear rejection response was received).
- FILTERED: No response was received (possibly filtered by a firewall).
1.4 Features of the GUI Version (PortQryUI)
PortQryUI is still available and provides the following predefined service sets:
- Domains and Trusts: Active Directory services
- Exchange Server: Mail server-related ports
- SQL Server: Database-related ports
- Web Service: HTTP/HTTPS
- NetBIOS: File sharing-related
2. Alternative Methods Using Standard Windows Tools (Recommended)
2.1 Test-NetConnection (PowerShell 5.0 and later)
This is the most convenient tool available on Windows 8.1 and later.
# Basic connection test
Test-NetConnection google.com
# Test a specific port
Test-NetConnection -ComputerName example.com -Port 443
# Display detailed information
Test-NetConnection -ComputerName 192.168.1.1 -Port 3389 -InformationLevel Detailed
# Using an alias (short form)
tnc example.com -Port 80
# Test common service ports
Test-NetConnection -ComputerName server.local -CommonTCPPort HTTP
Test-NetConnection -ComputerName server.local -CommonTCPPort RDP
Test-NetConnection -ComputerName server.local -CommonTCPPort SMB
# Scan multiple ports (script)
$ports = 80,443,3389,445
$ports | ForEach-Object {
$result = Test-NetConnection -ComputerName server.local -Port $_ -WarningAction SilentlyContinue
if ($result.TcpTestSucceeded) {
Write-Host "Port $_ is open" -ForegroundColor Green
} else {
Write-Host "Port $_ is closed or filtered" -ForegroundColor Red
}
}
2.2 Test-Connection (PowerShell 7+)
In PowerShell 7, TCP port connection testing has been added:
# TCP connection test (PowerShell 7 and later)
Test-Connection bing.com -TCPPort 443 -Count 4
# Perform a traceroute
Test-Connection google.com -Traceroute
# Detailed TCP connection test
Test-Connection server.local -TCPPort 445 -Detailed
2.3 Get-NetTCPConnection (Check Local Ports)
# Check for locally listening ports
Get-NetTCPConnection -State Listen | `
Select-Object LocalAddress,LocalPort | `
Sort-Object -Property LocalPort | `
Format-Table
# Get details for a specific port
Get-NetTCPConnection -LocalPort 445 | Format-List *
# Display with process information
Get-NetTCPConnection -State Listen | `
Select-Object LocalPort, OwningProcess, @{
Name="Process";
Expression={(Get-Process -Id $_.OwningProcess).Name}
} | Format-Table
2.4 Fast Port Scanning Script
# Fast scan using asynchronous operations
function Fast-PortScan {
param(
[string]$Target,
[int[]]$Ports = @(21,22,23,25,53,80,110,143,443,445,3389,8080)
)
$jobs = @()
foreach ($port in $Ports) {
$jobs += Start-Job -ScriptBlock {
param($t, $p)
$tcp = New-Object System.Net.Sockets.TcpClient
try {
$result = $tcp.BeginConnect($t, $p, $null, $null)
$wait = $result.AsyncWaitHandle.WaitOne(1000, $false)
if ($wait -and $tcp.Connected) {
return "$p:Open"
} else {
return "$p:Closed"
}
} catch {
return "$p:Error"
} finally {
$tcp.Close()
}
} -ArgumentList $Target, $port
}
$results = $jobs | Wait-Job | Receive-Job
$jobs | Remove-Job
return $results
}
# Example usage
Fast-PortScan -Target "192.168.1.1" -Ports (80,443,22,3389)
3. Utilizing Third-Party Tools
3.1 Nmap (The Most Powerful Option)
As of 2025, Nmap remains the most comprehensive port scanner.
Installation:
- Download it from the official Nmap website.
- The Windows version includes the Npcap driver.
- The GUI version, Zenmap, is also included.
Basic Commands:
# Basic scan
nmap 192.168.1.0/24
# Scan specific ports
nmap -p 80,443 example.com
# Service version detection
nmap -sV example.com
# OS fingerprinting
nmap -O example.com
# Fast scan (top 100 ports)
nmap --top-ports 100 192.168.1.0/24
# UDP scan
nmap -sU -p 53,161 example.com
3.2 Other Recommended Tools
Advanced IP Scanner (Free, Windows-only)
- GUI-based and easy for beginners.
