{"id":172,"date":"2012-10-01T07:00:00","date_gmt":"2012-10-01T07:00:00","guid":{"rendered":"http:\/\/marcbook.local\/wds\/playground\/cybertrust\/2012\/10\/01\/microsofts-free-security-tools-portqry\/"},"modified":"2023-05-15T23:06:26","modified_gmt":"2023-05-16T06:06:26","slug":"microsofts-free-security-tools-portqry","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/","title":{"rendered":"Microsoft\u2019s Free Security Tools \u2013 Portqry"},"content":{"rendered":"

This article in our series focused on Microsoft\u2019s free security tools is on a tool called Portqry<\/strong>.\u00a0 This tool is a TCP\/IP connectivity test tool, port scanner, and local port monitor.\u00a0 Portqry is useful for troubleshooting networking issues as well as verifying network security related configurations.\u00a0 Because of this broad functionality, I have heard some Information Technology (IT) Professionals refer to this tool as a \u201cSwiss army knife\u201d of tools.<\/p>\n

I developed Portqry many years ago and released two versions.\u00a0 I originally developed this tool to help IT Professionals troubleshoot TCP\/IP networking issues.\u00a0 The port scanning functionality helps determine if a remote port is listening, not listening, or being filtered\/blocked.\u00a0 In 2001 when I released Portqry version 1 there were other network port scanners for Windows available, but most of them were only capable of scanning TCP ports.\u00a0 I didn\u2019t find TCP port scanners very useful because you could use the Telnet.exe utility built into Windows to determine if a TCP port was listening, without downloading and installing a third party tool.\u00a0 I really wanted to build a tool that also scanned UDP ports as this made it much more useful.\u00a0 Portqry version 1 supported port scanning for four UDP protocols that were central to troubleshooting Active Directory issues and related name resolution issues: Lightweight Directory Access Protocol (LDAP), Remote Procedure Calls (RPC), Domain Name System (DNS), and NetBIOS Name Service.\u00a0 For many IT Professionals who were tasked with deploying and managing the relatively new Microsoft Active Directory (at that time), Portqry 1.0 was very helpful.<\/p>\n

Another design goal I had in mind was to make Portqry as lightweight as possible.\u00a0 I didn\u2019t want to require it to be installed using an installer.\u00a0 Many of the customers I worked with had ridged change control processes that required a Change Control Board to approve new software before it could be installed on a system.\u00a0 For some customers their Change Control Board only approved changes once or twice per month.\u00a0 So I wanted to develop a tool that helped IT Professionals avoid this process if possible.\u00a0 Portqry is a single executable file that does not require the administrator to run an installer.\u00a0 Portqry.exe can simply be copied onto a system into any directory and be used immediately without any changes to the Windows registry or other dependencies that change a system\u2019s configuration.\u00a0 After use, Portqry.exe can simply be deleted, leaving the system in the same configuration state as before it was used.<\/p>\n

I also wanted Portqry to be small enough that it could be emailed to IT Professionals when necessary.\u00a0 This is another reason I avoided requiring an installer.\u00a0 Back in 2001 the maximum file size you could reliably send via email was 4 MB and I wanted to ensure Portqry was nowhere near that size.\u00a0 Portqry version 1 was 213K in size, which was tiny compared to tools that provide a graphical user interface.<\/p>\n

I have an interesting story to share regarding the file size of this tool.\u00a0 Shortly after the Blaster worm hit the Internet in 2003, I remember seeing the source code for one of its variants in an online magazine.\u00a0 The approach that the attackers took to keep the worm as small as possible was an epiphany to me.\u00a0 As a result, when I release Portqry version 2 later that year, I had added support for more than twice the number of UDP protocols that version 1 had, including Lightweight Directory Access Protocol (LDAP), Remote Procedure Calls (RPC), Domain Name System (DNS), NetBIOS Name Service, Simple Network Management Protocol (SNMP), Internet Security and Acceleration Server (ISA), SQL Server 2000 Named Instances, Trivial File Transfer Protocol (TFTP), Layer Two Tunneling Protocol (L2TP).\u00a0 Now Portqry could be used to troubleshoot Active Directory issues, name resolution issues, VPN connectivity issues, firewall issues and much many more types of networking problems.\u00a0 I also added support for local port to process mappings so that in addition to enabling port scanning of remote TCP and UDP ports, Portqry could also help troubleshoot network ports on the local system. I also added an interactive mode (portqry.exe \u2013i) to version 2 for IT Professionals that wanted a bit more of a working environment beyond the command line.\u00a0 After adding all this extra functionality to Portqry version 2, more than tripling its functionality, it was 143K in size.\u00a0 This is actually 70K smaller than version 1.\u00a0 I owe this efficiency to learning how attackers managed to keep their worms so small.<\/p>\n