- Remote Desktop integration.
- MAC address detection feature.
Angry IP Scanner (Open-source, Cross-platform)
- Lightweight and fast.
- Plugin support.
- CSV export feature.
Masscan (Ultra-fast scanning)
- Up to 10 million packets/second.
- Designed for large-scale networks.
- Nmap-compatible output format.
4. Security Best Practices (2025 Edition)
4.1 Legal and Ethical Considerations for Port Scanning
⚠️ Important Note:
- Only scan networks that you manage.
- Always obtain permission from the administrator on corporate networks.
- Unauthorized scanning of third-party systems is illegal.
4.2 Security Enhancements in Windows 11/Server 2025
Recommended Settings:
# Check Windows Defender Firewall status
Get-NetFirewallProfile | Select Name, Enabled
# Block an unnecessary port
New-NetFirewallRule -DisplayName "Block Port 135" `
-Direction Inbound -Protocol TCP -LocalPort 135 -Action Block
# Set minimum SMB version (3.0 or higher recommended)
Set-SmbServerConfiguration -RequireSecuritySignature $true `
-EncryptData $true -Force
# Enable port auditing
auditpol /set /subcategory:"Filtering Platform Connection" /success:enable /failure:enable
4.3 Implementing Regular Audits
# Automated port audit script
$schedule = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Monday -At 3am
$action = New-ScheduledTaskAction -Execute "PowerShell.exe" `
-Argument "-File C:\Scripts\PortAudit.ps1"
Register-ScheduledTask -TaskName "Weekly Port Audit" `
-Trigger $schedule -Action $action -RunLevel Highest
5. Troubleshooting Guide
5.1 Common Problems and Solutions
Problem: Test-NetConnection is slow. Solution:
# Speed up by skipping the ICMP test
$tcp = New-Object System.Net.Sockets.TcpClient
$tcp.Connect("example.com", 443)
$tcp.Connected # True/False
$tcp.Close()
Problem: Cannot test UDP ports. Solution: Use PortQry or Nmap.
Problem: False positives from the firewall. Solution:
- Add a temporary exclusion rule.
- Use authenticated scanning.
- Adjust the scan speed gradually.
5.2 Performance Optimization
# Speed up with parallel processing
workflow Test-MultipleHosts {
param([string[]]$Hosts, [int]$Port)
foreach -parallel ($host in $Hosts) {
Test-NetConnection -ComputerName $host -Port $Port
}
}
# Example usage
Test-MultipleHosts -Hosts @("server1","server2","server3") -Port 443
6. Summary and Recommendations
Best Practices for 2025
- For routine checks: Use PowerShell’s
Test-NetConnection. - For detailed diagnostics: Use PortQry or Nmap.
- For large-scale scanning: Use Masscan or custom scripts.
- For GUI operations: Use PortQryUI, Zenmap, or Advanced IP Scanner.
Future Outlook
- Further PowerShell integration is expected in Windows 12 (planned).
- Proliferation of cloud-based port scanning services.
- Integration of AI/ML for anomaly detection.
Appendix: Common Port Number Reference
| Port | Protocol | Service |
|---|---|---|
| 22 | TCP | SSH |
| 53 | TCP/UDP | DNS |
| 80 | TCP | HTTP |
| 443 | TCP | HTTPS |
| 445 | TCP | SMB |
| 3389 | TCP | RDP |
| 5985 | TCP | WinRM HTTP |
| 5986 | TCP | WinRM HTTPS |
[Original 2020 Article Below]
The original 2020 article is preserved below to show how the landscape has evolved.
PortQry is a free tool provided by Microsoft that can perform port scans. You can find it with a web search. Some websites let you check the open status, and you can also check with the TELNET command. However, it only supports TCP, so if you want to check UDP, PortQry is recommended. Start a command prompt. An example of the command is shown below. First, navigate to the folder where the tool exists. Then enter the command. I think it’s enough to remember to change the IP address part.
cd C:\Users\minok\OneDrive - ja\PortQryV2
portqry -n 132.145.170.16 -p tcp -e 443
You can check the UDP port by changing tcp to udp.
Next, I will introduce the GUI version. You can download it from the site below. https://www.microsoft.com/en-us/download/details.aspx?id=24009
When you extract the downloaded file, there are several files, but let’s run portqueryui.exe.