I specifically designed Portqry to run on Windows operating systems that were supported at the time I released it, including Windows XP, Windows Server 2003, and Windows 2000.\u00a0 Portqry will also run on Windows Vista, Windows 7 and Windows 8, but with reduced functionality.\u00a0 Specifically, the local port to process mapping functionality (portqry.exe \u2013local) will be limited on these newer operating systems as seen in Figure 1.\u00a0 IT Professionals looking for this functionality on newer operating systems can use the \u201cnetstat.exe \u2013ano\u201d command that is built into Windows.\u00a0 Portqry is still a great lightweight port scanner regardless of what version of Windows you are running.<\/p>\n

This Knowledge Base article contains all the technical details you\u2019ll need to know to use this tool:\u00a0 New features and functionality in PortQry version 2.0<\/a><\/p>\n

While it\u2019s still available, you can download Portqry version 2 from the Microsoft Download Center:
\nhttp:\/\/www.microsoft.com\/downloads\/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en<\/a><\/p>\n

Since I\u2019m writing about a \u201clegacy\u201d tool, I will take the opportunity to remind you that support for Windows XP SP2 was retired on July 13, 2010 and end of support for Windows XP is April 8, 2014<\/a>.\u00a0 If you are still running systems with Windows XP SP2 or Windows Vista SP1 in your environment, you need to install the latest service pack on these systems immediately as they are no longer automatically receiving security updates from Microsoft.<\/p>\n

Tim Rains
\nDirector
\nTrustworthy Computing<\/p>\n

_____________________________________________________________________________________________________________<\/p>\n

<\/div>\n","protected":false},"excerpt":{"rendered":"

This article in our series<\/a> focused on Microsoft’s free security tools is on a tool called Portqry<\/strong>.  This tool is a TCP\/IP connectivity test tool, port scanner, and local port monitor.  Portqry is useful for troubleshooting networking issues as well as verifying network security related configurations.  Because of this broad functionality, I have heard some Information Technology (IT) Professionals refer to this tool as a “Swiss army knife” of tools.<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3663],"topic":[3687],"products":[],"threat-intelligence":[3732],"tags":[],"coauthors":[1954],"class_list":["post-172","post","type-post","status-publish","format-standard","hentry","content-type-research","topic-threat-intelligence","threat-intelligence-influence-operations"],"yoast_head":"\nMicrosoft\u2019s Free Security Tools \u2013 Portqry | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft\u2019s Free Security Tools \u2013 Portqry | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"This article in our series focused on Microsoft’s free security tools is on a tool called Portqry.  This tool is a TCP\/IP connectivity test tool, port scanner, and local port monitor.  Portqry is useful for troubleshooting networking issues as well as verifying network security related configurations.  Because of this broad functionality, I have heard some Information Technology (IT) Professionals refer to this tool as a “Swiss army knife” of tools.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2012-10-01T07:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:06:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Tim Rains\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tim Rains\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/timrains\/\",\"@type\":\"Person\",\"@name\":\"Tim Rains\"}],\"headline\":\"Microsoft\u2019s Free Security Tools \u2013 Portqry\",\"datePublished\":\"2012-10-01T07:00:00+00:00\",\"dateModified\":\"2023-05-16T06:06:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\"},\"wordCount\":987,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\",\"name\":\"Microsoft\u2019s Free Security Tools \u2013 Portqry | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"datePublished\":\"2012-10-01T07:00:00+00:00\",\"dateModified\":\"2023-05-16T06:06:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft\u2019s Free Security Tools \u2013 Portqry\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft\u2019s Free Security Tools \u2013 Portqry | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft\u2019s Free Security Tools \u2013 Portqry | Microsoft Security Blog","og_description":"This article in our series focused on Microsoft’s free security tools is on a tool called Portqry.  This tool is a TCP\/IP connectivity test tool, port scanner, and local port monitor.  Portqry is useful for troubleshooting networking issues as well as verifying network security related configurations.  Because of this broad functionality, I have heard some Information Technology (IT) Professionals refer to this tool as a “Swiss army knife” of tools.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/","og_site_name":"Microsoft Security Blog","article_published_time":"2012-10-01T07:00:00+00:00","article_modified_time":"2023-05-16T06:06:26+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png","type":"image\/png"}],"author":"Tim Rains","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Tim Rains","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/timrains\/","@type":"Person","@name":"Tim Rains"}],"headline":"Microsoft\u2019s Free Security Tools \u2013 Portqry","datePublished":"2012-10-01T07:00:00+00:00","dateModified":"2023-05-16T06:06:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/"},"wordCount":987,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/","name":"Microsoft\u2019s Free Security Tools \u2013 Portqry | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"datePublished":"2012-10-01T07:00:00+00:00","dateModified":"2023-05-16T06:06:26+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/01\/microsofts-free-security-tools-portqry\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft\u2019s Free Security Tools \u2013 Portqry"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/172","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=172"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/172\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=172"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=172"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=172"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=172"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=172"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=172"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=172"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}